Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
File: 76526233-4062-463b-bfd0-bbe1d12891fa.roa (raw, json)
Hash identifier: s4GjF1A/ZTdFRfrys+D2jYOAQhZ7dLhK/pzcreRvOpE=
Subject key identifier: 65:97:BC:6F:B3:1B:68:C0:DE:8A:42:36:B1:EC:9E:E6:7C:59:D0:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 438C22DFCB914B5B2918EC1C575B902ACDAA1C5E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
Signing time: Fri 15 May 2026 03:50:10 +0000
ROA not before: Fri 15 May 2026 03:50:10 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:8c:22:df:cb:91:4b:5b:29:18:ec:1c:57:5b:90:2a:cd:aa:1c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 03:50:10 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=7f511ca7e474a6c42cb46143fe99c4212328ae17d3744f3d389a1bd4c8e4ae1f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:02:3e:a8:19:52:1d:4a:eb:91:2c:15:8f:79:
a1:7f:e0:b2:81:30:91:f8:d0:ab:6c:89:b6:a5:88:
35:3a:22:75:e8:b9:9c:d4:61:e2:30:15:e6:83:ba:
38:d4:b0:70:2d:9f:f2:87:ad:f3:38:7d:93:8f:10:
28:58:71:cd:7f:3c:a0:fa:56:ea:e6:bb:06:f5:e5:
78:a4:ab:9c:17:33:d2:54:f0:5c:df:5e:af:88:fb:
7b:a1:06:f5:ef:17:22:e6:5f:72:4b:21:6d:fb:29:
62:35:1f:ae:07:bd:96:4f:61:6d:b6:44:76:3d:8c:
24:02:5f:b4:01:d8:df:39:8c:b2:b1:70:d7:d9:c3:
b7:f6:2c:ef:8c:3b:cf:a1:2b:52:ed:ec:4c:97:b1:
29:9a:4f:90:b6:ea:c4:b7:8e:09:9b:d7:24:54:8c:
70:06:35:2e:37:46:96:6e:06:a7:4d:fe:1a:25:ff:
bc:5e:9c:04:01:3f:bc:f3:0e:cd:65:f3:a7:77:6e:
64:15:28:5b:75:b6:e1:6c:e7:00:de:c1:d3:ec:28:
37:a8:27:f0:4f:79:57:77:e7:23:aa:df:5f:d2:d4:
02:17:61:eb:6a:55:85:28:cf:03:42:ed:6b:5d:1d:
f2:2b:02:a0:a0:8d:29:74:dc:51:13:ed:b7:ec:39:
60:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:97:BC:6F:B3:1B:68:C0:DE:8A:42:36:B1:EC:9E:E6:7C:59:D0:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4010::/48
Signature Algorithm: sha256WithRSAEncryption
84:b6:62:4b:67:49:5e:53:ad:15:1e:d0:ec:e2:c6:2c:d7:1a:
aa:ae:9e:2a:3a:2b:15:75:81:f7:6e:95:e6:40:32:3c:17:28:
1b:8f:74:cd:49:d9:1f:ef:48:79:fb:d6:27:95:1f:9e:ab:85:
16:25:a6:7b:80:21:5f:37:52:8a:c3:32:d4:e4:bc:1e:c1:3e:
c9:fc:7f:5e:5e:bb:02:ae:5e:eb:44:44:4f:82:4f:7b:68:4d:
ff:81:67:cc:db:1d:c6:cc:2c:b9:44:7e:72:65:9b:b2:ea:eb:
f8:94:c0:0f:3c:ce:2e:86:9f:60:d8:73:0b:11:1b:ac:76:af:
20:37:b9:cf:6d:f1:bf:cc:92:03:d3:9d:21:83:c0:81:61:b2:
70:eb:63:8e:52:02:c9:6a:81:f9:11:d0:12:3a:17:55:94:9b:
0c:b4:45:f4:33:f8:aa:38:f1:02:9e:19:86:7d:91:41:cd:47:
5e:79:bc:cf:d2:d3:f6:9e:cc:d8:f7:00:a8:3b:99:d0:ee:c6:
b6:71:74:39:f8:d0:db:4c:c8:9f:f5:8a:5d:a1:f4:cf:13:91:
67:1d:eb:2d:31:b3:10:d6:18:99:83:51:fe:dc:e1:7c:ec:e4:
af:63:09:4c:7f:52:7b:bf:02:1d:0c:be:fb:86:81:9c:78:b4:
34:62:45:9a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ4wi38uRS1spGOwcV1uQKs2qHF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMzUwMTBaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNTExY2E3ZTQ3NGE2YzQyY2I0NjE0M2ZlOTljNDIxMjMyOGFlMTdkMzc0
NGYzZDM4OWExYmQ0YzhlNGFlMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0CPqgZUh1K65EsFY95oX/gsoEwkfjQq2yJtqWINToidei5nNRh4jAV5oO6
ONSwcC2f8oet8zh9k48QKFhxzX88oPpW6ua7BvXleKSrnBcz0lTwXN9er4j7e6EG
9e8XIuZfckshbfspYjUfrge9lk9hbbZEdj2MJAJftAHY3zmMsrFw19nDt/Ys74w7
z6ErUu3sTJexKZpPkLbqxLeOCZvXJFSMcAY1LjdGlm4Gp03+GiX/vF6cBAE/vPMO
zWXzp3duZBUoW3W24WznAN7B0+woN6gn8E95V3fnI6rfX9LUAhdh62pVhSjPA0Lt
a10d8isCoKCNKXTcURPtt+w5YIECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRll7xv
sxtowN6KQjax7J7mfFnQ/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY1MjYyMzMtNDA2Mi00NjNiLWJmZDAtYmJlMWQxMjg5MWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
EDANBgkqhkiG9w0BAQsFAAOCAQEAhLZiS2dJXlOtFR7Q7OLGLNcaqq6eKjorFXWB
926V5kAyPBcoG490zUnZH+9IefvWJ5UfnquFFiWme4AhXzdSisMy1OS8HsE+yfx/
Xl67Aq5e60RET4JPe2hN/4FnzNsdxswsuUR+cmWbsurr+JTADzzOLoafYNhzCxEb
rHavIDe5z23xv8ySA9OdIYPAgWGycOtjjlICyWqB+RHQEjoXVZSbDLRF9DP4qjjx
Ap4Zhn2RQc1HXnm8z9LT9p7M2PcAqDuZ0O7GtnF0OfjQ20zIn/WKXaH0zxORZx3r
LTGzENYYmYNR/tzhfOzkr2MJTH9Se78CHQy++4aBnHi0NGJFmg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:58 2026 by rpki-client