Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
File: 9a732efb-e23f-49a4-ad51-1a43431e07c9.roa (raw, json)
Hash identifier: SgfZrAkp7dbFFKmbgYQReyPIPP7MnjC+FQ53o2ATlqE=
Subject key identifier: 69:3C:5C:F6:A2:25:F2:8A:61:20:86:07:9D:DD:75:A8:1E:67:E3:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FE99B201887094AD5E0EB6540AFFADABA9BA3A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
Signing time: Tue 19 May 2026 05:40:49 +0000
ROA not before: Tue 19 May 2026 05:40:49 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jun 2026 11:09:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:e9:9b:20:18:87:09:4a:d5:e0:eb:65:40:af:fa:da:ba:9b:a3:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:49 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=9bd53784b9bdba1c4c475e90af61c553e9ad0837de362e50c28d1ba6ed0a111c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d6:b5:6c:2d:58:42:5b:f8:c3:68:a7:0a:5f:
d1:fa:f9:a6:71:bf:23:c0:42:e9:2e:c3:24:99:b8:
8e:8d:9f:bc:9c:8c:0b:ce:f2:08:f0:7f:a2:ef:7b:
5d:0f:ff:41:1e:23:2e:be:52:f0:be:90:e1:66:7c:
f2:24:5e:41:ef:86:dd:48:35:47:d8:d0:fc:cf:76:
a6:4c:8c:87:40:97:45:14:de:77:42:e3:ff:56:a8:
d1:c7:fa:e5:a5:6d:75:c7:ff:50:df:09:17:9a:23:
40:e0:23:0b:4c:f3:4d:01:43:83:7f:14:19:04:10:
95:22:a8:ef:f5:6e:68:32:dc:d5:31:7a:8d:e3:01:
37:82:70:06:eb:05:6c:19:62:08:43:ec:79:ed:2b:
38:1f:d0:19:50:42:22:d0:f4:e1:6c:28:05:b5:d6:
31:e2:8b:50:59:f1:78:7b:a9:4e:7c:94:00:d7:81:
86:52:7e:12:33:68:c4:55:26:c8:74:b1:a7:eb:c9:
dc:dc:05:23:d9:84:1b:44:c6:8e:3e:48:f5:d8:9a:
6f:15:ce:9b:c6:b2:16:08:14:25:41:7b:21:54:0c:
af:f1:b8:04:08:c3:fe:47:b7:67:b5:30:dc:1e:5e:
2f:03:8e:94:50:60:29:f5:bf:1a:b6:32:44:e6:c7:
cc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3C:5C:F6:A2:25:F2:8A:61:20:86:07:9D:DD:75:A8:1E:67:E3:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:9000::/40
Signature Algorithm: sha256WithRSAEncryption
91:27:1f:68:e6:ee:cf:69:ad:83:96:b1:6f:2d:4a:19:91:83:
df:c4:35:58:37:c5:2f:dd:16:b9:80:af:8d:6a:c6:34:f3:18:
e9:89:e0:ab:46:54:fe:9c:44:74:04:39:3a:9f:a3:77:2f:99:
49:65:1f:5d:3a:03:bc:35:c1:56:dd:c6:e4:8a:41:91:10:6e:
7f:5d:08:3d:06:9e:6f:33:e7:54:45:f8:91:59:60:75:71:5c:
ed:c5:0b:f7:bc:60:31:9e:b7:76:99:ca:3c:57:19:3e:a3:15:
af:02:c3:c7:f5:bf:ae:51:fe:c5:83:0e:8d:d6:39:64:65:fa:
0f:6d:d6:58:13:bf:ed:c8:ac:e4:23:59:fe:2a:f1:c0:a3:01:
14:93:11:c4:c1:9a:70:2e:67:8a:94:58:52:42:0b:fd:ab:ef:
4c:34:5a:12:4c:c0:80:c5:0b:25:cb:b7:94:94:f6:c1:fe:79:
69:07:bb:24:38:43:27:14:5e:45:0f:8e:1d:3a:4c:d9:37:da:
08:27:f0:7d:be:38:32:aa:fe:84:f6:d8:d2:20:12:21:de:c5:
e7:04:43:e3:1a:12:f6:dd:ac:9e:19:99:f1:f2:b4:18:65:c5:
3e:16:99:4a:67:53:3b:0f:81:66:20:76:e7:5a:b4:dd:cf:90:
c6:0f:84:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf+mbIBiHCUrV4OtlQK/62rqbo6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDliZDUzNzg0YjliZGJhMWM0YzQ3NWU5MGFmNjFjNTUzZTlhZDA4MzdkZTM2
MmU1MGMyOGQxYmE2ZWQwYTExMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrWtWwtWEJb+MNopwpf0fr5pnG/I8BC6S7DJJm4jo2fvJyMC87yCPB/ou97
XQ//QR4jLr5S8L6Q4WZ88iReQe+G3Ug1R9jQ/M92pkyMh0CXRRTed0Lj/1ao0cf6
5aVtdcf/UN8JF5ojQOAjC0zzTQFDg38UGQQQlSKo7/VuaDLc1TF6jeMBN4JwBusF
bBliCEPsee0rOB/QGVBCItD04WwoBbXWMeKLUFnxeHupTnyUANeBhlJ+EjNoxFUm
yHSxp+vJ3NwFI9mEG0TGjj5I9diabxXOm8ayFggUJUF7IVQMr/G4BAjD/ke3Z7Uw
3B5eLwOOlFBgKfW/GrYyRObHzJECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRpPFz2
oiXyimEghged3XWoHmfj3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE3MzJlZmItZTIzZi00OWE0LWFkNTEtMWE0MzQzMWUwN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCRJx9o5u7Paa2DlrFvLUoZkYPfxDVYN8Uv3Ra5
gK+NasY08xjpieCrRlT+nER0BDk6n6N3L5lJZR9dOgO8NcFW3cbkikGREG5/XQg9
Bp5vM+dURfiRWWB1cVztxQv3vGAxnrd2mco8Vxk+oxWvAsPH9b+uUf7Fgw6N1jlk
ZfoPbdZYE7/tyKzkI1n+KvHAowEUkxHEwZpwLmeKlFhSQgv9q+9MNFoSTMCAxQsl
y7eUlPbB/nlpB7skOEMnFF5FD44dOkzZN9oIJ/B9vjgyqv6E9tjSIBIh3sXnBEPj
GhL23ayeGZnx8rQYZcU+FplKZ1M7D4FmIHbnWrTdz5DGD4RQ
-----END CERTIFICATE-----
Generated at Sun May 31 20:32:37 2026 by rpki-client