Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
File: 27140a0d-612c-4da4-a60a-55c28faff6fe.roa (raw, json)
Hash identifier: PXbDIvAtDD46zwXJfSdTWEUJmpy1zqwkjLSxeahDEKM=
Subject key identifier: 7A:41:1D:79:CC:0D:37:1B:EE:73:D7:32:60:88:4B:3C:34:86:E8:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5280BF49DC14E4BEB79503825007853C89A116E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
Signing time: Tue 19 May 2026 04:40:55 +0000
ROA not before: Tue 19 May 2026 04:40:55 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:80:bf:49:dc:14:e4:be:b7:95:03:82:50:07:85:3c:89:a1:16:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:55 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=09b011fd9f0371a50b651a47cc2c0fd50a7ac9410eb011642208f1c8e17808a2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:68:1e:84:b8:95:7e:68:65:f1:bd:21:81:40:
19:c2:9e:0d:45:d7:bb:9c:77:48:dd:5c:91:26:82:
e4:9d:76:92:c0:13:b7:d7:4c:88:43:90:64:63:28:
e7:a9:e0:5b:87:fb:39:3d:e4:be:ac:91:72:c8:65:
81:64:cd:95:65:1c:61:34:c4:63:1f:53:5f:27:99:
0b:e4:bb:d1:98:95:e9:b7:1d:d0:31:4b:23:54:3e:
e6:e1:20:3c:b7:71:3f:5b:97:90:77:4f:a3:37:57:
ea:90:ac:16:87:4a:f7:58:e7:9c:d3:9c:d0:89:31:
92:35:49:40:b3:01:1b:50:2e:04:5c:d0:86:73:d4:
37:6c:e4:8c:6a:6b:a1:16:73:f9:86:21:65:74:7b:
f1:0f:f6:20:b1:0c:20:91:aa:42:82:9f:d3:57:dd:
b8:de:d0:da:a3:13:67:c1:c8:94:fc:77:33:22:60:
74:80:93:38:89:fc:52:84:1f:87:5b:e5:a0:1e:1a:
02:d3:fa:0f:b0:fa:ba:d5:37:e8:cc:00:d2:c1:e1:
ac:48:0e:08:e5:db:ab:8a:84:e3:dc:21:f0:35:42:
76:0d:23:dd:c3:0c:d1:45:55:95:47:52:ab:73:7a:
c0:0f:0b:cd:07:37:78:ae:fd:84:9d:74:8b:0b:85:
e2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:41:1D:79:CC:0D:37:1B:EE:73:D7:32:60:88:4B:3C:34:86:E8:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:f3:e7:57:23:74:86:e5:a4:b0:3d:ed:ef:17:fa:06:dd:51:
04:ce:eb:ff:75:88:54:d1:c0:37:f2:5e:0c:be:c0:8c:be:2e:
e8:f7:be:f8:e1:23:d0:df:dc:05:8e:74:03:1a:1c:cb:09:75:
88:12:95:0f:5d:c8:ee:23:8a:75:44:08:8a:3d:bb:10:2c:5e:
cc:ec:ef:4f:ad:00:ba:99:2f:7a:c6:8e:54:60:08:17:c7:3b:
09:93:02:d1:3a:90:71:63:46:71:ea:48:b0:85:43:37:a9:42:
14:63:f1:b5:72:ba:13:84:58:ec:9d:db:f2:89:a9:ac:a2:37:
74:7b:4b:21:e5:14:de:65:67:0c:3b:24:cc:ac:6e:4f:ac:e5:
90:28:70:33:ae:a7:e5:78:e6:4a:22:36:a3:27:f7:10:f2:4e:
b7:9d:af:a9:88:d0:68:e2:13:24:e4:86:d4:2e:ec:b6:0f:a6:
01:4f:4f:23:ef:ea:90:82:af:e3:d9:92:d6:c5:4a:ec:0f:0b:
20:1c:77:c6:d3:39:10:40:e4:68:3b:d0:a0:37:a2:b3:17:27:
b2:8f:99:6d:a6:b1:b3:db:98:e1:49:56:c2:a6:d0:2d:46:dc:
54:a6:c2:48:cc:c7:ba:54:d7:d9:52:4c:9e:7d:07:85:23:b4:
e1:83:02:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUoC/SdwU5L63lQOCUAeFPImhFuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNTVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5YjAxMWZkOWYwMzcxYTUwYjY1MWE0N2NjMmMwZmQ1MGE3YWM5NDEwZWIw
MTE2NDIyMDhmMWM4ZTE3ODA4YTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNoHoS4lX5oZfG9IYFAGcKeDUXXu5x3SN1ckSaC5J12ksATt9dMiEOQZGMo
56ngW4f7OT3kvqyRcshlgWTNlWUcYTTEYx9TXyeZC+S70ZiV6bcd0DFLI1Q+5uEg
PLdxP1uXkHdPozdX6pCsFodK91jnnNOc0IkxkjVJQLMBG1AuBFzQhnPUN2zkjGpr
oRZz+YYhZXR78Q/2ILEMIJGqQoKf01fduN7Q2qMTZ8HIlPx3MyJgdICTOIn8UoQf
h1vloB4aAtP6D7D6utU36MwA0sHhrEgOCOXbq4qE49wh8DVCdg0j3cMM0UVVlUdS
q3N6wA8LzQc3eK79hJ10iwuF4uMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6QR15
zA03G+5z1zJgiEs8NIboyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjcxNDBhMGQtNjEyYy00ZGE0LWE2MGEtNTVjMjhmYWZmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAM8+dXI3SG5aSwPe3vF/oG3VEEzuv/dYhU0cA3
8l4MvsCMvi7o97744SPQ39wFjnQDGhzLCXWIEpUPXcjuI4p1RAiKPbsQLF7M7O9P
rQC6mS96xo5UYAgXxzsJkwLROpBxY0Zx6kiwhUM3qUIUY/G1croThFjsndvyiams
ojd0e0sh5RTeZWcMOyTMrG5PrOWQKHAzrqfleOZKIjajJ/cQ8k63na+piNBo4hMk
5IbULuy2D6YBT08j7+qQgq/j2ZLWxUrsDwsgHHfG0zkQQORoO9CgN6KzFyeyj5lt
prGz25jhSVbCptAtRtxUpsJIzMe6VNfZUkyefQeFI7ThgwJt
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:04 2026 by rpki-client