Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json)
Hash identifier: HVbpN7Lwk0OEOOA8iAh2ot0dx938KertDtqrAiSn8IY=
Subject key identifier: 45:E5:23:1B:64:8D:0A:C2:AE:17:4E:96:B9:3E:B7:6B:6D:96:B6:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07AA434F7649A7A1566AF2CDEED90B41BE5C206B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
Signing time: Tue 19 May 2026 05:10:42 +0000
ROA not before: Tue 19 May 2026 05:10:42 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:aa:43:4f:76:49:a7:a1:56:6a:f2:cd:ee:d9:0b:41:be:5c:20:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:42 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=c75bab8fcf23d4130957f3631589b01c0af00abac871a08cbddddc98eafb4d47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:dc:63:f7:bd:42:8a:77:b3:55:a1:94:07:01:
71:c4:43:a0:ef:2e:26:c9:d9:f1:68:07:a6:00:78:
ad:6e:4d:ee:04:f4:40:f9:b3:18:e6:c3:b7:69:1e:
49:84:95:71:43:f1:9c:76:a5:ab:71:23:6b:03:cd:
d5:5f:38:b3:96:0b:09:3e:7a:ae:a6:c7:33:fd:35:
15:bb:fc:f7:c7:e3:95:c0:83:66:a8:b8:67:f1:e5:
81:3b:43:76:9d:d7:b7:0f:c5:9f:8b:ac:41:90:d1:
f6:bb:ff:ff:da:c7:41:67:24:a0:d7:2b:0d:c7:bf:
ad:b6:c7:8a:ba:bd:8f:a4:e0:bc:3b:97:41:b5:5c:
0d:62:69:03:81:a0:4b:4d:15:f3:09:14:d5:f1:e1:
28:b5:21:e3:82:1f:33:f3:2b:8d:28:4b:b1:d3:f0:
3d:88:a7:a0:d0:36:31:3d:d0:fc:bd:3c:0e:ae:aa:
f1:db:44:14:d8:dd:94:d6:47:f2:23:af:bc:2c:c0:
f8:62:f3:01:0f:05:87:87:e3:f8:44:8a:2c:34:52:
a9:e1:8c:f5:40:f9:2b:4f:f4:fc:c4:d3:aa:2e:3a:
03:04:bb:0c:f6:f2:c6:67:26:d4:c0:41:a5:1e:f3:
dd:b1:0d:59:aa:de:69:f0:22:d8:91:8b:a4:5c:5b:
ca:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E5:23:1B:64:8D:0A:C2:AE:17:4E:96:B9:3E:B7:6B:6D:96:B6:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
57:93:ac:a3:df:5e:eb:c9:f4:35:a9:2a:d2:17:68:43:74:77:
cc:10:6f:e0:66:28:05:54:21:73:55:88:02:49:a6:c2:86:0e:
27:da:72:9e:4c:28:97:03:c3:27:ce:94:ba:40:33:b5:55:19:
b2:3e:80:65:0b:07:b6:c6:5b:21:3a:6d:95:ea:52:7b:12:5b:
74:02:57:db:bb:3e:65:26:71:79:ca:a7:3a:e6:c6:48:f9:3f:
d6:ab:6f:53:ee:0c:74:9e:25:e2:54:3b:75:51:67:21:8a:62:
f5:0d:21:2b:ff:17:8d:3d:4c:e3:c4:b2:03:39:43:a5:04:6a:
d6:d1:ec:87:d4:74:d0:99:60:a6:3e:cb:a0:e9:94:4e:78:89:
62:7d:8f:9e:b1:f4:0c:aa:32:4f:15:60:e4:be:f9:3f:e4:27:
44:9d:c0:35:82:b8:fb:fa:b6:41:18:34:b5:f6:89:a1:8c:8c:
67:3b:7b:21:88:c1:a4:94:7d:75:bd:6c:e1:50:2c:c6:4a:2d:
08:d8:aa:56:3d:10:a5:cc:6a:25:9b:12:44:71:1f:e4:bf:2b:
cf:4e:ee:7c:00:e5:6c:46:fc:f2:a8:30:a4:26:dc:a1:97:16:
d1:5d:ef:61:43:bf:6e:3e:e7:7e:01:a7:2b:b4:c6:58:bb:d9:
9d:fc:de:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUB6pDT3ZJp6FWavLN7tkLQb5cIGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwNDJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3NWJhYjhmY2YyM2Q0MTMwOTU3ZjM2MzE1ODliMDFjMGFmMDBhYmFjODcx
YTA4Y2JkZGRkYzk4ZWFmYjRkNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANXcY/e9Qop3s1WhlAcBccRDoO8uJsnZ8WgHpgB4rW5N7gT0QPmzGObDt2ke
SYSVcUPxnHalq3EjawPN1V84s5YLCT56rqbHM/01Fbv898fjlcCDZqi4Z/HlgTtD
dp3Xtw/Fn4usQZDR9rv//9rHQWckoNcrDce/rbbHirq9j6TgvDuXQbVcDWJpA4Gg
S00V8wkU1fHhKLUh44IfM/MrjShLsdPwPYinoNA2MT3Q/L08Dq6q8dtEFNjdlNZH
8iOvvCzA+GLzAQ8Fh4fj+ESKLDRSqeGM9UD5K0/0/MTTqi46AwS7DPbyxmcm1MBB
pR7z3bENWareafAi2JGLpFxbyj8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRF5SMb
ZI0Kwq4XTpa5PrdrbZa2PjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
wDANBgkqhkiG9w0BAQsFAAOCAQEAV5Oso99e68n0Nakq0hdoQ3R3zBBv4GYoBVQh
c1WIAkmmwoYOJ9pynkwolwPDJ86UukAztVUZsj6AZQsHtsZbITptlepSexJbdAJX
27s+ZSZxecqnOubGSPk/1qtvU+4MdJ4l4lQ7dVFnIYpi9Q0hK/8XjT1M48SyAzlD
pQRq1tHsh9R00Jlgpj7LoOmUTniJYn2PnrH0DKoyTxVg5L75P+QnRJ3ANYK4+/q2
QRg0tfaJoYyMZzt7IYjBpJR9db1s4VAsxkotCNiqVj0QpcxqJZsSRHEf5L8rz07u
fADlbEb88qgwpCbcoZcW0V3vYUO/bj7nfgGnK7TGWLvZnfzegw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:14:09 2026 by rpki-client