Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
File: 62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa (raw, json)
Hash identifier: LiRvbuvEbP8W3AjB5LhCGPh1ixTJ5HemuEX0NMYAgLU=
Subject key identifier: FA:92:BB:A8:20:15:67:ED:7A:FE:03:30:BD:6B:B8:75:A8:CD:8A:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 228FCE692AC40611F98575C2F5CE6CA401B41175
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
Signing time: Tue 19 May 2026 05:00:09 +0000
ROA not before: Tue 19 May 2026 05:00:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:8f:ce:69:2a:c4:06:11:f9:85:75:c2:f5:ce:6c:a4:01:b4:11:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=1e3169242056dc9fe4f01db272bd5665766b34db6a182c0ab2371ac068fa5515, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f9:87:07:09:23:2e:e9:3b:ba:04:bc:68:6c:
4d:f3:27:3a:33:ec:8c:ae:00:97:0d:f1:e4:ed:39:
38:9a:0a:da:aa:89:6c:1a:db:25:8e:44:b5:4b:56:
8a:38:54:f5:36:4f:d3:e7:f7:90:2b:ad:d9:29:b0:
55:2e:f7:fa:ff:70:84:fb:d4:41:57:6a:10:47:a6:
bc:07:99:64:ea:7d:c9:48:70:44:3f:b7:f4:5e:9d:
a1:17:cd:64:51:68:54:89:e5:d7:78:3a:36:f1:69:
d0:54:b8:32:2a:4b:cb:7a:e1:b0:16:d8:36:9b:e1:
b1:4a:d5:fe:09:c6:e2:c4:22:78:ba:06:23:70:da:
85:88:25:c0:70:a1:e4:51:0b:7b:86:cd:52:e4:59:
ef:f3:97:16:da:ce:fb:4e:63:9a:c3:ea:e0:6f:a8:
5e:08:2c:94:42:03:2d:f7:44:45:14:0c:5f:e9:49:
a0:67:6a:b5:16:51:91:c4:cf:d4:96:c5:68:79:6c:
4a:e9:17:1e:0f:c1:d8:c2:55:fb:a0:e6:3d:45:1b:
fc:a5:85:d4:71:c0:cb:73:c3:c0:af:95:8c:c2:7e:
67:7e:33:57:7d:48:f2:fe:58:a9:4f:39:5c:c7:d4:
b7:fc:26:e9:c2:e7:af:b8:4d:58:f8:33:4a:0b:9a:
ef:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:92:BB:A8:20:15:67:ED:7A:FE:03:30:BD:6B:B8:75:A8:CD:8A:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1080::/48
Signature Algorithm: sha256WithRSAEncryption
4f:54:3b:d6:44:d8:2f:51:cc:cb:e9:e5:55:65:8a:6a:29:50:
b4:58:9a:4b:01:ba:fa:4b:58:b3:31:6a:18:60:23:43:bb:f0:
40:ad:95:62:87:68:29:21:20:60:15:a7:64:97:21:e2:f1:5c:
e8:75:40:8d:bf:30:1d:6d:25:d2:f3:f2:d7:a1:02:87:6b:df:
04:f5:71:6b:c6:d4:83:25:c2:5d:69:e8:37:4d:8f:f2:ef:fa:
29:74:6f:3e:71:de:50:4d:a4:1b:20:09:0e:ff:96:b8:97:f1:
2e:23:ec:ac:cb:28:3a:4d:a7:da:82:30:2e:39:5d:c8:dc:74:
2d:a0:d8:f1:07:4a:7e:99:05:64:6a:68:8b:d4:52:a8:51:38:
4a:45:f2:25:53:4f:41:47:c4:d7:05:dd:b9:8d:28:99:ff:09:
1d:58:c7:87:76:b6:52:d4:86:42:4d:7b:23:5b:b8:6b:9c:43:
1f:99:3e:f8:05:b7:c2:36:8b:8c:18:e1:43:0a:df:aa:d9:55:
81:a4:cf:fa:31:0d:f2:cc:ed:fa:cc:c5:2f:c8:58:a8:fe:f3:
e4:c5:d0:46:68:b6:01:51:ce:9f:10:af:7a:87:82:bc:44:fd:
a2:58:b5:a6:f8:8a:22:76:c8:49:06:56:b1:9a:4f:64:4d:c0:
59:7f:e5:fd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIo/OaSrEBhH5hXXC9c5spAG0EXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlMzE2OTI0MjA1NmRjOWZlNGYwMWRiMjcyYmQ1NjY1NzY2YjM0ZGI2YTE4
MmMwYWIyMzcxYWMwNjhmYTU1MTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALr5hwcJIy7pO7oEvGhsTfMnOjPsjK4Alw3x5O05OJoK2qqJbBrbJY5EtUtW
ijhU9TZP0+f3kCut2SmwVS73+v9whPvUQVdqEEemvAeZZOp9yUhwRD+39F6doRfN
ZFFoVInl13g6NvFp0FS4MipLy3rhsBbYNpvhsUrV/gnG4sQieLoGI3DahYglwHCh
5FELe4bNUuRZ7/OXFtrO+05jmsPq4G+oXggslEIDLfdERRQMX+lJoGdqtRZRkcTP
1JbFaHlsSukXHg/B2MJV+6DmPUUb/KWF1HHAy3PDwK+VjMJ+Z34zV31I8v5YqU85
XMfUt/wm6cLnr7hNWPgzSgua76UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT6kruo
IBVn7Xr+AzC9a7h1qM2KLzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJmZjRlNWUtOWU2NS00NGZjLWFmN2YtNGU0NDkzNWNlYjQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAT1Q71kTYL1HMy+nlVWWKailQtFiaSwG6+ktY
szFqGGAjQ7vwQK2VYodoKSEgYBWnZJch4vFc6HVAjb8wHW0l0vPy16ECh2vfBPVx
a8bUgyXCXWnoN02P8u/6KXRvPnHeUE2kGyAJDv+WuJfxLiPsrMsoOk2n2oIwLjld
yNx0LaDY8QdKfpkFZGpoi9RSqFE4SkXyJVNPQUfE1wXduY0omf8JHVjHh3a2UtSG
Qk17I1u4a5xDH5k++AW3wjaLjBjhQwrfqtlVgaTP+jEN8szt+szFL8hYqP7z5MXQ
Rmi2AVHOnxCveoeCvET9oli1pviKInbISQZWsZpPZE3AWX/l/Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:10:18 2026 by rpki-client