Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b364a7a-ce23-4814-8bfa-1c23242a73e8.roa
File: 6b364a7a-ce23-4814-8bfa-1c23242a73e8.roa (raw, json)
Hash identifier: 11VFFmrSfztDykAgGd+yivsk2MKjwAjWRPci83UEUbE=
Subject key identifier: 74:31:FF:DE:91:F7:E7:E9:0C:E5:62:C2:77:CA:15:E6:31:22:64:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20659BA31A6B688E73C7C873FD65DA0013C54933
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b364a7a-ce23-4814-8bfa-1c23242a73e8.roa
Signing time: Sat 02 May 2026 01:30:23 +0000
ROA not before: Sat 02 May 2026 01:30:23 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:65:9b:a3:1a:6b:68:8e:73:c7:c8:73:fd:65:da:00:13:c5:49:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:23 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=7f35ce7ce32b78194200a35bc75acd3a4ce53ed797ad39d1ffb021a1f0ce077d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e8:47:4a:11:8b:86:b7:17:8b:ce:69:55:f5:
4d:37:e7:f7:2c:d0:80:9e:c9:19:16:31:81:25:1c:
d3:53:8a:95:fc:b6:9f:04:43:26:10:53:dc:38:03:
96:21:e6:f9:a3:16:97:d9:de:9c:12:af:f6:1e:9c:
c8:06:5b:cc:9d:ab:98:d9:fb:a2:34:ff:76:74:3a:
e5:74:25:ad:c7:22:da:9e:3d:f7:d9:24:01:80:bf:
64:56:74:cf:4e:77:19:1d:1e:d4:3e:65:96:29:59:
41:82:1c:ce:19:70:83:1e:f9:2a:d5:78:5d:c1:b1:
77:59:fb:b8:39:ae:7a:28:f8:6a:ed:03:15:8d:fa:
3d:2a:31:84:00:06:49:76:c9:da:23:19:d7:dd:29:
05:9a:77:0c:d8:a8:be:c6:97:e4:7a:bf:76:e2:40:
63:ae:44:e9:5b:78:06:65:f6:a5:1d:17:47:3f:fc:
b9:d7:7b:5e:bc:4b:f9:46:bd:d6:b0:01:07:a1:96:
4c:18:fc:be:67:89:00:b7:15:0b:be:8b:b7:81:36:
75:56:b1:23:95:82:76:96:3a:30:09:a1:7e:62:b8:
4c:7a:3c:32:67:45:6e:6f:00:5c:89:0b:b4:a7:73:
5f:1b:61:7b:37:23:88:8e:7e:08:f0:04:0c:1f:74:
81:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:31:FF:DE:91:F7:E7:E9:0C:E5:62:C2:77:CA:15:E6:31:22:64:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b364a7a-ce23-4814-8bfa-1c23242a73e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:8020::/48
Signature Algorithm: sha256WithRSAEncryption
65:d6:18:cc:92:5b:b6:8d:35:97:6f:21:11:71:eb:cf:be:86:
93:b0:39:0f:34:4a:74:75:cc:a4:c0:de:be:5f:cf:98:9a:08:
cf:1b:36:21:0e:de:07:1f:13:5a:7d:5d:27:c1:3d:37:4c:41:
3c:4a:ac:77:eb:ce:0a:4f:44:fb:b1:ad:3f:6e:83:58:98:54:
32:90:f2:19:3d:cd:01:8b:81:a6:af:9c:8b:4c:54:e4:c0:65:
73:b4:a9:25:33:cf:ba:61:25:e0:cd:ba:bd:3d:5b:e0:fc:6c:
08:0e:97:4a:57:7a:ce:7f:55:98:72:60:1c:dc:e2:e4:d2:28:
a1:19:c4:7c:8e:3d:6a:6e:44:67:16:ec:54:6f:c4:e8:63:dd:
d4:29:61:3f:e8:55:69:a1:42:1e:dc:38:9f:9f:32:76:22:3a:
18:a3:b1:e6:73:58:a9:63:21:6b:1b:67:06:a3:f4:be:b0:33:
b9:1e:c6:8b:6a:5c:94:cc:10:4e:f1:fb:73:a4:23:4b:e2:76:
cd:0b:e2:ca:78:6b:8c:bd:69:08:fb:2b:6c:3a:82:a3:da:a4:
d2:c5:cd:2b:07:bf:36:1f:a2:76:cc:bc:17:38:85:b0:ac:b6:
1e:5c:3f:c1:f7:eb:a6:78:f8:e4:16:34:8f:e5:8c:17:21:93:
4f:88:75:ce
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIGWboxpraI5zx8hz/WXaABPFSTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMjNaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMzVjZTdjZTMyYjc4MTk0MjAwYTM1YmM3NWFjZDNhNGNlNTNlZDc5N2Fk
MzlkMWZmYjAyMWExZjBjZTA3N2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPoR0oRi4a3F4vOaVX1TTfn9yzQgJ7JGRYxgSUc01OKlfy2nwRDJhBT3DgD
liHm+aMWl9nenBKv9h6cyAZbzJ2rmNn7ojT/dnQ65XQlrcci2p4999kkAYC/ZFZ0
z053GR0e1D5llilZQYIczhlwgx75KtV4XcGxd1n7uDmueij4au0DFY36PSoxhAAG
SXbJ2iMZ190pBZp3DNiovsaX5Hq/duJAY65E6Vt4BmX2pR0XRz/8udd7XrxL+Ua9
1rABB6GWTBj8vmeJALcVC76Lt4E2dVaxI5WCdpY6MAmhfmK4THo8MmdFbm8AXIkL
tKdzXxthezcjiI5+CPAEDB90gaMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0Mf/e
kffn6QzlYsJ3yhXmMSJk3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmIzNjRhN2EtY2UyMy00ODE0LThiZmEtMWMyMzI0MmE3M2U4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GqA
IDANBgkqhkiG9w0BAQsFAAOCAQEAZdYYzJJbto01l28hEXHrz76Gk7A5DzRKdHXM
pMDevl/PmJoIzxs2IQ7eBx8TWn1dJ8E9N0xBPEqsd+vOCk9E+7GtP26DWJhUMpDy
GT3NAYuBpq+ci0xU5MBlc7SpJTPPumEl4M26vT1b4PxsCA6XSld6zn9VmHJgHNzi
5NIooRnEfI49am5EZxbsVG/E6GPd1ClhP+hVaaFCHtw4n58ydiI6GKOx5nNYqWMh
axtnBqP0vrAzuR7Gi2pclMwQTvH7c6QjS+J2zQviynhrjL1pCPsrbDqCo9qk0sXN
Kwe/Nh+idsy8FziFsKy2Hlw/wffrpnj45BY0j+WMFyGTT4h1zg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:32:42 2026 by rpki-client