Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
File: 72c1c04d-5c77-431c-825c-1633fac1964d.roa (raw, json)
Hash identifier: eNwG8Vi4yy5vAoKi064T/xRAD8QldYMQHkLQdswBcVw=
Subject key identifier: CD:CB:39:63:DF:9F:E5:84:9C:F5:D8:86:23:A1:73:33:3D:54:A7:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72F5FD6C607B3D3AF02751544BEF8A0A6529118F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
Signing time: Tue 19 May 2026 05:40:53 +0000
ROA not before: Tue 19 May 2026 05:40:53 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8030::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:f5:fd:6c:60:7b:3d:3a:f0:27:51:54:4b:ef:8a:0a:65:29:11:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:53 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=093843e5dfad6798686ec68fd7575f03b708cbe650e3e8ff8910e5fdec175338, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:38:df:b8:79:ed:35:2a:30:5e:78:0b:d4:a5:
45:3a:c8:68:11:83:bd:c5:13:5f:1f:be:eb:04:87:
cd:64:c2:32:4c:0d:81:a2:7c:70:f9:44:4a:4e:b8:
90:42:8f:f3:e1:44:d9:f6:de:db:be:6c:04:f0:e5:
68:d1:14:62:10:8f:78:20:48:46:08:34:74:f1:7d:
f8:d1:a2:c1:55:c8:4c:e5:51:94:b9:ee:82:77:92:
03:5d:40:0c:db:40:7b:f1:92:ec:8b:50:d4:d3:ff:
4f:61:0c:e7:ac:6c:db:94:af:4c:cf:09:1f:8c:27:
ff:bc:76:41:af:b0:42:ab:fa:55:da:dc:fc:31:e6:
fd:c9:3f:b9:9b:92:e2:75:19:ea:d2:ac:8f:86:f6:
f4:7c:8c:1e:27:ff:1a:02:bf:4d:9e:f3:cf:bd:c9:
29:0d:d8:da:75:e3:3b:69:52:87:7a:95:96:88:8e:
c1:61:98:2f:65:f6:78:34:1b:da:9e:69:b7:23:95:
4a:71:86:d6:7f:2f:07:e2:07:b7:d5:4d:15:34:4f:
4a:60:15:44:15:7a:9f:fb:7a:5b:95:19:ee:ae:a7:
fa:ad:c9:e2:b6:87:a5:c6:d7:72:e1:b6:5d:f2:87:
ad:d3:ad:60:3c:77:e4:cd:43:12:62:c5:f3:ec:aa:
4c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CB:39:63:DF:9F:E5:84:9C:F5:D8:86:23:A1:73:33:3D:54:A7:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8030::/48
Signature Algorithm: sha256WithRSAEncryption
8c:de:c7:7a:4d:96:e6:5b:4c:b2:a3:58:1b:df:59:5c:85:e2:
03:8e:5d:4a:66:14:79:a2:32:1a:c3:be:ca:44:b5:7b:62:3a:
9c:64:18:b1:af:b9:4b:56:de:6b:aa:fb:6e:df:c6:f5:11:22:
f8:1b:9d:48:f4:bc:1d:2b:c2:23:d9:c7:14:5e:73:3e:97:6b:
7b:a0:7d:75:28:70:7e:a0:c6:4f:35:6c:00:c1:bf:88:d3:e3:
a7:35:64:e6:1a:e8:50:28:a5:8d:ca:b4:9c:3d:8e:46:e9:c7:
70:0c:f9:88:57:e4:a3:c5:44:f3:18:fe:5d:44:eb:0b:12:91:
83:6c:e9:c8:51:37:72:d0:82:51:6b:da:a3:e2:72:dd:9c:fb:
48:df:cc:d3:96:ce:33:a4:f0:59:bf:46:1a:7a:83:2e:02:3a:
6c:f1:04:d1:a0:51:0b:4e:75:1f:7c:2f:42:6e:d9:df:45:f1:
ec:7a:ef:2c:56:62:82:ee:b5:cd:24:22:79:bc:56:18:8f:f2:
a8:5f:89:fd:d4:6a:73:de:09:71:5a:33:de:e8:1c:70:ba:a9:
87:48:41:4e:91:e3:12:2b:48:1f:07:75:d2:ab:b7:8a:d8:ad:
35:78:c5:e8:87:13:96:1d:06:a8:21:e3:56:9c:f1:5a:c9:a6:
57:d2:c7:5c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcvX9bGB7PTrwJ1FUS++KCmUpEY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNTNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5Mzg0M2U1ZGZhZDY3OTg2ODZlYzY4ZmQ3NTc1ZjAzYjcwOGNiZTY1MGUz
ZThmZjg5MTBlNWZkZWMxNzUzMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4437h57TUqMF54C9SlRTrIaBGDvcUTXx++6wSHzWTCMkwNgaJ8cPlESk64
kEKP8+FE2fbe275sBPDlaNEUYhCPeCBIRgg0dPF9+NGiwVXITOVRlLnugneSA11A
DNtAe/GS7ItQ1NP/T2EM56xs25SvTM8JH4wn/7x2Qa+wQqv6Vdrc/DHm/ck/uZuS
4nUZ6tKsj4b29HyMHif/GgK/TZ7zz73JKQ3Y2nXjO2lSh3qVloiOwWGYL2X2eDQb
2p5ptyOVSnGG1n8vB+IHt9VNFTRPSmAVRBV6n/t6W5UZ7q6n+q3J4raHpcbXcuG2
XfKHrdOtYDx35M1DEmLF8+yqTKcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTNyzlj
35/lhJz12IYjoXMzPVSn3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJjMWMwNGQtNWM3Ny00MzFjLTgyNWMtMTYzM2ZhYzE5NjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
MDANBgkqhkiG9w0BAQsFAAOCAQEAjN7Hek2W5ltMsqNYG99ZXIXiA45dSmYUeaIy
GsO+ykS1e2I6nGQYsa+5S1bea6r7bt/G9REi+BudSPS8HSvCI9nHFF5zPpdre6B9
dShwfqDGTzVsAMG/iNPjpzVk5hroUCiljcq0nD2ORunHcAz5iFfko8VE8xj+XUTr
CxKRg2zpyFE3ctCCUWvao+Jy3Zz7SN/M05bOM6TwWb9GGnqDLgI6bPEE0aBRC051
H3wvQm7Z30Xx7HrvLFZigu61zSQiebxWGI/yqF+J/dRqc94JcVoz3ugccLqph0hB
TpHjEitIHwd10qu3ititNXjF6IcTlh0GqCHjVpzxWsmmV9LHXA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:23 2026 by rpki-client