Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
File: 4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa (raw, json)
Hash identifier: /S/Q8uF6+dDPcjW8sXfhfiQ74OG0A9cQIyHLIt4PEZ4=
Subject key identifier: AC:5D:4B:2F:B4:F6:97:89:41:1A:82:36:80:0A:A1:78:E8:09:6E:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BF1E722D43A6301BA86DE93B867D1C173292DF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
Signing time: Tue 19 May 2026 05:00:51 +0000
ROA not before: Tue 19 May 2026 05:00:51 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:f1:e7:22:d4:3a:63:01:ba:86:de:93:b8:67:d1:c1:73:29:2d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:51 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8d4a012f4fd74797d05e4f099b737db0690dc1ca8074e8d80e56c8b1d1e0b9d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:15:80:ed:17:77:c1:c4:fc:a9:ca:ba:85:29:
93:3a:1f:fc:85:3f:80:1c:20:72:0a:3d:f3:1c:28:
23:43:a2:72:87:a9:78:84:c3:13:ce:44:d6:b6:4b:
3c:cc:96:15:70:b5:de:0b:d1:69:a6:01:d1:bb:27:
23:53:07:a0:c4:aa:eb:83:0f:82:4c:52:77:1c:a0:
b6:1b:41:9b:4d:9b:88:4a:20:a1:f2:08:95:78:ab:
45:39:f7:77:98:0f:6a:28:a0:e9:2f:17:64:bc:fb:
7b:98:10:34:8c:c4:71:f3:35:fd:7b:18:0e:85:16:
b1:06:9f:04:ad:25:44:d5:71:d2:fd:b4:a7:cd:90:
79:72:b1:cd:41:88:ee:60:7d:33:67:3f:22:f1:24:
a0:97:2e:22:37:ee:3c:45:33:00:96:9a:47:6d:cc:
c1:84:8d:64:25:21:71:c9:e2:8c:bb:6a:a6:9f:47:
40:b5:13:80:a8:d1:bc:79:f2:74:1c:54:18:62:ba:
48:e0:79:60:98:01:9c:1f:9e:f4:d5:3c:39:3f:d3:
5b:76:0c:50:98:d0:ad:6b:c7:78:e5:70:32:28:f3:
c9:87:98:be:55:e2:f7:7c:d4:29:38:18:e8:41:21:
36:ef:fd:bb:fa:df:80:d9:d0:8b:5c:5d:fe:57:15:
c3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:5D:4B:2F:B4:F6:97:89:41:1A:82:36:80:0A:A1:78:E8:09:6E:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:4000::/40
Signature Algorithm: sha256WithRSAEncryption
59:75:46:49:4f:3f:5b:aa:38:ef:75:eb:69:c7:2f:e2:b0:47:
ae:4e:d2:b0:dd:d0:e1:ba:5c:9a:ea:6c:11:6f:0d:73:4e:fd:
3d:ff:4c:9c:a9:ef:d1:b9:4b:9c:98:20:6b:c4:f0:47:56:d2:
8b:3c:36:6e:cd:fb:94:ae:2f:c3:1a:cf:80:98:04:ce:f2:05:
63:14:ec:35:0f:a7:1d:7d:0c:56:a4:fe:3d:03:82:9e:17:d7:
bc:7c:c1:2e:c1:06:99:c0:76:01:16:43:83:ad:87:7d:fb:16:
dd:92:88:4c:db:cb:40:62:12:24:2c:e1:fa:fd:45:2b:ec:bf:
4e:0a:c7:12:8a:47:a4:d8:8a:15:d7:4c:55:d5:fa:ce:2d:e6:
da:96:df:01:23:46:06:91:4a:51:f3:30:b1:15:c7:34:9e:10:
ff:36:87:df:46:a2:cb:49:e7:0e:22:9b:6e:74:72:31:31:d2:
18:ab:d5:ff:e6:65:a6:da:fa:db:ad:2b:0a:35:2e:91:8f:c4:
f4:fd:84:14:e3:a8:51:e8:12:7a:60:e2:1c:f3:16:19:af:71:
26:eb:31:21:da:4d:5f:b3:ff:41:77:07:3f:8c:7f:8c:d5:88:
43:9d:e7:cc:9c:9c:bb:a4:33:84:d6:6c:f9:c6:b0:06:ce:61:
7c:ee:50:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG/HnItQ6YwG6ht6TuGfRwXMpLfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkNGEwMTJmNGZkNzQ3OTdkMDVlNGYwOTliNzM3ZGIwNjkwZGMxY2E4MDc0
ZThkODBlNTZjOGIxZDFlMGI5ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcVgO0Xd8HE/KnKuoUpkzof/IU/gBwgcgo98xwoI0OicoepeITDE85E1rZL
PMyWFXC13gvRaaYB0bsnI1MHoMSq64MPgkxSdxygthtBm02biEogofIIlXirRTn3
d5gPaiig6S8XZLz7e5gQNIzEcfM1/XsYDoUWsQafBK0lRNVx0v20p82QeXKxzUGI
7mB9M2c/IvEkoJcuIjfuPEUzAJaaR23MwYSNZCUhccnijLtqpp9HQLUTgKjRvHny
dBxUGGK6SOB5YJgBnB+e9NU8OT/TW3YMUJjQrWvHeOVwMijzyYeYvlXi93zUKTgY
6EEhNu/9u/rfgNnQi1xd/lcVw8ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsXUsv
tPaXiUEagjaACqF46Alu/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2ZGRjYTctMTcyZi00ZjBlLTlhODMtOWEzNTlmNjJjNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZdUZJTz9bqjjvdetpxy/isEeuTtKw3dDhulya
6mwRbw1zTv09/0ycqe/RuUucmCBrxPBHVtKLPDZuzfuUri/DGs+AmATO8gVjFOw1
D6cdfQxWpP49A4KeF9e8fMEuwQaZwHYBFkODrYd9+xbdkohM28tAYhIkLOH6/UUr
7L9OCscSikek2IoV10xV1frOLebalt8BI0YGkUpR8zCxFcc0nhD/NoffRqLLSecO
IptudHIxMdIYq9X/5mWm2vrbrSsKNS6Rj8T0/YQU46hR6BJ6YOIc8xYZr3Em6zEh
2k1fs/9Bdwc/jH+M1YhDnefMnJy7pDOE1mz5xrAGzmF87lDU
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:33:57 2026 by rpki-client