Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
File: 7d5bbe6e-da67-4af0-af12-c86f93a16721.roa (raw, json)
Hash identifier: O/a1CT+RhC8OHqDbXlCeJXvSt9hrmbLKO952QZfUrK4=
Subject key identifier: D6:97:7C:CB:02:0F:83:55:A5:5C:77:33:CA:F4:9A:62:75:43:BC:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47212B9FB141FDFC3CC70BDFC5FB775A448F33BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
Signing time: Tue 19 May 2026 04:30:27 +0000
ROA not before: Tue 19 May 2026 04:30:27 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:21:2b:9f:b1:41:fd:fc:3c:c7:0b:df:c5:fb:77:5a:44:8f:33:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:27 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=5792d8cf5fb0a0982dab5ddf4918ece4a22b0f1357d4a90e1f3b64abbc8a9a90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:bf:e1:a8:b1:05:bb:db:76:4c:4d:46:22:2d:
4e:b7:58:34:15:40:aa:8f:fc:5f:4c:a4:e8:a2:a3:
6c:8c:ad:12:d0:74:b2:86:3a:de:81:c4:03:aa:b5:
24:e8:41:8f:11:65:40:80:a2:73:4b:5d:84:a7:5d:
66:9d:fc:98:4a:81:6e:77:3f:3c:75:53:68:35:92:
d0:d2:8c:e2:16:1b:9b:39:dc:59:41:77:46:52:92:
0d:0f:dd:78:a7:89:81:12:40:ea:a4:83:fd:72:e4:
b9:c7:a5:87:a3:eb:40:c9:7c:e8:3b:e4:93:98:23:
aa:fc:8e:db:7c:12:15:36:54:93:9d:59:20:99:e0:
99:52:a2:99:b3:54:61:73:cd:85:dc:31:24:8b:09:
ca:74:5f:82:6f:09:28:1b:31:e9:59:ce:3d:1a:8e:
a7:0a:4a:35:c2:52:ba:ef:4e:37:66:d8:d7:9c:a3:
74:6b:74:4b:8e:ed:93:89:d6:67:37:ad:3e:f8:10:
9b:b9:a4:16:71:bd:9f:ec:3c:bc:0b:20:e7:31:a3:
5a:6b:3a:70:27:a5:76:3d:00:33:d9:88:f9:60:b2:
0e:b5:54:f4:80:59:e5:e9:b3:4c:6c:2f:52:43:22:
24:7b:e4:4f:fe:71:27:60:b8:e3:ab:ec:2e:09:0a:
80:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:97:7C:CB:02:0F:83:55:A5:5C:77:33:CA:F4:9A:62:75:43:BC:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a9:5f:4b:09:ac:66:78:e6:d1:89:a5:7e:f7:6c:a0:e0:9e:12:
cf:06:37:b2:ca:38:e4:f9:51:12:45:d1:75:af:86:ed:8f:a5:
f8:c5:1e:59:58:d3:7a:4c:c2:3e:06:35:d4:0c:fa:49:44:e9:
1e:a9:c2:ff:34:8f:9a:ed:5d:51:81:22:09:b8:15:b2:0c:25:
d0:ad:00:14:7a:89:cb:0d:c7:96:b5:80:1a:55:90:f6:9d:e2:
93:6a:a5:79:71:24:d6:2e:6e:5c:50:d6:dc:71:ec:fa:4d:78:
ae:03:a1:e3:c0:53:d2:90:52:c5:98:0e:74:1b:48:21:ce:57:
a5:18:7f:63:e1:3b:6c:87:71:c7:17:f9:d1:5f:29:88:93:16:
22:5b:ef:ca:a1:03:7e:c6:2a:3d:87:0c:5b:74:ad:4a:8b:11:
e3:18:b6:78:d9:3b:04:44:1a:93:a6:1f:70:04:64:95:d9:67:
ff:e0:b7:e3:3b:cf:a2:27:81:6f:b4:fa:67:2c:79:b9:28:a4:
0e:91:2f:5b:49:e6:f7:08:03:a0:32:70:dc:06:83:cd:5d:da:
f0:13:57:07:8f:27:c5:b6:66:f9:c0:a0:7a:af:4c:b7:5d:68:
92:61:25:06:01:45:1f:40:b6:2f:cb:ea:6f:4d:7d:0d:7c:ec:
ac:53:1f:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURyErn7FB/fw8xwvfxft3WkSPM7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMjdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3OTJkOGNmNWZiMGEwOTgyZGFiNWRkZjQ5MThlY2U0YTIyYjBmMTM1N2Q0
YTkwZTFmM2I2NGFiYmM4YTlhOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOK/4aixBbvbdkxNRiItTrdYNBVAqo/8X0yk6KKjbIytEtB0soY63oHEA6q1
JOhBjxFlQICic0tdhKddZp38mEqBbnc/PHVTaDWS0NKM4hYbmzncWUF3RlKSDQ/d
eKeJgRJA6qSD/XLkucelh6PrQMl86Dvkk5gjqvyO23wSFTZUk51ZIJngmVKimbNU
YXPNhdwxJIsJynRfgm8JKBsx6VnOPRqOpwpKNcJSuu9ON2bY15yjdGt0S47tk4nW
ZzetPvgQm7mkFnG9n+w8vAsg5zGjWms6cCeldj0AM9mI+WCyDrVU9IBZ5emzTGwv
UkMiJHvkT/5xJ2C446vsLgkKgCsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWl3zL
Ag+DVaVcdzPK9JpidUO8MjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Q1YmJlNmUtZGE2Ny00YWYwLWFmMTItYzg2ZjkzYTE2NzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9g
MA0GCSqGSIb3DQEBCwUAA4IBAQCpX0sJrGZ45tGJpX73bKDgnhLPBjeyyjjk+VES
RdF1r4btj6X4xR5ZWNN6TMI+BjXUDPpJROkeqcL/NI+a7V1RgSIJuBWyDCXQrQAU
eonLDceWtYAaVZD2neKTaqV5cSTWLm5cUNbccez6TXiuA6HjwFPSkFLFmA50G0gh
zlelGH9j4Ttsh3HHF/nRXymIkxYiW+/KoQN+xio9hwxbdK1KixHjGLZ42TsERBqT
ph9wBGSV2Wf/4LfjO8+iJ4FvtPpnLHm5KKQOkS9bSeb3CAOgMnDcBoPNXdrwE1cH
jyfFtmb5wKB6r0y3XWiSYSUGAUUfQLYvy+pvTX0NfOysUx9O
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:25 2026 by rpki-client