Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
File: 7af2d4a0-df22-4933-b605-1ecbbd66f982.roa (raw, json)
Hash identifier: aYYTi22DQKaneCDUAEJY8qSy7DKKQHJn6L3DlzREwY0=
Subject key identifier: DD:2B:28:F5:15:0B:D0:D6:93:55:A4:44:FA:CE:AF:91:AF:8F:A1:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 331B2F62740F898798770E33C98BA7EF6160EB75
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
Signing time: Tue 19 May 2026 04:50:06 +0000
ROA not before: Tue 19 May 2026 04:50:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:1b:2f:62:74:0f:89:87:98:77:0e:33:c9:8b:a7:ef:61:60:eb:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=63f2b9a1a441f806bb8520862ce2300fcdbb7f3b55a770a3867c171465b286ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:26:8e:84:a6:e5:14:4f:3e:e7:bd:8c:ed:3c:
53:ba:72:2c:73:5c:af:64:d0:1d:88:65:8a:c1:a9:
73:ac:8e:d8:2e:cb:39:fb:68:c4:c4:d2:2d:73:bc:
b3:9b:58:f9:5a:fa:3c:0b:0a:9b:7d:0c:0b:72:d8:
6c:bb:50:05:58:f5:c1:9d:0d:a0:cc:97:1d:df:23:
44:7e:fc:24:33:db:ee:e0:69:6f:d2:2b:12:5d:60:
4e:aa:0a:5a:fa:a1:81:f7:57:48:d2:85:26:1d:55:
a4:b7:ad:e3:36:2c:c7:e2:df:8d:ee:2d:81:f0:ac:
99:08:40:9e:c8:03:38:25:70:06:e5:d0:c1:4d:df:
b1:2f:15:0b:a4:d8:3e:5b:75:59:b7:9d:f4:a4:e8:
bf:a5:18:a4:d7:26:d8:72:94:73:68:81:b1:96:f9:
dd:65:96:46:b5:b6:25:00:ae:ef:63:1e:ff:78:5d:
62:75:6a:0c:cf:c6:cd:c2:a6:70:ca:8c:7f:9f:84:
7f:f5:e3:e6:35:ab:94:67:df:31:02:07:2b:82:1d:
2a:29:c9:30:32:01:1e:26:cf:2b:f9:a7:04:56:df:
a5:5b:d5:91:c7:df:0f:8f:bf:1d:b2:f3:a0:c4:98:
53:85:ba:f8:e9:e8:0a:26:12:fb:fe:6a:fb:85:a6:
ec:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2B:28:F5:15:0B:D0:D6:93:55:A4:44:FA:CE:AF:91:AF:8F:A1:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:c00::/38
Signature Algorithm: sha256WithRSAEncryption
ac:76:22:75:79:85:36:18:de:eb:28:07:f7:06:bc:34:4c:69:
61:90:97:a9:1e:a5:9b:83:b4:78:88:0b:f8:70:78:d1:2c:1d:
c8:9e:42:7d:79:f8:8e:de:36:04:e4:30:88:70:dd:21:e5:b8:
7e:76:ca:3b:cb:75:dd:c7:00:1d:d5:fa:66:dd:b0:87:d4:ff:
9e:8e:29:30:16:41:08:fb:70:ae:17:84:ea:4b:1a:cb:64:c0:
67:49:66:57:9c:7a:5b:a4:74:7c:5b:0d:01:6c:e1:92:4e:ac:
e1:4c:93:3e:12:ab:b4:66:c2:05:51:48:5e:ab:ae:89:56:8d:
36:9c:9a:e3:45:55:3a:c5:08:ba:c0:4e:9b:3f:f9:ed:3d:02:
76:bb:e3:cd:17:1b:68:59:3e:18:4e:06:15:a3:5f:6d:d9:6f:
f6:66:30:b2:c4:32:0f:71:44:2d:2b:ce:6b:fd:92:6b:aa:d5:
2c:fd:96:06:6f:2f:2d:7f:eb:9a:e6:6c:ba:d9:7b:99:9c:fa:
a1:f8:b3:19:3b:25:d9:69:92:94:06:a3:33:2a:e3:7c:40:40:
9d:3b:c0:21:9e:80:84:30:a1:d8:f1:db:77:12:40:12:21:7c:
1d:02:fe:64:96:8d:c5:42:bf:f7:b8:20:f1:bf:ab:58:f4:e4:
ca:a1:4e:e0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMxsvYnQPiYeYdw4zyYun72Fg63UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzZjJiOWExYTQ0MWY4MDZiYjg1MjA4NjJjZTIzMDBmY2RiYjdmM2I1NWE3
NzBhMzg2N2MxNzE0NjViMjg2ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUmjoSm5RRPPue9jO08U7pyLHNcr2TQHYhlisGpc6yO2C7LOftoxMTSLXO8
s5tY+Vr6PAsKm30MC3LYbLtQBVj1wZ0NoMyXHd8jRH78JDPb7uBpb9IrEl1gTqoK
WvqhgfdXSNKFJh1VpLet4zYsx+Lfje4tgfCsmQhAnsgDOCVwBuXQwU3fsS8VC6TY
Plt1Wbed9KTov6UYpNcm2HKUc2iBsZb53WWWRrW2JQCu72Me/3hdYnVqDM/GzcKm
cMqMf5+Ef/Xj5jWrlGffMQIHK4IdKinJMDIBHibPK/mnBFbfpVvVkcffD4+/HbLz
oMSYU4W6+OnoCiYS+/5q+4Wm7C8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdKyj1
FQvQ1pNVpET6zq+Rr4+hSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2FmMmQ0YTAtZGYyMi00OTMzLWI2MDUtMWVjYmJkNjZmOTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUM
MA0GCSqGSIb3DQEBCwUAA4IBAQCsdiJ1eYU2GN7rKAf3Brw0TGlhkJepHqWbg7R4
iAv4cHjRLB3InkJ9efiO3jYE5DCIcN0h5bh+dso7y3XdxwAd1fpm3bCH1P+ejikw
FkEI+3CuF4TqSxrLZMBnSWZXnHpbpHR8Ww0BbOGSTqzhTJM+Equ0ZsIFUUheq66J
Vo02nJrjRVU6xQi6wE6bP/ntPQJ2u+PNFxtoWT4YTgYVo19t2W/2ZjCyxDIPcUQt
K85r/ZJrqtUs/ZYGby8tf+ua5my62XuZnPqh+LMZOyXZaZKUBqMzKuN8QECdO8Ah
noCEMKHY8dt3EkASIXwdAv5klo3FQr/3uCDxv6tY9OTKoU7g
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:43:01 2026 by rpki-client