Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
File: 48202432-610c-42b2-9763-e895c6cbe70d.roa (raw, json)
Hash identifier: 9LSLmWv19locdANJL4BdGiV9SCeu1XHUPmJHAEwbKZI=
Subject key identifier: AA:D9:C6:E3:C1:E2:BE:91:F0:BD:31:6F:89:B3:91:6C:34:AB:C6:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50F233B35C940CD2A54E5620BE68244FBCF71FC6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
Signing time: Sat 16 May 2026 00:40:10 +0000
ROA not before: Sat 16 May 2026 00:40:10 +0000
ROA not after: Fri 14 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:f2:33:b3:5c:94:0c:d2:a5:4e:56:20:be:68:24:4f:bc:f7:1f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 00:40:10 2026 GMT
Not After : Aug 14 23:59:59 2026 GMT
Subject: serialNumber=4899a59d799d101aa46570352ae9a72856907f06fb4513b925af4f1974831377, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:46:84:e9:2d:62:f5:b1:20:9e:ee:fe:12:c3:
6e:12:5d:49:18:10:89:a1:35:53:43:e8:c6:9d:ff:
75:e7:f2:7e:2b:2b:8a:73:26:c2:76:22:04:cf:86:
a3:b8:9e:ba:85:66:e0:79:84:b0:5f:3c:96:df:8a:
d0:0e:12:b3:c0:e2:f2:3a:0a:b7:70:34:26:14:92:
d6:25:20:b5:37:08:52:b9:e5:8a:b3:ef:3d:9f:63:
27:cd:4a:23:64:7c:0e:39:7c:78:ff:6e:cf:a0:0e:
49:dc:59:cd:dc:2b:3a:51:ef:46:26:be:39:1b:f6:
a8:41:03:69:b6:be:0d:2b:bc:ec:d0:0b:d6:5f:6b:
45:1e:16:53:f5:62:a9:a9:a7:f2:ed:a1:bd:fe:c9:
f6:89:27:67:38:9a:4e:0d:43:34:e3:b4:66:3c:ea:
d3:f0:b3:a6:06:ec:0e:0c:c4:97:24:11:f0:75:0d:
73:7c:f1:46:0c:8a:ce:1a:7d:bb:05:03:a1:8b:d2:
ce:e9:38:99:84:7e:10:00:d5:56:46:f7:ab:9b:29:
92:b4:16:5e:ac:ee:4a:35:a3:0c:b2:5c:eb:a7:f4:
9e:68:37:52:2b:2f:4f:f4:d2:9d:96:9b:4e:08:3b:
cc:03:21:0a:d2:e2:64:8d:51:be:55:cb:40:1d:a5:
a8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D9:C6:E3:C1:E2:BE:91:F0:BD:31:6F:89:B3:91:6C:34:AB:C6:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/48
Signature Algorithm: sha256WithRSAEncryption
72:64:67:8e:57:dc:e9:ce:a9:7a:87:61:1b:81:7f:7e:73:89:
56:90:c0:49:52:e5:f7:29:2c:c2:77:f3:58:7e:78:34:00:0d:
f0:01:68:c4:21:e7:96:15:e9:3b:e2:7b:29:3a:02:e4:56:6b:
d8:43:06:c5:ab:36:26:05:43:9b:c3:1f:8b:40:d5:0e:39:46:
82:9d:21:7d:54:9c:9e:06:d6:d4:25:98:ef:2f:ff:e7:cf:f8:
6a:dd:41:75:8b:34:41:48:6a:2f:1e:27:86:14:50:98:29:26:
78:c9:16:3d:f2:58:ae:74:7d:37:61:fe:4b:17:45:7c:86:b1:
1e:d0:54:a7:5a:00:58:03:97:d1:35:c7:c4:05:5c:d6:12:56:
e8:0a:7e:e5:fd:8a:0c:e4:fa:1f:54:8b:a5:1b:97:e3:0e:cf:
07:e5:fb:88:c1:15:0a:6a:f4:85:ab:91:dd:a2:fa:8f:4e:ef:
9f:cc:9b:02:33:70:fc:fc:cd:f2:57:15:82:0f:f4:66:8b:85:
49:9c:49:37:1a:95:36:04:1e:f4:0e:0a:e4:b3:1f:4a:dd:b0:
f1:a4:21:25:6c:b7:f6:90:63:db:05:65:63:47:34:4a:11:8c:
63:2f:3b:99:0f:d7:c1:f4:63:ca:ed:86:84:68:d2:83:52:14:
a4:47:36:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUPIzs1yUDNKlTlYgvmgkT7z3H8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTYwMDQwMTBaFw0yNjA4MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4OTlhNTlkNzk5ZDEwMWFhNDY1NzAzNTJhZTlhNzI4NTY5MDdmMDZmYjQ1
MTNiOTI1YWY0ZjE5NzQ4MzEzNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBGhOktYvWxIJ7u/hLDbhJdSRgQiaE1U0Poxp3/defyfisrinMmwnYiBM+G
o7ieuoVm4HmEsF88lt+K0A4Ss8Di8joKt3A0JhSS1iUgtTcIUrnlirPvPZ9jJ81K
I2R8Djl8eP9uz6AOSdxZzdwrOlHvRia+ORv2qEEDaba+DSu87NAL1l9rRR4WU/Vi
qamn8u2hvf7J9oknZziaTg1DNOO0Zjzq0/CzpgbsDgzElyQR8HUNc3zxRgyKzhp9
uwUDoYvSzuk4mYR+EADVVkb3q5spkrQWXqzuSjWjDLJc66f0nmg3UisvT/TSnZab
Tgg7zAMhCtLiZI1RvlXLQB2lqHkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSq2cbj
weK+kfC9MW+Js5FsNKvGxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDgyMDI0MzItNjEwYy00MmIyLTk3NjMtZTg5NWM2Y2JlNzBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAcmRnjlfc6c6peodhG4F/fnOJVpDASVLl9yks
wnfzWH54NAAN8AFoxCHnlhXpO+J7KToC5FZr2EMGxas2JgVDm8Mfi0DVDjlGgp0h
fVScngbW1CWY7y//58/4at1BdYs0QUhqLx4nhhRQmCkmeMkWPfJYrnR9N2H+SxdF
fIaxHtBUp1oAWAOX0TXHxAVc1hJW6Ap+5f2KDOT6H1SLpRuX4w7PB+X7iMEVCmr0
hauR3aL6j07vn8ybAjNw/PzN8lcVgg/0ZouFSZxJNxqVNgQe9A4K5LMfSt2w8aQh
JWy39pBj2wVlY0c0ShGMYy87mQ/XwfRjyu2GhGjSg1IUpEc2vQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:43:00 2026 by rpki-client