Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
File: 6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa (raw, json)
Hash identifier: TxUWzgioxdT7PHlTZaHtV/fANjWXPn32q3DpvjxJoqQ=
Subject key identifier: D7:92:14:72:52:F7:0D:B6:C0:CB:1C:65:F1:A2:DF:49:7F:2C:3C:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DFA1B657896A5DF7D581420C4772F2371B2423D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
Signing time: Tue 19 May 2026 05:00:52 +0000
ROA not before: Tue 19 May 2026 05:00:52 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:fa:1b:65:78:96:a5:df:7d:58:14:20:c4:77:2f:23:71:b2:42:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:52 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=1fac9f57e85f0aaf5e77bfebe2172ed67305d90b8a45ff6d41ac729f58b180f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:93:9e:27:6f:bd:2a:97:8d:c3:9c:77:dc:48:
2b:28:2b:4c:2f:89:97:f5:f7:00:09:56:7a:c2:bb:
9c:d0:b4:96:77:63:e2:23:17:18:e1:62:60:07:81:
c2:62:7d:dd:b0:1b:f5:30:2e:b3:ea:22:f2:d3:8a:
f1:86:66:82:3c:85:fc:74:09:0b:a3:5f:7e:6f:5f:
3c:e0:dd:d4:0f:37:22:b0:a6:e4:87:49:de:e9:86:
18:05:02:2d:94:75:f5:c1:83:4c:b1:71:2e:44:61:
69:d6:d8:f8:32:1c:d4:99:6f:3c:73:72:87:56:e8:
be:f5:d7:a3:d7:e4:f4:e4:aa:e3:89:0d:ce:9d:65:
83:75:0b:b7:94:d6:dd:3b:fb:e6:99:29:c3:99:df:
0b:80:55:e4:60:b6:04:66:66:97:1a:25:ea:39:9b:
71:5c:a8:ce:6e:9b:86:59:0a:0e:18:ed:cc:f5:75:
47:54:aa:6e:94:23:ab:86:ac:56:63:9b:ef:bb:0e:
84:3e:d6:61:d6:45:37:b4:fe:21:7e:ca:e2:50:74:
64:5d:1c:e6:68:94:68:14:da:ff:53:a7:cd:49:70:
8e:c4:68:df:e7:52:37:21:28:bb:c8:fc:18:27:90:
0b:13:04:aa:1b:7a:c7:92:83:27:92:a0:d7:eb:5c:
f1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:92:14:72:52:F7:0D:B6:C0:CB:1C:65:F1:A2:DF:49:7F:2C:3C:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2080::/48
Signature Algorithm: sha256WithRSAEncryption
6e:ad:4d:2d:42:c1:18:09:4b:07:b6:e1:05:06:13:91:0d:33:
a2:57:c6:3f:ef:ff:3a:0e:2d:8d:b1:5c:00:c5:d3:2e:3f:b1:
8d:43:e3:a5:ae:49:04:78:4d:f1:eb:9d:c2:eb:16:e0:91:56:
61:c2:7d:a1:a9:e1:23:f7:f2:b4:3d:1a:30:82:ed:cf:b1:b8:
05:0f:7a:33:b7:cd:7b:c6:26:c3:0d:20:46:ed:39:ae:aa:96:
7c:f0:50:8d:88:f7:21:06:b9:6c:84:18:d0:0d:39:ce:00:2f:
33:5d:03:93:0f:ef:45:a2:39:f9:35:9d:8c:f2:25:cc:d6:3d:
2e:7b:40:b7:2a:77:8b:86:e4:51:fa:93:02:6b:6e:d7:eb:c6:
65:58:a3:03:42:c3:b3:f7:39:9b:47:d7:db:77:ec:a6:4d:0c:
50:5e:15:a5:50:79:b0:8d:59:86:82:59:98:3a:85:e9:7e:45:
ea:9c:52:59:c4:3c:a0:de:4c:d9:84:cd:77:00:a4:db:97:05:
85:5f:3e:7d:8a:78:95:45:65:1d:c1:ea:57:9e:dd:ea:3c:ab:
c3:94:28:9a:d5:61:0f:83:cc:e1:a1:dd:78:b7:ab:2e:34:cb:
87:d8:53:8a:a5:2d:f3:24:e0:ba:ba:59:de:98:bb:c6:71:7f:
24:95:29:04
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbfobZXiWpd99WBQgxHcvI3GyQj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmYWM5ZjU3ZTg1ZjBhYWY1ZTc3YmZlYmUyMTcyZWQ2NzMwNWQ5MGI4YTQ1
ZmY2ZDQxYWM3MjlmNThiMTgwZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKTnidvvSqXjcOcd9xIKygrTC+Jl/X3AAlWesK7nNC0lndj4iMXGOFiYAeB
wmJ93bAb9TAus+oi8tOK8YZmgjyF/HQJC6Nffm9fPODd1A83IrCm5IdJ3umGGAUC
LZR19cGDTLFxLkRhadbY+DIc1JlvPHNyh1bovvXXo9fk9OSq44kNzp1lg3ULt5TW
3Tv75pkpw5nfC4BV5GC2BGZmlxol6jmbcVyozm6bhlkKDhjtzPV1R1SqbpQjq4as
VmOb77sOhD7WYdZFN7T+IX7K4lB0ZF0c5miUaBTa/1OnzUlwjsRo3+dSNyEou8j8
GCeQCxMEqht6x5KDJ5Kg1+tc8U8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTXkhRy
UvcNtsDLHGXxot9Jfyw8lTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmI0ZjViMDYtZWJkOS00NjczLThkYjEtOGU3MmRmOTljOTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
gDANBgkqhkiG9w0BAQsFAAOCAQEAbq1NLULBGAlLB7bhBQYTkQ0zolfGP+//Og4t
jbFcAMXTLj+xjUPjpa5JBHhN8eudwusW4JFWYcJ9oanhI/fytD0aMILtz7G4BQ96
M7fNe8Ymww0gRu05rqqWfPBQjYj3IQa5bIQY0A05zgAvM10Dkw/vRaI5+TWdjPIl
zNY9LntAtyp3i4bkUfqTAmtu1+vGZVijA0LDs/c5m0fX23fspk0MUF4VpVB5sI1Z
hoJZmDqF6X5F6pxSWcQ8oN5M2YTNdwCk25cFhV8+fYp4lUVlHcHqV57d6jyrw5Qo
mtVhD4PM4aHdeLerLjTLh9hTiqUt8yTgurpZ3pi7xnF/JJUpBA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:50 2026 by rpki-client