Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
File: 05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa (raw, json)
Hash identifier: tSP7uVi3JvbLuud8wp4YkuwemTaofIPIzNaQ8waQIXk=
Subject key identifier: A6:2F:0B:61:04:E5:C2:F6:6E:42:A0:F4:2D:0D:1C:5E:A3:DB:0B:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31F4073FF77CB8755F09988CCC09A1ACFB091678
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
Signing time: Tue 19 May 2026 05:30:11 +0000
ROA not before: Tue 19 May 2026 05:30:11 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8050::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:f4:07:3f:f7:7c:b8:75:5f:09:98:8c:cc:09:a1:ac:fb:09:16:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:11 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=bda9a2e3026712c746657d07c1a6e4d8f06f597d4c8290f21c4973b16db1ad73, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:37:b3:44:77:52:6a:f6:b1:0a:64:5e:14:3f:
f0:d4:b2:ff:56:9a:5d:7e:ca:69:1f:be:66:02:b2:
ca:d9:44:89:fc:e5:73:37:98:df:fb:69:e2:e0:17:
4a:52:70:23:1d:bf:95:82:53:9a:00:0e:46:51:88:
14:df:d9:00:e2:fd:17:43:ab:66:5b:37:03:b2:f6:
ae:c3:29:dd:04:57:06:96:c1:d7:17:f2:60:51:09:
e8:cf:7b:81:62:e5:20:0a:66:be:bc:de:c0:71:e5:
a3:e4:37:cb:89:e2:c9:3f:93:54:c4:e3:2e:62:0b:
c3:a4:48:0d:28:83:de:39:18:9c:38:ed:0d:c7:8f:
6b:d7:29:88:f9:17:cf:61:22:7e:85:f4:37:2b:3d:
19:31:96:65:82:19:31:ad:69:32:2d:e9:5e:3e:fd:
6d:87:57:b3:42:0d:de:30:3f:13:20:9f:41:05:71:
10:a2:b2:f4:be:3c:f1:a4:7e:82:0d:ca:3e:a2:b1:
96:a1:f7:28:fd:47:ec:30:8a:52:c2:8d:a2:34:5a:
c8:b8:c9:4a:21:d1:17:b4:9c:9d:09:1f:8a:41:a4:
5f:be:eb:aa:c9:16:9e:67:a2:8b:93:19:3a:85:eb:
b2:6d:23:62:dd:f6:5f:e3:4a:3c:2b:a5:bd:1c:82:
ad:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2F:0B:61:04:E5:C2:F6:6E:42:A0:F4:2D:0D:1C:5E:A3:DB:0B:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8050::/48
Signature Algorithm: sha256WithRSAEncryption
4f:5b:0b:3b:45:69:87:ee:87:8a:07:23:3c:0b:e9:54:44:d0:
d9:c6:b0:a3:f6:7f:39:23:5b:7c:ea:e0:8b:fb:19:16:ec:f3:
ba:f8:f0:f7:a6:fc:af:15:02:10:51:0e:11:c0:84:57:e5:f0:
8d:f9:7b:6d:b3:21:28:66:77:1e:4e:d3:e8:2e:47:91:89:da:
2c:74:ca:54:6b:56:51:11:ea:b1:99:7a:bf:28:c8:44:95:d4:
24:cf:d9:3d:99:89:ce:9f:2b:36:03:57:82:2f:61:8d:7f:38:
b5:20:eb:de:5f:f4:6c:dc:bd:ee:15:1a:1a:bf:43:22:0b:b6:
56:67:47:ec:90:da:de:47:7f:d6:5a:23:b8:f4:b0:00:5e:96:
25:cd:24:62:3b:8b:09:d6:1b:80:d5:ee:98:27:d2:f7:31:b9:
8b:2c:96:55:09:1e:6e:5e:35:d7:5f:75:59:84:ef:d8:62:85:
5a:0a:17:bd:2c:6f:b5:7c:ef:45:9a:72:40:65:1a:59:45:a5:
74:90:9b:8e:77:3b:04:c6:16:5f:20:6d:0e:f2:95:59:ea:b4:
ce:8d:4a:aa:33:9d:1f:da:37:45:f5:9d:82:19:56:45:1d:00:
40:0b:35:85:5f:54:96:b7:61:07:c0:86:5e:ec:db:78:92:37:
a6:ea:d9:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMfQHP/d8uHVfCZiMzAmhrPsJFngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkYTlhMmUzMDI2NzEyYzc0NjY1N2QwN2MxYTZlNGQ4ZjA2ZjU5N2Q0Yzgy
OTBmMjFjNDk3M2IxNmRiMWFkNzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQ3s0R3Umr2sQpkXhQ/8NSy/1aaXX7KaR++ZgKyytlEifzlczeY3/tp4uAX
SlJwIx2/lYJTmgAORlGIFN/ZAOL9F0OrZls3A7L2rsMp3QRXBpbB1xfyYFEJ6M97
gWLlIApmvrzewHHlo+Q3y4niyT+TVMTjLmILw6RIDSiD3jkYnDjtDcePa9cpiPkX
z2EifoX0Nys9GTGWZYIZMa1pMi3pXj79bYdXs0IN3jA/EyCfQQVxEKKy9L488aR+
gg3KPqKxlqH3KP1H7DCKUsKNojRayLjJSiHRF7ScnQkfikGkX77rqskWnmeii5MZ
OoXrsm0jYt32X+NKPCulvRyCrc8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSmLwth
BOXC9m5CoPQtDRxeo9sL8zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDVmN2FiM2YtY2I3My00OWE2LWFhZGEtNDQwYmY0ZGJmM2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
UDANBgkqhkiG9w0BAQsFAAOCAQEAT1sLO0Vph+6HigcjPAvpVETQ2cawo/Z/OSNb
fOrgi/sZFuzzuvjw96b8rxUCEFEOEcCEV+Xwjfl7bbMhKGZ3Hk7T6C5HkYnaLHTK
VGtWURHqsZl6vyjIRJXUJM/ZPZmJzp8rNgNXgi9hjX84tSDr3l/0bNy97hUaGr9D
Igu2VmdH7JDa3kd/1lojuPSwAF6WJc0kYjuLCdYbgNXumCfS9zG5iyyWVQkebl41
1191WYTv2GKFWgoXvSxvtXzvRZpyQGUaWUWldJCbjnc7BMYWXyBtDvKVWeq0zo1K
qjOdH9o3RfWdghlWRR0AQAs1hV9UlrdhB8CGXuzbeJI3purZxw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:33 2026 by rpki-client