Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
File: 6ddb8169-a0ba-4989-b488-a344085c56c9.roa (raw, json)
Hash identifier: PS+0DXYPkjcttrug3/EIo3zTXpO66pUQ++8rkDz7D/U=
Subject key identifier: B6:6C:1A:42:09:2C:FC:AD:9D:85:5D:50:FA:3D:B9:00:0C:33:70:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 372859F96BC3A118F61D269054BB1D6D56ABDB5F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
Signing time: Tue 19 May 2026 05:10:03 +0000
ROA not before: Tue 19 May 2026 05:10:03 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:28:59:f9:6b:c3:a1:18:f6:1d:26:90:54:bb:1d:6d:56:ab:db:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:03 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=252ea4ccda209f69a1522a750ac9fa468ab203ab1939068e83fde3d222e950ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c2:da:5a:11:a9:6a:85:ac:98:8a:55:66:8e:
27:d0:48:99:e5:a1:6d:cb:c8:c6:d5:26:bf:44:ff:
22:52:d6:6f:af:fa:a9:86:8c:c8:3e:24:21:9d:42:
72:37:d4:19:aa:3d:e4:ee:8d:7c:b3:07:1b:7d:d1:
ad:50:db:19:38:42:4f:08:99:84:6f:f6:c1:55:59:
0c:74:4b:bd:4a:09:15:64:8b:1d:bd:3c:e8:c2:d4:
21:ce:b5:e9:ca:b4:dc:7a:da:57:e7:c0:5e:be:0b:
68:94:c2:1f:fe:d0:e5:eb:1a:e4:54:d6:70:7c:40:
64:0a:c1:3e:c1:8b:c1:c7:1a:a2:c7:8e:4e:a5:c1:
1b:d4:62:29:b1:5b:38:58:4d:24:ca:3d:24:33:4a:
8d:2f:d4:0b:33:28:1a:a2:aa:5e:e0:d0:44:af:77:
c8:ac:d0:cb:c1:b1:35:1f:4b:2f:70:31:46:3c:65:
c7:a9:d5:73:f4:45:3a:7b:21:09:cf:7a:6e:66:03:
a7:9a:46:0f:63:a5:13:79:a7:2f:18:41:1e:7c:20:
53:9f:96:c9:2c:e5:d0:ca:74:f6:0d:16:35:ce:96:
a8:97:ab:97:97:38:f0:e8:dd:3c:8a:6e:af:5b:bf:
1d:22:8b:95:46:39:7f:35:27:4d:1a:71:e3:15:3a:
2e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6C:1A:42:09:2C:FC:AD:9D:85:5D:50:FA:3D:B9:00:0C:33:70:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:c000::/40
Signature Algorithm: sha256WithRSAEncryption
69:22:86:87:f7:fb:b3:f4:5b:9f:fd:29:38:9f:50:d0:7e:04:
49:ac:a0:c9:74:8b:b9:c1:24:dd:65:78:fc:56:4c:37:07:5c:
93:11:32:08:d4:25:82:fc:b8:a3:50:12:4c:a1:c0:5a:ac:20:
59:48:75:23:2d:07:39:ab:a0:93:1f:36:26:fc:c8:38:65:3d:
e0:9a:9f:6a:2c:d2:7c:1e:a6:fe:3c:89:d2:7c:95:18:4f:09:
47:ba:0e:ba:f2:c1:04:fd:c1:73:e3:4f:b5:dc:4e:63:a8:ad:
3c:c8:e5:e2:d7:b3:b2:0b:b5:20:b3:67:0b:22:2a:b9:d8:07:
1f:37:f4:73:09:bf:2a:ca:39:0c:a1:97:c0:10:34:7e:d6:bf:
a8:46:37:89:ad:6d:fe:93:db:f2:84:66:c3:50:71:2e:2f:f7:
a9:60:a7:41:76:b4:0f:10:9b:ee:29:42:42:92:b6:e4:4a:6b:
bc:b5:9d:c6:b5:36:ff:2a:31:c1:1f:7f:1b:01:f9:3e:fc:b3:
d1:2b:89:9b:c6:5f:99:94:e5:71:d9:62:ee:d9:4f:06:ac:98:
ea:2a:c0:ca:91:44:5a:35:68:aa:f7:66:73:bc:35:e5:33:54:
ab:c7:cb:8d:14:f0:19:86:bc:f0:8a:4f:f6:18:f6:d5:b9:e7:
3d:3b:84:4a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNyhZ+WvDoRj2HSaQVLsdbVar218wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1MmVhNGNjZGEyMDlmNjlhMTUyMmE3NTBhYzlmYTQ2OGFiMjAzYWIxOTM5
MDY4ZTgzZmRlM2QyMjJlOTUwZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrC2loRqWqFrJiKVWaOJ9BImeWhbcvIxtUmv0T/IlLWb6/6qYaMyD4kIZ1C
cjfUGao95O6NfLMHG33RrVDbGThCTwiZhG/2wVVZDHRLvUoJFWSLHb086MLUIc61
6cq03HraV+fAXr4LaJTCH/7Q5esa5FTWcHxAZArBPsGLwccaoseOTqXBG9RiKbFb
OFhNJMo9JDNKjS/UCzMoGqKqXuDQRK93yKzQy8GxNR9LL3AxRjxlx6nVc/RFOnsh
Cc96bmYDp5pGD2OlE3mnLxhBHnwgU5+WySzl0Mp09g0WNc6WqJerl5c48OjdPIpu
r1u/HSKLlUY5fzUnTRpx4xU6LkkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS2bBpC
CSz8rZ2FXVD6PbkADDNwtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmRkYjgxNjktYTBiYS00OTg5LWI0ODgtYTM0NDA4NWM1NmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHA
MA0GCSqGSIb3DQEBCwUAA4IBAQBpIoaH9/uz9Fuf/Sk4n1DQfgRJrKDJdIu5wSTd
ZXj8Vkw3B1yTETII1CWC/LijUBJMocBarCBZSHUjLQc5q6CTHzYm/Mg4ZT3gmp9q
LNJ8Hqb+PInSfJUYTwlHug668sEE/cFz40+13E5jqK08yOXi17OyC7Ugs2cLIiq5
2AcfN/RzCb8qyjkMoZfAEDR+1r+oRjeJrW3+k9vyhGbDUHEuL/epYKdBdrQPEJvu
KUJCkrbkSmu8tZ3GtTb/KjHBH38bAfk+/LPRK4mbxl+ZlOVx2WLu2U8GrJjqKsDK
kURaNWiq92ZzvDXlM1Srx8uNFPAZhrzwik/2GPbVuec9O4RK
-----END CERTIFICATE-----
Generated at Mon Jun 1 15:10:05 2026 by rpki-client