Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a477d3d-2494-44b6-b75c-003c3fa9ba79.roa
File: 8a477d3d-2494-44b6-b75c-003c3fa9ba79.roa (raw, json)
Hash identifier: Au1CAj642M0SgEWn3XsFU6e4h1fFeP/j2hMeZf0etkk=
Subject key identifier: D0:71:91:E4:89:05:65:10:47:B2:E0:62:08:AC:F1:73:1D:0B:61:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52B9B7782A7F7F581C038877B8E6855235B2C78D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a477d3d-2494-44b6-b75c-003c3fa9ba79.roa
Signing time: Sun 31 May 2026 01:00:29 +0000
ROA not before: Sun 31 May 2026 01:00:29 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:b9:b7:78:2a:7f:7f:58:1c:03:88:77:b8:e6:85:52:35:b2:c7:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:29 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=fe13d368e6af7647cdbfaad4285322ca5a61c4514bd91ca94c6fc9a737247bf5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:37:22:4e:b3:89:42:a7:6f:52:ea:19:6b:78:
53:4b:38:2b:f9:7f:f7:bc:d9:b5:b3:1b:c4:02:15:
29:d3:9f:b7:ba:d0:b0:49:f6:a4:2e:38:8d:8e:4a:
83:cb:6c:45:dc:7c:27:3b:b6:2f:7f:2e:db:78:43:
19:1c:ad:4d:81:74:59:ee:b7:3f:c3:ea:eb:fc:12:
86:f8:0d:ff:21:ac:9e:c9:28:87:3c:f4:8f:0a:17:
44:1e:7a:6c:32:3d:d1:46:43:35:ce:b3:40:13:80:
d2:18:d9:26:4d:ec:c4:dd:51:e2:b4:99:15:93:c9:
ed:8a:71:cd:62:f5:b9:56:fb:e6:da:2d:08:e5:15:
ac:4d:b4:2a:af:71:22:78:34:27:1a:54:eb:84:03:
a9:fa:9a:3a:68:cb:73:5f:ee:ac:32:5f:8c:65:f5:
37:58:0c:11:ea:f7:0c:3d:8a:3e:4e:17:2c:54:e8:
b6:de:54:6f:85:ad:29:47:ee:86:ba:4b:81:37:01:
f6:04:33:c9:3c:bd:56:a4:20:83:2c:e2:a3:c3:68:
3c:f0:12:12:33:66:69:37:a9:01:ef:c5:78:86:59:
00:ec:93:c0:37:fe:87:96:d3:77:2b:c1:6a:e6:24:
aa:27:fa:a0:9d:23:88:d5:ec:e7:80:b1:d9:5c:76:
60:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:71:91:E4:89:05:65:10:47:B2:E0:62:08:AC:F1:73:1D:0B:61:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a477d3d-2494-44b6-b75c-003c3fa9ba79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
b0:c3:98:9a:01:b6:10:42:d3:68:16:09:fb:2a:bc:bb:b7:d7:
9b:c5:06:33:fc:39:25:cd:5a:59:26:d6:c3:a9:3a:d0:1f:a5:
fb:4b:37:40:c5:a4:84:40:ab:a6:0b:94:3e:ad:ca:48:05:b9:
e5:4b:1f:f8:19:aa:7d:e6:9e:41:5e:8d:fb:e2:64:43:7c:af:
76:74:f2:d5:ef:0f:f7:f4:9e:60:d3:ea:14:50:18:0e:cc:14:
0a:11:b8:d8:75:f1:77:4d:d9:d4:b0:76:e1:df:2e:89:30:3b:
8d:a1:00:48:db:cb:71:24:de:a0:cc:9f:2f:fb:ac:fa:f0:79:
24:5e:de:14:f2:ce:27:a0:09:82:29:7e:07:c6:a4:f4:2a:12:
e4:0f:aa:06:cf:c7:37:7a:18:7c:e6:a9:1e:f7:61:46:a2:ec:
fa:c3:2d:c2:25:2d:fc:b7:9b:68:ec:29:60:16:f4:50:1d:62:
27:84:0a:e5:43:86:6a:62:a8:5e:dd:ef:e2:4a:69:55:48:75:
68:5c:07:66:e6:b8:08:a9:80:51:2f:64:a5:08:18:74:35:e4:
2a:db:92:35:4e:3c:72:dc:38:92:7a:87:e9:45:5c:82:13:f9:
e4:3c:cb:e9:f7:d9:b4:0e:1b:55:61:4f:70:1a:f9:8c:b2:d7:
14:b1:32:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUrm3eCp/f1gcA4h3uOaFUjWyx40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwMjlaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlMTNkMzY4ZTZhZjc2NDdjZGJmYWFkNDI4NTMyMmNhNWE2MWM0NTE0YmQ5
MWNhOTRjNmZjOWE3MzcyNDdiZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKc3Ik6ziUKnb1LqGWt4U0s4K/l/97zZtbMbxAIVKdOft7rQsEn2pC44jY5K
g8tsRdx8Jzu2L38u23hDGRytTYF0We63P8Pq6/wShvgN/yGsnskohzz0jwoXRB56
bDI90UZDNc6zQBOA0hjZJk3sxN1R4rSZFZPJ7YpxzWL1uVb75totCOUVrE20Kq9x
Ing0JxpU64QDqfqaOmjLc1/urDJfjGX1N1gMEer3DD2KPk4XLFTott5Ub4WtKUfu
hrpLgTcB9gQzyTy9VqQggyzio8NoPPASEjNmaTepAe/FeIZZAOyTwDf+h5bTdyvB
auYkqif6oJ0jiNXs54Cx2Vx2YAUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTQcZHk
iQVlEEey4GIIrPFzHQthdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGE0NzdkM2QtMjQ5NC00NGI2LWI3NWMtMDAzYzNmYTliYTc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H2g
wDANBgkqhkiG9w0BAQsFAAOCAQEAsMOYmgG2EELTaBYJ+yq8u7fXm8UGM/w5Jc1a
WSbWw6k60B+l+0s3QMWkhECrpguUPq3KSAW55Usf+BmqfeaeQV6N++JkQ3yvdnTy
1e8P9/SeYNPqFFAYDswUChG42HXxd03Z1LB24d8uiTA7jaEASNvLcSTeoMyfL/us
+vB5JF7eFPLOJ6AJgil+B8ak9CoS5A+qBs/HN3oYfOapHvdhRqLs+sMtwiUt/Leb
aOwpYBb0UB1iJ4QK5UOGamKoXt3v4kppVUh1aFwHZua4CKmAUS9kpQgYdDXkKtuS
NU48ctw4knqH6UVcghP55DzL6ffZtA4bVWFPcBr5jLLXFLEylw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:44 2026 by rpki-client