Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
File: 470f3c02-20c3-480f-a788-60d7378cea9b.roa (raw, json)
Hash identifier: d6covgGm5aLiyc0gnkJYH00pbILJR8Hxd0yDfKb+o1w=
Subject key identifier: 1F:53:3F:3E:0C:1A:5D:3D:D4:F3:1C:D5:5A:8D:8B:EB:87:D5:A7:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4422EB1C8C4C9C6E5B06439723A4F4AEBB30BF2F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
Signing time: Sun 17 May 2026 02:00:03 +0000
ROA not before: Sun 17 May 2026 02:00:03 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:22:eb:1c:8c:4c:9c:6e:5b:06:43:97:23:a4:f4:ae:bb:30:bf:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:03 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=77a2e794a9fad11aad753822a3c1c81a1a2be4c2bc29c566788c38d97e615303, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4c:41:96:5d:69:e6:e9:3f:ac:5d:20:b4:ee:
84:12:15:50:5d:d1:08:32:a8:30:75:c8:9b:64:59:
f1:75:b6:52:b7:b5:9c:52:81:75:67:78:0c:de:72:
ba:32:ce:31:2d:61:0f:80:15:b4:61:46:47:d2:26:
b2:02:18:d3:16:d4:c2:b0:4f:e8:28:32:33:e4:43:
fc:66:18:7d:44:f5:e6:88:54:70:54:60:f6:53:b4:
62:f3:eb:5a:c6:aa:8b:66:9f:8c:48:79:05:c8:7c:
3d:db:4f:51:bd:e4:38:c3:07:b0:d5:f0:62:09:1c:
52:62:07:9a:9d:dc:3e:d7:06:15:9b:f2:72:9c:06:
ba:f8:03:27:b9:d8:d0:9b:e6:13:a1:65:73:b6:92:
90:d6:6e:73:c3:f2:c5:19:b9:92:f3:29:75:8f:85:
d9:fc:4d:d4:cc:24:a1:51:1d:5d:5e:2d:fc:9d:bc:
7a:17:8b:53:ee:9a:20:ba:c1:d8:4b:f6:f0:30:50:
c6:a9:b3:c1:57:14:2f:25:65:3b:65:e2:6b:04:65:
f5:c8:bc:50:4e:11:a8:9a:08:16:77:ac:ca:82:7b:
5e:8d:be:fd:df:0b:d1:14:5f:5c:50:ca:ea:3a:e4:
1c:d8:da:7c:22:5c:1b:97:58:12:b4:68:59:b2:9a:
5b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:53:3F:3E:0C:1A:5D:3D:D4:F3:1C:D5:5A:8D:8B:EB:87:D5:A7:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:880::/48
Signature Algorithm: sha256WithRSAEncryption
86:ec:73:a1:9e:2c:93:e3:9e:28:69:54:0b:23:5e:b7:ad:b4:
73:11:38:2a:0b:7e:ef:7d:7c:8e:eb:4e:4a:e8:2c:a3:1f:2e:
62:52:84:91:63:85:c3:58:6a:6f:dc:f7:a1:4d:e9:10:16:9e:
c3:a8:6a:af:4d:c8:b3:93:72:1a:ca:bc:a1:77:22:d0:a9:55:
7e:25:44:02:14:65:1b:a4:8e:be:19:a8:33:e6:9a:85:26:09:
7c:00:ca:51:7d:66:61:c4:a3:3b:1e:4a:43:49:91:54:98:4e:
f3:66:55:46:62:c2:3b:9e:bd:37:67:95:21:be:ca:39:c8:ec:
a0:2c:17:f3:cf:99:0c:1a:3f:a7:b8:ad:c3:58:18:31:8b:42:
f4:7c:e8:04:2a:7d:82:2b:77:16:9f:de:09:10:86:7e:9f:53:
9c:bf:e4:e8:fa:79:8e:ae:c6:96:47:cd:36:f4:87:ea:e1:7f:
2b:64:98:6f:6f:00:8b:cd:43:37:b2:3e:12:b8:52:f3:33:f4:
0c:9b:94:55:9f:1f:e4:cf:38:97:8c:65:69:58:e0:b6:42:ff:
a6:1c:22:fd:2b:6f:ff:f2:02:8a:2c:9a:66:40:61:3d:df:59:
d8:ef:26:fd:d1:b6:27:b1:48:74:19:66:27:6b:cb:b9:f6:9e:
42:25:9f:37
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURCLrHIxMnG5bBkOXI6T0rrswvy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDNaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3YTJlNzk0YTlmYWQxMWFhZDc1MzgyMmEzYzFjODFhMWEyYmU0YzJiYzI5
YzU2Njc4OGMzOGQ5N2U2MTUzMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJMQZZdaebpP6xdILTuhBIVUF3RCDKoMHXIm2RZ8XW2Ure1nFKBdWd4DN5y
ujLOMS1hD4AVtGFGR9ImsgIY0xbUwrBP6CgyM+RD/GYYfUT15ohUcFRg9lO0YvPr
Wsaqi2afjEh5Bch8PdtPUb3kOMMHsNXwYgkcUmIHmp3cPtcGFZvycpwGuvgDJ7nY
0JvmE6Flc7aSkNZuc8PyxRm5kvMpdY+F2fxN1MwkoVEdXV4t/J28eheLU+6aILrB
2Ev28DBQxqmzwVcULyVlO2XiawRl9ci8UE4RqJoIFnesyoJ7Xo2+/d8L0RRfXFDK
6jrkHNjafCJcG5dYErRoWbKaW2ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQfUz8+
DBpdPdTzHNVajYvrh9WnIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDcwZjNjMDItMjBjMy00ODBmLWE3ODgtNjBkNzM3OGNlYTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAhuxzoZ4sk+OeKGlUCyNet620cxE4Kgt+7318
jutOSugsox8uYlKEkWOFw1hqb9z3oU3pEBaew6hqr03Is5NyGsq8oXci0KlVfiVE
AhRlG6SOvhmoM+aahSYJfADKUX1mYcSjOx5KQ0mRVJhO82ZVRmLCO569N2eVIb7K
OcjsoCwX88+ZDBo/p7itw1gYMYtC9HzoBCp9git3Fp/eCRCGfp9TnL/k6Pp5jq7G
lkfNNvSH6uF/K2SYb28Ai81DN7I+ErhS8zP0DJuUVZ8f5M84l4xlaVjgtkL/phwi
/Stv//ICiiyaZkBhPd9Z2O8m/dG2J7FIdBlmJ2vLufaeQiWfNw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:59 2026 by rpki-client