Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a129e18d-8c22-46bb-a20e-0577b34a9021.roa
File: a129e18d-8c22-46bb-a20e-0577b34a9021.roa (raw, json)
Hash identifier: 2m9YtPvFN+CI0x4QZcE1sLv+BqSJyPXg14+1xyQG2E8=
Subject key identifier: E5:93:6B:A4:B7:AD:E2:9D:6A:9C:92:B8:83:7C:0E:43:50:29:2F:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41E4A4D93B4DFAF51FDA8922290180EE915A9EAA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a129e18d-8c22-46bb-a20e-0577b34a9021.roa
Signing time: Sun 31 May 2026 01:00:54 +0000
ROA not before: Sun 31 May 2026 01:00:54 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:e4:a4:d9:3b:4d:fa:f5:1f:da:89:22:29:01:80:ee:91:5a:9e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:54 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=b9ff0c01ab92beb91362b5cd665b322bd98b4bf416a124bfd0b5ee4550c4cdd8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:35:48:e8:97:23:44:6d:31:f2:76:4b:0c:94:
a5:c6:90:bc:13:b9:43:68:34:c7:22:29:ec:39:16:
29:11:e6:9b:53:5c:06:9f:e1:27:0a:e9:59:ae:d7:
ac:fd:1a:57:63:13:42:04:d3:d5:0b:00:be:b2:72:
82:b5:81:b8:db:68:67:0b:52:ed:01:7e:4a:72:e1:
94:ab:94:a0:24:d1:c8:20:6a:d3:9a:df:80:4d:b5:
12:86:0f:cd:c2:b6:fb:db:6f:2e:27:7c:6f:f5:2f:
cd:f0:23:65:f7:e5:70:d2:31:57:05:d5:85:f2:19:
e6:22:60:07:b8:ed:5c:99:5f:08:cf:72:9f:7c:da:
80:d5:c1:bb:95:1a:07:1b:fa:6d:e9:11:51:a6:0d:
de:90:50:2d:be:e9:a0:57:f0:50:2e:6d:8e:3a:16:
38:f2:12:1d:b4:fa:e9:f2:c8:47:14:cb:8c:e4:15:
e8:d5:67:58:1c:bd:4c:b7:8b:7d:fc:f1:3f:dd:27:
a2:12:61:8a:a5:ec:b3:7b:ea:a7:95:06:a8:a1:f4:
49:76:86:12:e3:3a:67:0f:d0:28:2f:91:1f:47:1a:
f4:55:e3:b8:76:56:cd:6c:d3:d5:76:c3:18:26:ef:
f6:d4:90:81:dd:67:63:f7:c7:ff:17:f9:cc:d0:a5:
37:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:93:6B:A4:B7:AD:E2:9D:6A:9C:92:B8:83:7C:0E:43:50:29:2F:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a129e18d-8c22-46bb-a20e-0577b34a9021.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
8c:a0:27:4e:d3:1e:0d:30:bf:ad:30:ff:10:e7:d9:b4:53:d3:
2c:12:97:f1:31:fb:a3:d1:4f:77:c1:05:80:8d:e6:7f:4e:3c:
b4:74:d8:b1:4c:0a:23:6d:5b:04:29:45:36:00:ce:c9:a1:77:
99:cd:b5:e9:65:bf:9c:f2:bf:b2:fd:15:db:40:38:6d:f4:cb:
a3:eb:3b:92:07:cf:83:e7:4a:bc:dd:70:94:23:d3:23:f8:b7:
f1:17:27:7a:02:26:dd:19:9b:9c:ef:44:c1:84:5b:4a:ed:ca:
05:fe:e2:e9:74:08:3b:48:0e:1c:25:c8:49:21:0e:8d:39:46:
f0:1c:dc:3e:37:bf:16:c8:64:7b:75:c0:84:0c:68:a3:0d:46:
4a:8e:19:ac:40:4e:d3:e9:67:f3:e5:bf:1b:65:39:23:9d:df:
1f:0f:af:9e:f8:1b:2d:5f:9a:50:88:51:ca:c1:0f:5d:dc:29:
26:55:31:3c:24:ce:c3:2b:79:23:05:2d:39:b7:c0:bd:ec:80:
ab:03:7d:9e:8e:ff:40:90:e5:75:62:3b:e9:dd:aa:b1:06:2a:
03:a1:4f:b9:be:f9:b5:fd:76:78:6b:d6:eb:cc:17:4f:18:b3:
f4:49:08:ff:b5:dc:d8:60:f7:f9:ec:0d:27:dd:7c:8e:b4:6b:
16:2e:60:e9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQeSk2TtN+vUf2okiKQGA7pFanqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwNTRaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5ZmYwYzAxYWI5MmJlYjkxMzYyYjVjZDY2NWIzMjJiZDk4YjRiZjQxNmEx
MjRiZmQwYjVlZTQ1NTBjNGNkZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL81SOiXI0RtMfJ2SwyUpcaQvBO5Q2g0xyIp7DkWKRHmm1NcBp/hJwrpWa7X
rP0aV2MTQgTT1QsAvrJygrWBuNtoZwtS7QF+SnLhlKuUoCTRyCBq05rfgE21EoYP
zcK2+9tvLid8b/UvzfAjZfflcNIxVwXVhfIZ5iJgB7jtXJlfCM9yn3zagNXBu5Ua
Bxv6bekRUaYN3pBQLb7poFfwUC5tjjoWOPISHbT66fLIRxTLjOQV6NVnWBy9TLeL
ffzxP90nohJhiqXss3vqp5UGqKH0SXaGEuM6Zw/QKC+RH0ca9FXjuHZWzWzT1XbD
GCbv9tSQgd1nY/fH/xf5zNClN9UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTlk2uk
t63inWqckriDfA5DUCkvVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTEyOWUxOGQtOGMyMi00NmJiLWEyMGUtMDU3N2IzNGE5MDIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Frg
wDANBgkqhkiG9w0BAQsFAAOCAQEAjKAnTtMeDTC/rTD/EOfZtFPTLBKX8TH7o9FP
d8EFgI3mf048tHTYsUwKI21bBClFNgDOyaF3mc216WW/nPK/sv0V20A4bfTLo+s7
kgfPg+dKvN1wlCPTI/i38RcnegIm3RmbnO9EwYRbSu3KBf7i6XQIO0gOHCXISSEO
jTlG8BzcPje/Fshke3XAhAxoow1GSo4ZrEBO0+ln8+W/G2U5I53fHw+vnvgbLV+a
UIhRysEPXdwpJlUxPCTOwyt5IwUtObfAveyAqwN9no7/QJDldWI76d2qsQYqA6FP
ub75tf12eGvW68wXTxiz9EkI/7Xc2GD3+ewNJ918jrRrFi5g6Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:42:37 2026 by rpki-client