Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76af8472-01ad-4042-b385-078d559d94d0.roa
File: 76af8472-01ad-4042-b385-078d559d94d0.roa (raw, json)
Hash identifier: QuY/XJ6caf+Vuyr+n2mCYbGcwubW0Zkl+5kXGoRAEJA=
Subject key identifier: 83:8C:C8:2C:86:0C:58:63:DC:89:39:6E:C5:C9:F3:12:AA:E4:B4:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E2094AE631120A19C4EDA1DDB175224DF0A6745
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76af8472-01ad-4042-b385-078d559d94d0.roa
Signing time: Mon 27 Apr 2026 00:30:10 +0000
ROA not before: Mon 27 Apr 2026 00:30:10 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:20:94:ae:63:11:20:a1:9c:4e:da:1d:db:17:52:24:df:0a:67:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:30:10 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=a99b4e78d6d99d9e9afd74eb9ddf7aa0b9624c060ad5b1e83fc1793d49d8178d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f0:84:65:b5:bd:db:d3:94:b7:13:70:12:65:
3d:42:02:35:bd:f3:ad:ed:da:97:b6:7a:b1:f3:d3:
5c:19:c8:71:bb:e9:04:94:57:58:04:8c:10:7b:d6:
97:e1:96:1e:ca:2b:cd:ab:7f:63:d3:ca:31:08:d3:
59:1f:c8:7b:1f:86:3d:fc:33:dc:55:73:83:3d:41:
2d:f3:6e:3b:36:81:76:21:e5:d5:fd:fa:00:65:d0:
47:51:ef:fa:25:e9:0e:8c:ee:b6:7a:2a:85:2b:1f:
4d:67:2d:1a:f3:5e:6a:9f:97:a1:be:9c:f7:11:50:
66:0c:2b:17:8f:47:84:8a:4d:e3:a5:40:74:ee:14:
91:b4:a9:fe:81:3c:41:ab:0b:21:9b:b1:05:5f:21:
a6:a2:e4:d4:cc:53:61:f6:8f:b3:dc:96:0a:68:cb:
cf:e6:3e:bb:44:d7:9b:00:25:8e:d5:bc:53:8c:a2:
c5:b4:95:ff:45:ae:22:13:af:98:c0:66:3d:82:df:
81:61:54:f4:0c:0b:47:a7:62:fe:16:fa:74:db:1f:
74:63:30:cb:1f:50:20:a7:b0:df:75:25:68:93:4c:
62:64:a1:f3:85:8b:8f:53:7e:c1:34:09:28:04:e7:
21:15:f2:ee:32:72:56:7d:78:79:4d:6d:08:0d:fe:
8b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8C:C8:2C:86:0C:58:63:DC:89:39:6E:C5:C9:F3:12:AA:E4:B4:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76af8472-01ad-4042-b385-078d559d94d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6040::/46
Signature Algorithm: sha256WithRSAEncryption
15:99:d1:b0:75:a6:8e:74:fd:40:32:a3:9a:f2:c6:e5:dc:b1:
f9:6a:50:39:ab:54:fd:5b:91:8c:02:9a:11:93:68:b9:37:c1:
de:31:1d:f9:b6:b8:a7:4a:61:d7:d7:7d:94:1f:fb:0b:e0:0c:
3a:ab:d1:41:00:65:7d:34:fa:58:88:88:6c:ec:09:1e:26:48:
26:27:a0:45:a3:d4:25:e0:bf:2a:72:28:e0:a4:11:bd:f3:33:
f8:5c:7c:bd:e9:40:07:cb:55:13:41:99:80:99:05:28:23:cf:
a8:e8:bc:0d:5c:d6:25:0a:ab:c8:b3:27:a5:b4:af:56:ad:38:
49:df:13:42:d9:4b:99:d8:69:53:35:7c:b6:4f:df:0f:fa:8c:
00:13:aa:62:07:70:ce:bb:6a:5d:51:cc:8d:10:7d:14:8f:89:
4b:8d:33:1c:9b:93:3f:ab:9b:55:d6:df:03:d7:d4:0b:78:dc:
1c:77:1a:31:a4:17:14:ef:d2:75:5e:3a:f4:ab:c6:54:04:c7:
fd:bd:cf:d5:61:4a:9d:f3:ea:c8:8d:f5:67:1e:75:f6:fc:7f:
60:a5:f0:f3:04:41:86:e4:e0:61:ba:8b:69:c3:1c:38:7b:e1:
ab:93:b8:78:d0:03:6e:a3:97:76:f5:63:e5:60:6e:64:fb:68:
44:94:af:5c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbiCUrmMRIKGcTtod2xdSJN8KZ0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDMwMTBaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5OWI0ZTc4ZDZkOTlkOWU5YWZkNzRlYjlkZGY3YWEwYjk2MjRjMDYwYWQ1
YjFlODNmYzE3OTNkNDlkODE3OGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7whGW1vdvTlLcTcBJlPUICNb3zre3al7Z6sfPTXBnIcbvpBJRXWASMEHvW
l+GWHsorzat/Y9PKMQjTWR/Iex+GPfwz3FVzgz1BLfNuOzaBdiHl1f36AGXQR1Hv
+iXpDozutnoqhSsfTWctGvNeap+Xob6c9xFQZgwrF49HhIpN46VAdO4UkbSp/oE8
QasLIZuxBV8hpqLk1MxTYfaPs9yWCmjLz+Y+u0TXmwAljtW8U4yixbSV/0WuIhOv
mMBmPYLfgWFU9AwLR6di/hb6dNsfdGMwyx9QIKew33UlaJNMYmSh84WLj1N+wTQJ
KATnIRXy7jJyVn14eU1tCA3+i9kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSDjMgs
hgxYY9yJOW7FyfMSquS0UTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhZjg0NzItMDFhZC00MDQyLWIzODUtMDc4ZDU1OWQ5NGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
QDANBgkqhkiG9w0BAQsFAAOCAQEAFZnRsHWmjnT9QDKjmvLG5dyx+WpQOatU/VuR
jAKaEZNouTfB3jEd+ba4p0ph19d9lB/7C+AMOqvRQQBlfTT6WIiIbOwJHiZIJieg
RaPUJeC/KnIo4KQRvfMz+Fx8velAB8tVE0GZgJkFKCPPqOi8DVzWJQqryLMnpbSv
Vq04Sd8TQtlLmdhpUzV8tk/fD/qMABOqYgdwzrtqXVHMjRB9FI+JS40zHJuTP6ub
VdbfA9fUC3jcHHcaMaQXFO/SdV469KvGVATH/b3P1WFKnfPqyI31Zx519vx/YKXw
8wRBhuTgYbqLacMcOHvhq5O4eNADbqOXdvVj5WBuZPtoRJSvXA==
-----END CERTIFICATE-----
Generated at Tue Apr 28 20:47:47 2026 by rpki-client