Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0849241f-abaf-4c57-aadb-d881485a0aac.roa
File: 0849241f-abaf-4c57-aadb-d881485a0aac.roa (raw, json)
Hash identifier: tZs6/bCXf6NYTTU+myZIuDZfOD8Mr+IQOmsnWhQGR0Q=
Subject key identifier: 4A:AF:A1:1B:3E:C0:F4:FC:53:BC:50:D5:0F:64:19:04:A3:77:77:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77971E40970762059CA0FDF8D01BC9D2DE0DBA86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0849241f-abaf-4c57-aadb-d881485a0aac.roa
Signing time: Tue 19 May 2026 04:50:37 +0000
ROA not before: Tue 19 May 2026 04:50:37 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:97:1e:40:97:07:62:05:9c:a0:fd:f8:d0:1b:c9:d2:de:0d:ba:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:37 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=cc32a71211459b5130539abf966b11d1f30160b92aff0bf29c2712ce12cf1178, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0a:3c:8d:7e:ee:4a:4d:f0:ce:8a:da:ae:f3:
da:18:70:1c:a7:43:b7:ef:6f:f8:6a:0a:fb:fb:cc:
e1:b3:24:8c:f8:2d:83:4a:2e:11:93:38:d1:d2:5a:
9b:2e:9a:52:2a:c9:cf:ce:a0:3b:20:5d:2d:39:db:
33:9e:8c:83:b6:62:39:a0:77:e9:2b:7a:5a:66:42:
18:90:da:15:16:c2:c7:12:3b:40:40:3c:07:a2:9e:
cd:a0:83:47:ea:2c:52:32:2d:f3:46:22:dc:fe:2d:
1f:c8:11:48:0b:f8:68:aa:b2:2a:8c:fb:52:0f:96:
8c:84:0b:b9:c2:88:b1:74:36:0f:20:e0:4a:ec:b1:
74:ca:61:99:f0:24:87:7f:b7:f9:9a:0a:fc:eb:45:
ec:0e:9d:b6:e8:cb:8b:80:0e:06:60:d9:75:7a:bd:
2f:fa:2f:34:6f:a0:97:db:08:47:cd:9f:bc:12:55:
18:a8:ed:73:15:8f:58:c9:1d:ae:a2:dc:c8:9d:23:
8d:27:dc:93:18:06:ba:05:56:a2:7d:ee:1d:ef:35:
18:d1:07:e1:bc:3f:52:9e:68:64:85:4a:46:ce:45:
33:4f:12:bf:d1:42:42:0e:42:64:d8:83:24:7d:af:
be:6d:b2:b5:12:c1:5e:e5:e1:36:25:9c:63:34:af:
4e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AF:A1:1B:3E:C0:F4:FC:53:BC:50:D5:0F:64:19:04:A3:77:77:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0849241f-abaf-4c57-aadb-d881485a0aac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/38
Signature Algorithm: sha256WithRSAEncryption
9c:73:3e:11:f5:f7:77:ff:7d:3a:d9:06:96:fc:b0:2c:91:f2:
4c:6a:08:d4:a4:7a:70:51:7f:d5:e3:b5:fe:83:75:52:83:a6:
97:51:d0:43:79:52:d6:b7:ea:0b:47:e3:7e:11:7f:46:73:37:
6d:98:6c:d5:1b:c7:39:ea:e2:c6:e5:25:6d:1b:5a:cc:74:b4:
14:b6:55:a2:3e:9b:36:19:fd:f2:c5:10:cd:8b:ff:84:de:58:
ec:ef:d5:eb:ef:97:5c:ac:56:8a:25:49:55:e1:35:25:d2:fd:
ca:2a:58:05:9e:7c:d9:40:a9:37:45:fe:d7:11:4d:9f:12:53:
d4:87:d1:30:fa:1b:7a:ed:c2:74:62:ef:51:ad:01:9a:b6:10:
f4:1a:fe:8b:b8:74:3d:a9:d9:47:a9:5d:97:4a:90:02:13:66:
63:b9:dc:b5:53:c4:34:f0:2e:58:b5:f0:cd:20:15:53:bb:3f:
dc:4e:d9:64:d7:12:75:f2:70:04:df:82:d6:06:61:24:cf:54:
cf:06:94:cf:d7:52:47:b8:99:1b:76:26:1d:e4:8c:56:d8:9d:
82:e2:54:95:54:1e:d7:84:77:63:ea:64:67:7c:0c:58:6f:d3:
61:50:ac:a8:cf:8d:7a:ab:d9:18:d5:b4:52:20:32:c5:58:6a:
63:da:77:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd5ceQJcHYgWcoP340BvJ0t4NuoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMzdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjMzJhNzEyMTE0NTliNTEzMDUzOWFiZjk2NmIxMWQxZjMwMTYwYjkyYWZm
MGJmMjljMjcxMmNlMTJjZjExNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkKPI1+7kpN8M6K2q7z2hhwHKdDt+9v+GoK+/vM4bMkjPgtg0ouEZM40dJa
my6aUirJz86gOyBdLTnbM56Mg7ZiOaB36St6WmZCGJDaFRbCxxI7QEA8B6KezaCD
R+osUjIt80Yi3P4tH8gRSAv4aKqyKoz7Ug+WjIQLucKIsXQ2DyDgSuyxdMphmfAk
h3+3+ZoK/OtF7A6dtujLi4AOBmDZdXq9L/ovNG+gl9sIR82fvBJVGKjtcxWPWMkd
rqLcyJ0jjSfckxgGugVWon3uHe81GNEH4bw/Up5oZIVKRs5FM08Sv9FCQg5CZNiD
JH2vvm2ytRLBXuXhNiWcYzSvTpsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRKr6Eb
PsD0/FO8UNUPZBkEo3d3XzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDg0OTI0MWYtYWJhZi00YzU3LWFhZGItZDg4MTQ4NWEwYWFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQCccz4R9fd3/3062QaW/LAskfJMagjUpHpwUX/V
47X+g3VSg6aXUdBDeVLWt+oLR+N+EX9GczdtmGzVG8c56uLG5SVtG1rMdLQUtlWi
Pps2Gf3yxRDNi/+E3ljs79Xr75dcrFaKJUlV4TUl0v3KKlgFnnzZQKk3Rf7XEU2f
ElPUh9Ew+ht67cJ0Yu9RrQGathD0Gv6LuHQ9qdlHqV2XSpACE2Zjudy1U8Q08C5Y
tfDNIBVTuz/cTtlk1xJ18nAE34LWBmEkz1TPBpTP11JHuJkbdiYd5IxW2J2C4lSV
VB7XhHdj6mRnfAxYb9NhUKyoz416q9kY1bRSIDLFWGpj2neO
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:14 2026 by rpki-client