Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7faac5a8-c482-4a8a-8670-ed6a8130467d.roa
File: 7faac5a8-c482-4a8a-8670-ed6a8130467d.roa (raw, json)
Hash identifier: JlnpqbwKQpa0Vvv90Owka1FsU5i5DzSjOrAuQwefjuM=
Subject key identifier: 97:1F:16:97:C3:3A:BB:D9:5C:F5:43:EA:99:83:33:81:A6:E9:08:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2081837E238D7405485D58AFCF0076A82435FD4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7faac5a8-c482-4a8a-8670-ed6a8130467d.roa
Signing time: Fri 22 May 2026 16:04:59 +0000
ROA not before: Fri 22 May 2026 16:04:59 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:81:83:7e:23:8d:74:05:48:5d:58:af:cf:00:76:a8:24:35:fd:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:04:59 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=e62bcf7bc58567d3bbb4cd9b6e4602c88cd03720847037fbf0e89a5352efe562, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:31:af:54:41:fe:72:a7:33:09:08:5d:a7:d5:
ac:1d:d9:76:f7:d2:b5:49:0c:c5:78:16:ec:46:08:
c2:bd:2c:40:02:98:50:1c:3f:cf:46:76:b1:16:ab:
18:75:69:c6:60:56:c6:ed:5d:81:42:f9:3d:05:d7:
67:d2:55:01:d6:82:17:4b:3d:c5:c2:12:36:b6:da:
9a:c8:19:75:46:7c:06:3b:8d:22:2b:a8:64:f8:f1:
2d:10:b8:1f:93:a2:2f:57:01:26:be:70:d9:14:64:
91:19:b5:3c:95:d4:f6:26:9f:c2:54:5c:e1:6a:10:
8f:46:a7:64:c1:a4:31:d8:f1:c3:11:d9:96:3b:6a:
50:d1:af:5b:2c:e3:5d:fe:b6:63:d8:a9:38:8e:eb:
fc:43:60:21:8d:0e:74:bc:9a:dd:55:a2:f0:61:19:
27:23:5b:de:18:e3:ee:23:7a:4e:53:b9:93:4e:d3:
c3:1b:1c:08:64:a2:62:fe:6f:9d:26:cf:9b:35:65:
62:1d:fe:b3:b4:b9:d9:14:4e:92:e0:5d:a7:59:39:
10:a5:09:c1:1e:1e:63:fc:a5:39:81:21:2e:d1:1c:
74:db:ac:6d:79:0c:b8:90:41:33:6c:0b:0f:e1:c2:
d5:50:d8:de:cc:a7:3a:a7:c0:9f:44:4b:6a:4f:88:
94:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1F:16:97:C3:3A:BB:D9:5C:F5:43:EA:99:83:33:81:A6:E9:08:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7faac5a8-c482-4a8a-8670-ed6a8130467d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:e080::/48
Signature Algorithm: sha256WithRSAEncryption
1b:b4:b7:7a:17:bf:51:15:71:9e:90:5e:6b:f4:e1:e3:ad:07:
3d:9e:14:10:41:cc:88:9d:90:67:83:d0:6c:fc:f9:be:79:a9:
10:ab:a0:46:78:43:69:dd:68:6b:44:8b:f8:5e:5e:7c:99:76:
e4:1a:bd:02:3a:bb:db:a9:4f:c8:7d:cd:0d:cd:64:86:dc:82:
e5:f2:89:f6:fa:c3:f1:2f:22:08:f4:dd:8f:ae:88:45:86:5e:
ff:a1:fe:c9:9d:fc:08:10:b0:7c:fa:e7:8e:7e:ec:7b:d0:53:
d4:69:9f:7a:4f:df:c5:c9:d5:06:52:3c:fa:5b:76:5a:66:e4:
33:b1:eb:0d:80:a2:7b:48:35:e4:bb:f1:d7:a8:ff:39:f1:c8:
03:55:be:31:94:4d:0f:61:e5:08:6c:da:96:e0:10:9f:a1:43:
7a:7d:ca:52:47:2b:86:ab:b5:72:77:ac:58:73:42:62:9f:ba:
78:5b:a7:71:ce:f4:4d:cc:50:4d:d6:08:88:b5:dc:33:c1:d9:
c8:8a:95:87:77:40:8f:ba:1c:20:ff:9b:fe:b2:8c:d1:16:2e:
5c:a9:76:ba:8b:1a:4f:48:de:ec:b5:a4:48:23:24:1c:af:2c:
fb:35:a3:b1:10:5e:46:ad:20:4b:5a:89:07:49:09:69:b8:3f:
34:f7:a6:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIIGDfiONdAVIXVivzwB2qCQ1/UwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjA0NTlaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2MmJjZjdiYzU4NTY3ZDNiYmI0Y2Q5YjZlNDYwMmM4OGNkMDM3MjA4NDcw
MzdmYmYwZTg5YTUzNTJlZmU1NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsxr1RB/nKnMwkIXafVrB3ZdvfStUkMxXgW7EYIwr0sQAKYUBw/z0Z2sRar
GHVpxmBWxu1dgUL5PQXXZ9JVAdaCF0s9xcISNrbamsgZdUZ8BjuNIiuoZPjxLRC4
H5OiL1cBJr5w2RRkkRm1PJXU9iafwlRc4WoQj0anZMGkMdjxwxHZljtqUNGvWyzj
Xf62Y9ipOI7r/ENgIY0OdLya3VWi8GEZJyNb3hjj7iN6TlO5k07TwxscCGSiYv5v
nSbPmzVlYh3+s7S52RROkuBdp1k5EKUJwR4eY/ylOYEhLtEcdNusbXkMuJBBM2wL
D+HC1VDY3synOqfAn0RLak+IlDUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSXHxaX
wzq72Vz1Q+qZgzOBpukIhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2ZhYWM1YTgtYzQ4Mi00YThhLTg2NzAtZWQ2YTgxMzA0NjdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gjg
gDANBgkqhkiG9w0BAQsFAAOCAQEAG7S3ehe/URVxnpBea/Th460HPZ4UEEHMiJ2Q
Z4PQbPz5vnmpEKugRnhDad1oa0SL+F5efJl25Bq9Ajq726lPyH3NDc1khtyC5fKJ
9vrD8S8iCPTdj66IRYZe/6H+yZ38CBCwfPrnjn7se9BT1Gmfek/fxcnVBlI8+lt2
WmbkM7HrDYCie0g15Lvx16j/OfHIA1W+MZRND2HlCGzaluAQn6FDen3KUkcrhqu1
cnesWHNCYp+6eFuncc70TcxQTdYIiLXcM8HZyIqVh3dAj7ocIP+b/rKM0RYuXKl2
uosaT0je7LWkSCMkHK8s+zWjsRBeRq0gS1qJB0kJabg/NPemOA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:38:13 2026 by rpki-client