Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
File: 4a7b2b27-8130-47da-97da-78c91087b05e.roa (raw, json)
Hash identifier: E4Om2Lz/G+39ULDIgpfh8n2MKBcFjtCFmCeOthxUhLE=
Subject key identifier: AB:D8:2E:9E:CD:4C:89:B9:35:1F:31:90:AB:D3:F0:60:B4:D6:CF:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F262E4D5160C65044028EFB395B91CC3F047848
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
Signing time: Tue 19 May 2026 04:50:52 +0000
ROA not before: Tue 19 May 2026 04:50:52 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:26:2e:4d:51:60:c6:50:44:02:8e:fb:39:5b:91:cc:3f:04:78:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:52 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=cca3dff4d344a09dfa8d2696743ce18536e406f458a3012f1782f17156cb00da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bd:1c:72:b3:04:97:d8:7f:da:4c:5d:8b:90:
70:f0:be:16:64:7e:cd:c8:73:eb:01:48:c5:6a:3d:
be:e4:dc:65:68:05:8f:91:48:18:29:08:8a:74:74:
6a:58:67:47:14:84:91:96:71:4d:14:b5:89:5e:44:
50:e1:1f:39:93:b1:54:39:14:d4:2e:24:b0:8e:e1:
42:40:82:6e:9b:c3:fb:c8:e4:e3:ff:5e:af:60:0c:
50:4f:39:58:72:41:b9:d2:9b:53:49:e2:08:95:c4:
d2:fd:a0:14:1f:d4:d7:39:62:dd:63:d3:3a:b5:32:
36:8b:4b:4f:9a:17:82:94:f6:27:61:77:82:e9:bc:
a7:27:6d:93:4d:13:b5:be:b7:1c:90:2c:bf:0a:c9:
32:96:a8:b3:d8:e6:0e:52:44:e8:c3:1c:93:ec:91:
56:b1:a6:e0:ee:50:f3:86:1f:2a:79:9b:ea:f6:cf:
57:f8:fd:18:5e:ca:c1:ee:57:46:e9:c4:dd:18:84:
16:f2:20:a6:c2:57:0e:26:da:f6:6d:ac:8d:51:bd:
18:be:e0:ab:98:0e:04:86:e8:11:69:1b:40:28:f5:
64:cb:3b:cd:ce:d9:50:19:06:ff:35:a5:d6:aa:f2:
c3:a4:68:7a:94:32:c4:85:a9:58:d0:c7:5a:55:6e:
d0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D8:2E:9E:CD:4C:89:B9:35:1F:31:90:AB:D3:F0:60:B4:D6:CF:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c040::/48
Signature Algorithm: sha256WithRSAEncryption
92:81:17:db:7c:a7:b8:31:4b:74:8a:5a:e7:f7:11:f9:c3:f3:
6b:2d:4b:a2:e8:71:5e:2e:49:08:f5:e9:15:b4:08:40:b5:12:
28:d8:29:ee:39:5d:31:98:53:7f:28:43:dc:a2:32:7d:b7:48:
79:fa:fc:ea:4f:de:29:f5:49:84:d9:cf:d5:b7:6e:cc:9f:73:
f0:da:55:90:1d:06:c3:c6:19:01:47:88:e3:34:78:90:29:3b:
43:c1:89:0d:1c:6e:09:48:d3:a7:de:02:16:c4:28:af:07:b9:
f3:ff:c4:84:bd:dc:1e:98:a3:75:ce:73:77:dd:53:2d:b8:20:
5a:3b:d4:93:88:7c:be:fe:d3:17:bd:6b:c1:bb:01:3d:33:b1:
d1:d6:41:4a:df:9d:8a:36:4a:83:f5:6a:51:5b:e7:73:ff:f8:
5b:b1:8e:03:b8:74:ef:d9:40:a7:b0:6b:99:7a:b8:44:8a:d5:
bf:d1:2c:13:2e:b5:3b:bf:cb:ee:cf:b5:1e:f2:f7:4e:61:1e:
9a:67:fa:d7:20:71:65:9a:ef:15:e6:dd:2f:fb:37:61:fc:d3:
10:aa:7e:23:cd:ca:f2:09:6f:5b:57:24:56:2e:fc:15:0a:46:
eb:1b:09:86:c8:62:7b:f4:3e:78:df:c8:5a:08:01:55:59:60:
f7:88:77:fe
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDyYuTVFgxlBEAo77OVuRzD8EeEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwNTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjYTNkZmY0ZDM0NGEwOWRmYThkMjY5Njc0M2NlMTg1MzZlNDA2ZjQ1OGEz
MDEyZjE3ODJmMTcxNTZjYjAwZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANO9HHKzBJfYf9pMXYuQcPC+FmR+zchz6wFIxWo9vuTcZWgFj5FIGCkIinR0
alhnRxSEkZZxTRS1iV5EUOEfOZOxVDkU1C4ksI7hQkCCbpvD+8jk4/9er2AMUE85
WHJBudKbU0niCJXE0v2gFB/U1zli3WPTOrUyNotLT5oXgpT2J2F3gum8pydtk00T
tb63HJAsvwrJMpaos9jmDlJE6MMck+yRVrGm4O5Q84YfKnmb6vbPV/j9GF7Kwe5X
RunE3RiEFvIgpsJXDiba9m2sjVG9GL7gq5gOBIboEWkbQCj1ZMs7zc7ZUBkG/zWl
1qryw6RoepQyxIWpWNDHWlVu0L8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSr2C6e
zUyJuTUfMZCr0/BgtNbP+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGE3YjJiMjctODEzMC00N2RhLTk3ZGEtNzhjOTEwODdiMDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
QDANBgkqhkiG9w0BAQsFAAOCAQEAkoEX23ynuDFLdIpa5/cR+cPzay1LouhxXi5J
CPXpFbQIQLUSKNgp7jldMZhTfyhD3KIyfbdIefr86k/eKfVJhNnP1bduzJ9z8NpV
kB0Gw8YZAUeI4zR4kCk7Q8GJDRxuCUjTp94CFsQorwe58//EhL3cHpijdc5zd91T
LbggWjvUk4h8vv7TF71rwbsBPTOx0dZBSt+dijZKg/VqUVvnc//4W7GOA7h079lA
p7BrmXq4RIrVv9EsEy61O7/L7s+1HvL3TmEemmf61yBxZZrvFebdL/s3YfzTEKp+
I83K8glvW1ckVi78FQpG6xsJhshie/Q+eN/IWggBVVlg94h3/g==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:15 2026 by rpki-client