Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
File: 4c78114f-4347-44fe-aef1-32fc688c69b9.roa (raw, json)
Hash identifier: IhYIWcARPzxX7G6GB7GNjeyPQTOJ+LNVdcAR63ao458=
Subject key identifier: F3:9B:35:DE:96:22:7E:11:52:73:A2:6A:B4:BA:CF:51:35:6A:AE:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BAE805CD3E10405E77E75C07037C18BB58DEF81
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
Signing time: Tue 19 May 2026 05:10:59 +0000
ROA not before: Tue 19 May 2026 05:10:59 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:ae:80:5c:d3:e1:04:05:e7:7e:75:c0:70:37:c1:8b:b5:8d:ef:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:59 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=ea73fe3509b97166f99b5e6b3572eb841d9f5939af2b9f840b91bf002fcbf410, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:09:8a:dc:a0:c8:90:df:c7:cd:7e:70:2b:24:
86:8f:ac:69:18:33:3a:c4:3d:1e:bb:27:94:54:ed:
f0:ba:5f:b4:85:9d:bc:bd:be:ab:74:4f:2b:68:d5:
85:ad:4c:ef:e3:66:96:e1:10:00:fe:16:24:84:52:
b7:bc:47:75:79:96:b3:49:3b:14:f2:0a:49:9c:da:
82:10:c7:0b:e9:5b:7f:dc:7d:53:81:f9:f3:f9:51:
b9:56:67:e0:01:39:3f:ea:84:53:1b:e4:62:4e:cd:
fd:0f:ba:0e:4e:bb:1c:7d:d1:42:f0:eb:30:b4:ce:
00:0d:b7:65:5a:a7:cd:81:7d:06:59:0b:ba:67:c3:
7f:a4:0e:a8:e3:ed:57:04:57:f5:31:0f:20:38:98:
e0:bc:78:c6:0f:fb:92:07:bf:ec:81:dd:a7:23:bd:
b6:4e:3c:80:2e:cf:07:bd:43:22:a8:bd:b7:fc:2d:
2f:17:1b:f0:74:7e:01:9d:84:86:49:1c:46:d8:bc:
15:6e:23:0c:e1:74:76:90:9b:b7:8f:39:44:33:b5:
69:54:aa:f0:50:14:be:50:73:c1:89:b4:00:6d:e6:
6d:20:f2:86:63:ab:08:1c:27:3b:e0:d0:f2:e7:ee:
6d:b3:68:cd:25:2c:9d:88:25:0a:54:b6:60:a8:d9:
f6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9B:35:DE:96:22:7E:11:52:73:A2:6A:B4:BA:CF:51:35:6A:AE:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8020::/48
Signature Algorithm: sha256WithRSAEncryption
73:28:43:94:e3:1f:40:be:3b:3c:05:bb:cb:d2:98:c8:b3:c4:
8b:29:63:af:d6:26:05:cf:8b:2f:ac:bf:d4:06:ef:d7:56:7b:
0c:81:78:c5:9d:05:be:06:9f:81:ae:6c:09:40:4e:50:49:87:
dd:bb:88:b8:5b:b7:6e:1b:c8:07:44:5a:c1:01:55:99:e6:af:
ab:6a:93:06:23:43:da:7c:0b:6e:4a:a4:f7:a8:88:0a:3f:24:
59:29:1e:44:b8:d7:67:53:73:fb:d7:7e:25:ac:9f:bc:00:48:
47:09:5d:01:f9:7a:1e:84:4a:38:37:55:0f:8f:dc:53:07:be:
c3:0a:22:05:dc:21:97:d7:57:ae:9a:2b:ef:8c:c1:c0:f0:91:
e9:c0:3f:45:7b:1b:24:6f:1e:8e:41:5b:9c:41:05:ad:41:96:
6d:18:05:ef:56:95:07:98:ad:d1:54:92:8c:f1:bd:c9:82:31:
f3:5b:7f:ff:7f:b6:9a:7b:03:c4:a8:31:32:94:15:c6:e3:07:
0d:01:b9:7a:40:07:33:d1:07:25:88:42:bd:df:32:82:09:a5:
3c:12:6b:84:70:bc:d9:8b:09:f3:45:f1:bb:f6:12:e1:d4:91:
46:52:e6:da:53:b1:45:7d:97:c1:1d:66:2e:ef:53:ad:03:95:
47:eb:99:d9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUS66AXNPhBAXnfnXAcDfBi7WN74EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwNTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhNzNmZTM1MDliOTcxNjZmOTliNWU2YjM1NzJlYjg0MWQ5ZjU5MzlhZjJi
OWY4NDBiOTFiZjAwMmZjYmY0MTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0JitygyJDfx81+cCskho+saRgzOsQ9HrsnlFTt8LpftIWdvL2+q3RPK2jV
ha1M7+NmluEQAP4WJIRSt7xHdXmWs0k7FPIKSZzaghDHC+lbf9x9U4H58/lRuVZn
4AE5P+qEUxvkYk7N/Q+6Dk67HH3RQvDrMLTOAA23ZVqnzYF9BlkLumfDf6QOqOPt
VwRX9TEPIDiY4Lx4xg/7kge/7IHdpyO9tk48gC7PB71DIqi9t/wtLxcb8HR+AZ2E
hkkcRti8FW4jDOF0dpCbt485RDO1aVSq8FAUvlBzwYm0AG3mbSDyhmOrCBwnO+DQ
8ufubbNozSUsnYglClS2YKjZ9jECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTzmzXe
liJ+EVJzomq0us9RNWqu+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM3ODExNGYtNDM0Ny00NGZlLWFlZjEtMzJmYzY4OGM2OWI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
IDANBgkqhkiG9w0BAQsFAAOCAQEAcyhDlOMfQL47PAW7y9KYyLPEiyljr9YmBc+L
L6y/1Abv11Z7DIF4xZ0Fvgafga5sCUBOUEmH3buIuFu3bhvIB0RawQFVmeavq2qT
BiND2nwLbkqk96iICj8kWSkeRLjXZ1Nz+9d+JayfvABIRwldAfl6HoRKODdVD4/c
Uwe+wwoiBdwhl9dXrpor74zBwPCR6cA/RXsbJG8ejkFbnEEFrUGWbRgF71aVB5it
0VSSjPG9yYIx81t//3+2mnsDxKgxMpQVxuMHDQG5ekAHM9EHJYhCvd8yggmlPBJr
hHC82YsJ80Xxu/YS4dSRRlLm2lOxRX2XwR1mLu9TrQOVR+uZ2Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:12 2026 by rpki-client