Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa
File: 42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa (raw, json)
Hash identifier: g/xtWqBwd0igxUKoFz+ir6z8QBhQRSyxL7VSXhcODrU=
Subject key identifier: B7:6C:E5:2C:B9:D6:16:67:FA:F6:8C:92:8E:6C:4B:C2:59:D1:CD:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B140EBD4186D7CC01B71F9C1E29C62F87C7C64F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa
Signing time: Fri 15 May 2026 02:00:05 +0000
ROA not before: Fri 15 May 2026 02:00:05 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:14:0e:bd:41:86:d7:cc:01:b7:1f:9c:1e:29:c6:2f:87:c7:c6:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:00:05 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=4f5392b725231626da738d890be1277f77cfd3d63e716e2e2f0d97576cfbaca9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7a:f6:7b:61:d3:02:19:6f:41:ca:17:fa:c3:
72:6f:8e:7b:95:6a:43:29:80:67:1c:83:0e:49:cb:
b0:ab:0d:56:42:aa:4e:24:a0:4d:65:29:7c:89:5c:
d0:c5:2d:7c:bf:d9:4d:fc:32:f0:63:b9:c5:17:98:
92:5a:ad:d3:87:78:da:59:9d:8e:f1:67:fd:9a:8a:
53:a6:ec:58:b4:54:19:fa:8e:d0:4d:95:70:8b:02:
56:f4:c2:e4:5b:bb:cb:0d:ae:f8:05:e8:f7:a1:12:
03:00:16:2c:55:1d:5e:30:86:7e:60:50:58:e9:fa:
ce:b9:3d:55:60:1f:9f:d2:cf:77:a8:de:c6:1a:0d:
0e:c1:9d:74:eb:63:1f:61:2f:9e:df:8a:a7:5d:fd:
2c:82:81:f6:30:a0:52:97:22:50:25:3e:b7:0b:4d:
65:2f:a6:aa:b1:ff:f0:c3:8e:a0:a6:0d:68:d6:f6:
8c:11:38:19:22:23:7f:13:5e:4d:08:04:1c:d2:aa:
05:6f:9e:08:0c:e9:32:9b:48:6b:27:94:5d:11:92:
6a:ca:7a:63:2a:93:f3:f5:1f:ff:1e:64:09:47:53:
93:fc:80:e3:4e:c5:47:fa:6e:75:2f:84:12:e2:8b:
31:27:9b:dd:df:c1:17:79:e4:78:fa:59:e6:34:5f:
3b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6C:E5:2C:B9:D6:16:67:FA:F6:8C:92:8E:6C:4B:C2:59:D1:CD:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/48
Signature Algorithm: sha256WithRSAEncryption
b4:56:24:63:48:ce:db:60:13:b3:98:a4:47:ab:7c:b1:36:81:
08:80:6e:ad:ab:f7:15:de:4f:ae:4a:d1:56:4c:b8:34:df:8d:
6c:c3:08:a7:4a:61:44:0e:df:ee:2a:7d:19:cf:9b:56:1e:ce:
2b:35:30:b5:0e:1e:7d:fd:6c:ca:b7:cd:67:e4:02:69:06:9c:
b0:7a:46:c9:7b:a9:8f:0d:e5:5e:85:8f:57:7b:8c:bd:4b:92:
41:8d:c8:96:7a:98:f7:5f:ad:ee:3a:2b:e7:f5:32:a8:f6:31:
8f:57:5b:bd:87:39:83:83:17:ec:4b:ec:8d:ea:61:ad:8b:14:
50:fc:2e:f9:44:33:19:71:d1:ce:a1:75:a3:80:91:8b:19:48:
f8:2e:04:76:d7:68:a6:65:e4:99:b6:47:3e:38:2b:e3:66:62:
01:4d:7e:29:af:63:0a:ab:a2:fa:fa:5d:a7:78:10:fe:a8:5b:
eb:2e:7c:f0:c2:e8:71:0f:3b:99:c3:d7:03:7f:c7:38:78:6b:
b9:e2:32:1c:9d:9e:90:fb:0e:3c:5b:39:9f:51:0b:ab:c1:83:
df:4c:85:ae:90:0f:06:9e:f0:15:b1:43:f1:bb:c1:ba:12:a8:
48:7f:63:74:ef:cb:52:70:1f:e9:03:67:59:93:cb:29:a4:c4:
c9:4d:ea:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGxQOvUGG18wBtx+cHinGL4fHxk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjAwMDVaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmNTM5MmI3MjUyMzE2MjZkYTczOGQ4OTBiZTEyNzdmNzdjZmQzZDYzZTcx
NmUyZTJmMGQ5NzU3NmNmYmFjYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJx69nth0wIZb0HKF/rDcm+Oe5VqQymAZxyDDknLsKsNVkKqTiSgTWUpfIlc
0MUtfL/ZTfwy8GO5xReYklqt04d42lmdjvFn/ZqKU6bsWLRUGfqO0E2VcIsCVvTC
5Fu7yw2u+AXo96ESAwAWLFUdXjCGfmBQWOn6zrk9VWAfn9LPd6jexhoNDsGddOtj
H2Evnt+Kp139LIKB9jCgUpciUCU+twtNZS+mqrH/8MOOoKYNaNb2jBE4GSIjfxNe
TQgEHNKqBW+eCAzpMptIayeUXRGSasp6YyqT8/Uf/x5kCUdTk/yA407FR/pudS+E
EuKLMSeb3d/BF3nkePpZ5jRfOw8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS3bOUs
udYWZ/r2jJKObEvCWdHNuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJhMmJiYmMtNGJmZC00MTcyLTgwMDQtYjkwYmY5ZDJkZTcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HaQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAtFYkY0jO22ATs5ikR6t8sTaBCIBurav3Fd5P
rkrRVky4NN+NbMMIp0phRA7f7ip9Gc+bVh7OKzUwtQ4eff1syrfNZ+QCaQacsHpG
yXupjw3lXoWPV3uMvUuSQY3IlnqY91+t7jor5/UyqPYxj1dbvYc5g4MX7Evsjeph
rYsUUPwu+UQzGXHRzqF1o4CRixlI+C4EdtdopmXkmbZHPjgr42ZiAU1+Ka9jCqui
+vpdp3gQ/qhb6y588MLocQ87mcPXA3/HOHhrueIyHJ2ekPsOPFs5n1ELq8GD30yF
rpAPBp7wFbFD8bvBuhKoSH9jdO/LUnAf6QNnWZPLKaTEyU3q1g==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:18 2026 by rpki-client