Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
File: 4967c03f-f17b-42f4-bfca-8694bb963ab0.roa (raw, json)
Hash identifier: qW56ulzt4FFSMM2jw7YCN3XwpUZ+Uwtx/fecIX/KRCk=
Subject key identifier: 0B:66:AF:2C:DD:C7:F7:C8:BE:AA:73:D2:A2:18:59:45:34:69:C7:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 448E0B6E234FB0C79753BE8F7388CFC129699BA1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
Signing time: Tue 19 May 2026 04:50:42 +0000
ROA not before: Tue 19 May 2026 04:50:42 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:8e:0b:6e:23:4f:b0:c7:97:53:be:8f:73:88:cf:c1:29:69:9b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:42 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=aef001828356abe63a62b12d0c2df1788cb03fc911bf1b7f14532be64ce2240f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1f:a9:57:35:01:70:62:48:8f:66:9c:90:9e:
2e:5b:23:92:37:ea:88:77:72:a8:05:f8:f8:8a:e6:
1c:44:77:95:87:a4:70:93:32:d0:d9:b2:5a:7a:15:
12:4e:df:c7:41:d0:71:24:d1:ec:96:ef:ba:e7:1c:
25:dc:f5:c0:41:cf:66:58:3c:d8:30:a3:23:69:2a:
ac:9a:a8:02:36:09:24:6c:39:7b:8d:83:64:0d:f5:
9c:c8:37:8b:b7:a1:78:3a:af:cc:49:80:1f:77:5d:
ca:21:0f:b3:bd:5c:ba:d8:32:20:be:9c:72:4b:68:
da:99:fd:af:17:88:16:9d:70:33:e7:29:e8:2f:3c:
e9:28:6f:8b:7a:09:ca:94:16:2f:c2:a0:4d:b0:d2:
d0:8c:3e:e1:ac:9d:b1:76:0b:c5:db:16:a1:0e:b0:
e0:42:15:2c:57:93:f8:a7:e7:47:38:87:98:c0:64:
e0:38:e6:f5:b0:ad:5e:4d:5a:ff:23:8f:df:46:4f:
c7:2c:c3:26:51:68:d1:fc:b2:34:47:b3:4a:c5:e5:
a7:af:81:16:c8:3f:ae:d4:eb:6d:b5:71:4f:63:7f:
4c:01:19:a9:cf:ce:ee:a8:1f:5a:9d:36:22:af:3e:
1b:c1:99:84:cf:5d:07:95:87:40:51:dc:ad:d5:34:
0a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:66:AF:2C:DD:C7:F7:C8:BE:AA:73:D2:A2:18:59:45:34:69:C7:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9040::/48
Signature Algorithm: sha256WithRSAEncryption
03:d9:69:2e:fa:ac:8a:77:b9:12:da:29:3a:fd:7e:a8:ab:30:
cf:17:55:ff:0e:50:79:b3:94:e8:f8:4d:8e:4c:42:4f:21:fa:
44:83:24:0e:e8:86:94:22:e5:55:cd:9b:0d:de:d1:4f:ed:03:
62:11:62:de:bb:cb:e5:33:eb:1e:9c:a5:96:c3:a8:bb:83:ed:
17:10:61:c8:3f:f9:e8:d1:67:48:58:c6:60:4d:42:b6:93:ef:
d5:8c:06:ea:42:d4:72:ce:5e:f0:a3:49:ff:15:6f:b7:60:8e:
3d:a1:99:42:71:62:b1:95:f4:81:85:68:58:74:aa:fe:bd:0d:
58:5b:5f:29:d6:e5:a5:6f:94:7d:f5:5d:78:0d:c7:43:6f:c4:
24:63:cd:2d:91:e8:3f:83:13:5b:eb:d9:70:ce:7e:6a:30:68:
50:5d:3d:38:72:5d:fd:e5:c1:e0:33:0a:27:26:32:9f:4f:a2:
0f:a0:0c:7a:99:4c:9d:43:9a:42:13:59:6b:45:ec:f1:0e:22:
9b:f0:cd:8d:9c:f4:d9:2a:3b:2e:56:e0:ac:cb:6a:fa:5a:49:
f3:0f:e7:2a:9e:ba:f7:5c:12:80:3f:20:3c:0b:a9:c3:f0:cc:
bd:1e:1d:0b:db:01:b9:de:73:5a:ef:98:0a:47:22:fb:dc:81:
b7:13:84:d0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURI4LbiNPsMeXU76Pc4jPwSlpm6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwNDJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlZjAwMTgyODM1NmFiZTYzYTYyYjEyZDBjMmRmMTc4OGNiMDNmYzkxMWJm
MWI3ZjE0NTMyYmU2NGNlMjI0MGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEfqVc1AXBiSI9mnJCeLlsjkjfqiHdyqAX4+IrmHER3lYekcJMy0NmyWnoV
Ek7fx0HQcSTR7JbvuuccJdz1wEHPZlg82DCjI2kqrJqoAjYJJGw5e42DZA31nMg3
i7eheDqvzEmAH3ddyiEPs71cutgyIL6cckto2pn9rxeIFp1wM+cp6C886Shvi3oJ
ypQWL8KgTbDS0Iw+4aydsXYLxdsWoQ6w4EIVLFeT+KfnRziHmMBk4Djm9bCtXk1a
/yOP30ZPxyzDJlFo0fyyNEezSsXlp6+BFsg/rtTrbbVxT2N/TAEZqc/O7qgfWp02
Iq8+G8GZhM9dB5WHQFHcrdU0CrUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQLZq8s
3cf3yL6qc9KiGFlFNGnHKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk2N2MwM2YtZjE3Yi00MmY0LWJmY2EtODY5NGJiOTYzYWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAA9lpLvqsine5EtopOv1+qKswzxdV/w5QebOU
6PhNjkxCTyH6RIMkDuiGlCLlVc2bDd7RT+0DYhFi3rvL5TPrHpyllsOou4PtFxBh
yD/56NFnSFjGYE1CtpPv1YwG6kLUcs5e8KNJ/xVvt2COPaGZQnFisZX0gYVoWHSq
/r0NWFtfKdblpW+UffVdeA3HQ2/EJGPNLZHoP4MTW+vZcM5+ajBoUF09OHJd/eXB
4DMKJyYyn0+iD6AMeplMnUOaQhNZa0Xs8Q4im/DNjZz02So7LlbgrMtq+lpJ8w/n
Kp6691wSgD8gPAupw/DMvR4dC9sBud5zWu+YCkci+9yBtxOE0A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:56 2026 by rpki-client