Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc9ad4aa-ba08-4742-a01e-4ec10dd46ef2.roa
File: fc9ad4aa-ba08-4742-a01e-4ec10dd46ef2.roa (raw, json)
Hash identifier: vePnLORDXxB4A8ajRho4htF+utmkLnjmzpXSmcvg2RU=
Subject key identifier: 63:21:A4:E5:82:DD:8C:34:62:C5:93:FA:BF:2F:FA:FA:D3:69:A9:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5292552F214D9F33C8D7CAF072339576AE67D2A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc9ad4aa-ba08-4742-a01e-4ec10dd46ef2.roa
Signing time: Tue 12 May 2026 17:17:10 +0000
ROA not before: Tue 12 May 2026 17:17:10 +0000
ROA not after: Mon 10 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:92:55:2f:21:4d:9f:33:c8:d7:ca:f0:72:33:95:76:ae:67:d2:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 17:17:10 2026 GMT
Not After : Aug 10 23:59:59 2026 GMT
Subject: serialNumber=69af4fa57060094f90f1b871a7403ea3b4e3e517505dd580e51642ca75a64cd4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:71:80:4f:bd:b6:f1:fb:3b:c8:35:8f:03:85:
6b:8f:c2:d3:e5:32:1c:08:e2:83:1b:b2:08:8c:b9:
47:d6:d2:2d:bc:80:8c:10:85:e6:c7:0e:79:36:d1:
a3:34:8d:55:0c:c2:ae:61:ea:36:ea:b2:19:c4:89:
f9:51:24:0b:0d:e0:f6:33:96:9f:c2:a2:b9:57:90:
84:0e:e6:38:62:d4:3f:97:88:1a:30:1d:b3:55:95:
84:e5:10:0b:15:65:82:d4:88:5b:1c:6a:0f:e1:7a:
4a:6c:24:92:c3:dd:e1:48:45:d3:dd:5c:d6:22:bd:
cc:f6:e8:a8:60:16:37:ba:35:e6:53:cb:39:06:84:
8a:b0:e3:2f:ce:a5:58:03:f7:fa:b9:01:e0:09:db:
8c:46:79:f3:9a:4b:7e:e6:6b:7a:01:b9:11:03:89:
4b:ec:e5:0b:4d:d1:d1:8b:54:a7:68:62:b4:95:16:
2e:be:9a:b3:88:c0:34:d4:7a:21:6b:6b:34:ff:63:
ea:07:28:4d:84:f6:31:06:9e:ee:88:1f:b5:d2:60:
9a:c3:d7:da:1d:f7:54:38:8a:e9:5f:60:eb:08:1b:
da:2f:78:26:e1:d0:e8:54:7a:aa:3c:c2:21:84:3d:
ad:d1:02:14:c0:94:a1:77:ce:ad:53:ea:82:bb:4e:
d4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:21:A4:E5:82:DD:8C:34:62:C5:93:FA:BF:2F:FA:FA:D3:69:A9:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc9ad4aa-ba08-4742-a01e-4ec10dd46ef2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/48
Signature Algorithm: sha256WithRSAEncryption
72:43:27:56:82:ce:d9:e4:f8:b9:61:93:b1:c2:11:37:2a:15:
00:1b:55:5d:dc:e0:dc:7e:d2:53:b8:f8:98:15:a2:6a:7e:a4:
60:0f:3f:f9:47:ef:25:1f:b7:16:77:73:ed:9f:b2:e3:7f:27:
56:55:45:86:27:37:6c:1a:0c:a7:72:6e:a0:c3:ab:47:20:e1:
81:e1:55:56:52:f0:aa:0e:22:dc:7f:05:0c:4c:06:28:c1:3d:
dd:a1:5f:42:c3:f2:cb:d3:30:a4:e4:6c:4e:bf:a1:73:97:71:
39:85:11:6f:ee:cc:66:52:e8:ae:be:40:b8:9d:74:f6:72:08:
c7:de:9d:1c:9d:a8:5b:24:f2:ad:28:26:14:2a:a2:08:35:00:
8a:37:08:2d:fd:68:63:b3:7b:c2:13:9d:62:37:80:98:b4:24:
0c:f1:3f:78:89:15:d3:57:e4:6c:f0:35:17:72:b1:a4:17:a0:
e0:f8:94:a8:44:75:5d:4c:06:2e:6d:b5:15:cd:d7:49:66:b4:
f4:3b:06:1f:47:73:a6:73:57:33:52:55:51:32:2b:56:8d:98:
4e:0d:12:f1:13:21:e9:b6:de:48:6c:4d:40:0a:1d:e0:d0:9a:
3d:c2:fa:7d:0a:53:81:ae:c4:5e:f4:1e:58:b3:7b:3a:b9:d1:
9a:0f:94:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUpJVLyFNnzPI18rwcjOVdq5n0qAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTIxNzE3MTBaFw0yNjA4MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5YWY0ZmE1NzA2MDA5NGY5MGYxYjg3MWE3NDAzZWEzYjRlM2U1MTc1MDVk
ZDU4MGU1MTY0MmNhNzVhNjRjZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJBxgE+9tvH7O8g1jwOFa4/C0+UyHAjigxuyCIy5R9bSLbyAjBCF5scOeTbR
ozSNVQzCrmHqNuqyGcSJ+VEkCw3g9jOWn8KiuVeQhA7mOGLUP5eIGjAds1WVhOUQ
CxVlgtSIWxxqD+F6SmwkksPd4UhF091c1iK9zPboqGAWN7o15lPLOQaEirDjL86l
WAP3+rkB4AnbjEZ585pLfuZregG5EQOJS+zlC03R0YtUp2hitJUWLr6as4jANNR6
IWtrNP9j6gcoTYT2MQae7ogftdJgmsPX2h33VDiK6V9g6wgb2i94JuHQ6FR6qjzC
IYQ9rdECFMCUoXfOrVPqgrtO1JsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRjIaTl
gt2MNGLFk/q/L/r602mpeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM5YWQ0YWEtYmEwOC00NzQyLWEwMWUtNGVjMTBkZDQ2ZWYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HbA
ADANBgkqhkiG9w0BAQsFAAOCAQEAckMnVoLO2eT4uWGTscIRNyoVABtVXdzg3H7S
U7j4mBWian6kYA8/+UfvJR+3Fndz7Z+y438nVlVFhic3bBoMp3JuoMOrRyDhgeFV
VlLwqg4i3H8FDEwGKME93aFfQsPyy9MwpORsTr+hc5dxOYURb+7MZlLorr5AuJ10
9nIIx96dHJ2oWyTyrSgmFCqiCDUAijcILf1oY7N7whOdYjeAmLQkDPE/eIkV01fk
bPA1F3KxpBeg4PiUqER1XUwGLm21Fc3XSWa09DsGH0dzpnNXM1JVUTIrVo2YTg0S
8RMh6bbeSGxNQAod4NCaPcL6fQpTga7EXvQeWLN7OrnRmg+Uzw==
-----END CERTIFICATE-----
Generated at Wed May 13 00:35:03 2026 by rpki-client