Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6af28a08-4ca8-42b3-b693-0c0785677d0b.roa
File: 6af28a08-4ca8-42b3-b693-0c0785677d0b.roa (raw, json)
Hash identifier: EeWXN5SB0i8pjMIooDUbd39X6fP440/swwowB/OBpOA=
Subject key identifier: F7:4F:86:CC:26:40:8C:22:99:E7:C3:C8:97:6A:2C:AD:AC:EF:05:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23725435D132791C161E3A82D117A33E10879B4A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6af28a08-4ca8-42b3-b693-0c0785677d0b.roa
Signing time: Fri 22 May 2026 16:01:52 +0000
ROA not before: Fri 22 May 2026 16:01:52 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:72:54:35:d1:32:79:1c:16:1e:3a:82:d1:17:a3:3e:10:87:9b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:01:52 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=74124601530138f707806995b187a88448348b620dd7a8674431bc78ab60287c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:db:f5:01:87:f2:e4:c4:0a:e6:3a:5e:42:d1:
77:97:95:25:04:97:72:04:90:9b:92:90:46:15:b6:
fd:9c:6d:99:4c:6e:5e:d1:54:62:c4:14:30:6e:53:
a1:2d:8b:41:0c:14:2c:76:00:da:69:57:6d:55:0e:
33:e9:1f:ae:39:db:bf:44:b6:ab:0c:24:b3:9c:a1:
3f:44:a6:a8:79:b3:dc:46:0a:04:bb:ea:ee:a5:9e:
c2:e8:da:75:7e:cc:00:ca:49:3e:0b:85:b8:23:8a:
e7:fd:7e:c7:78:73:f9:d4:d4:b7:2e:5f:dd:38:68:
9e:6e:d8:cd:31:89:0c:0a:cd:e5:8e:e0:50:22:12:
70:08:db:3b:fe:a4:a9:46:b2:cb:a8:62:11:7d:43:
2b:b7:06:88:38:34:e1:a4:14:6a:bc:71:f6:69:bd:
55:f3:fc:29:0f:2f:a9:bb:ef:92:05:1a:7d:9d:9a:
ac:a7:1c:b0:7e:8b:d1:3e:5f:f2:8d:2c:13:44:2f:
7a:10:73:56:9f:e8:50:b0:1e:52:83:8b:0c:d5:f3:
99:cc:f8:56:c2:45:4e:de:be:5e:8a:66:a1:b8:4b:
10:d3:58:42:b6:17:1f:90:61:d8:6a:e9:d8:ac:0a:
93:28:4b:3f:e9:f8:ef:23:e2:f0:be:95:32:a8:5d:
98:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4F:86:CC:26:40:8C:22:99:E7:C3:C8:97:6A:2C:AD:AC:EF:05:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6af28a08-4ca8-42b3-b693-0c0785677d0b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5000::/40
Signature Algorithm: sha256WithRSAEncryption
51:e8:18:61:71:9c:01:c9:61:20:60:56:bb:cf:50:e6:1e:62:
57:15:80:01:aa:27:64:67:82:dc:f7:59:b9:ec:71:3d:e5:c6:
ea:7e:43:cc:6a:e5:43:12:88:45:6c:ac:6a:70:56:20:ca:11:
a1:8d:90:0f:2f:e7:5b:6c:13:c8:a2:bf:85:3d:8e:ab:41:9c:
8a:60:52:51:f0:78:30:65:75:10:96:0b:3f:20:e5:98:a5:0e:
8e:87:40:98:d4:b9:7d:34:b1:de:f4:3b:e8:95:93:e0:da:5c:
16:5d:11:39:2f:46:b5:f5:6e:0c:bc:2e:e1:4a:34:65:90:58:
dc:b4:79:2f:3c:03:5d:8c:2f:63:8c:90:29:08:c0:e7:ab:73:
2d:14:5a:7a:51:30:53:19:54:61:4a:43:64:55:1b:dc:54:11:
aa:85:56:1a:52:66:57:33:9f:f5:6d:fe:b0:38:74:a1:9b:84:
8d:38:f9:73:07:1b:e0:f7:7e:d2:fe:db:fb:80:e9:16:9e:39:
70:ff:e4:9e:16:63:05:ab:43:e7:62:1a:b0:c2:fe:e3:2f:10:
34:22:8c:bf:e1:00:dc:7c:d9:20:68:af:bf:64:75:4b:91:40:
02:a0:fc:31:eb:7a:04:73:6d:5a:b1:05:3f:ca:d5:9c:fd:c7:
3d:a9:fb:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI3JUNdEyeRwWHjqC0RejPhCHm0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAxNTJaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0MTI0NjAxNTMwMTM4ZjcwNzgwNjk5NWIxODdhODg0NDgzNDhiNjIwZGQ3
YTg2NzQ0MzFiYzc4YWI2MDI4N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/b9QGH8uTECuY6XkLRd5eVJQSXcgSQm5KQRhW2/ZxtmUxuXtFUYsQUMG5T
oS2LQQwULHYA2mlXbVUOM+kfrjnbv0S2qwwks5yhP0SmqHmz3EYKBLvq7qWewuja
dX7MAMpJPguFuCOK5/1+x3hz+dTUty5f3Thonm7YzTGJDArN5Y7gUCIScAjbO/6k
qUayy6hiEX1DK7cGiDg04aQUarxx9mm9VfP8KQ8vqbvvkgUafZ2arKccsH6L0T5f
8o0sE0QvehBzVp/oULAeUoOLDNXzmcz4VsJFTt6+XopmobhLENNYQrYXH5Bh2Grp
2KwKkyhLP+n47yPi8L6VMqhdmPsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT3T4bM
JkCMIpnnw8iXaiytrO8FGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmFmMjhhMDgtNGNhOC00MmIzLWI2OTMtMGMwNzg1Njc3ZDBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBR6BhhcZwByWEgYFa7z1DmHmJXFYABqidkZ4Lc
91m57HE95cbqfkPMauVDEohFbKxqcFYgyhGhjZAPL+dbbBPIor+FPY6rQZyKYFJR
8HgwZXUQlgs/IOWYpQ6Oh0CY1Ll9NLHe9DvolZPg2lwWXRE5L0a19W4MvC7hSjRl
kFjctHkvPANdjC9jjJApCMDnq3MtFFp6UTBTGVRhSkNkVRvcVBGqhVYaUmZXM5/1
bf6wOHShm4SNOPlzBxvg937S/tv7gOkWnjlw/+SeFmMFq0PnYhqwwv7jLxA0Ioy/
4QDcfNkgaK+/ZHVLkUACoPwx63oEc21asQU/ytWc/cc9qfv/
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:53:59 2026 by rpki-client