Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
File: a6d14d01-1a1b-448e-bb4a-73279a06c540.roa (raw, json)
Hash identifier: vyKeOG9OKIIWza7/XC5TdlPdhlvnwhJF2/hw2sBfn00=
Subject key identifier: AA:9B:61:93:59:EB:48:91:D9:FB:00:FB:B2:83:21:FC:9A:7A:15:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BF625932EFBFEF450C1A3EFEC796D5143DF64B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
Signing time: Tue 19 May 2026 05:01:13 +0000
ROA not before: Tue 19 May 2026 05:01:13 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:f6:25:93:2e:fb:fe:f4:50:c1:a3:ef:ec:79:6d:51:43:df:64:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:01:13 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=48c6935813394b1881f45eb63b9853e17c237f379b11660b45e7703b7baa3e77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a5:9b:7e:4d:88:28:e0:7d:15:36:c7:a0:9d:
e9:15:45:56:5a:ef:23:d8:f0:36:1f:78:61:68:fa:
b7:43:45:01:59:ed:2b:1d:df:39:48:db:67:06:88:
96:24:9f:b2:01:99:16:d7:62:19:7d:2e:3a:eb:1b:
50:9c:7e:a3:7d:a6:12:2f:0a:c9:b7:fb:05:56:b9:
a0:30:c8:d1:15:bb:e1:26:61:08:fb:28:a5:ee:dd:
4a:d1:ad:91:e3:25:82:b0:5b:bd:3e:0f:f4:f0:7d:
a1:c9:8f:ae:fd:57:c1:2d:f7:56:7c:15:28:b3:d7:
62:dd:51:36:55:ea:66:32:78:4f:f4:2e:ec:4c:5a:
43:67:9d:be:9b:83:a6:7d:a6:c6:01:eb:43:b1:f2:
9d:22:57:37:4f:f2:cc:1e:92:7b:5b:b3:15:10:6c:
ad:31:55:6b:4b:e3:35:30:c0:11:6c:7a:25:91:b6:
95:11:41:31:1f:09:99:be:19:c8:01:52:ce:b6:68:
f7:08:ea:14:b9:05:d4:6a:89:22:78:bc:d3:43:4b:
f8:b7:4b:9f:b1:00:2d:2c:bd:20:59:f1:f4:0e:cd:
85:75:2f:c7:2c:43:7b:27:69:16:62:42:14:14:19:
0a:b9:ea:36:9c:bc:47:d9:5e:97:dd:70:0f:b8:b6:
10:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9B:61:93:59:EB:48:91:D9:FB:00:FB:B2:83:21:FC:9A:7A:15:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5040::/48
Signature Algorithm: sha256WithRSAEncryption
43:5a:77:ef:17:37:61:27:5c:1a:e5:b9:ed:fa:bb:2d:52:be:
66:5a:0d:14:8f:81:9d:f3:db:91:ae:95:c3:46:29:1d:c8:13:
65:ad:05:9a:06:fb:33:a4:42:e9:2c:d2:70:4a:bc:1b:c5:61:
ed:60:b2:33:a8:7e:ed:d1:b9:f6:f6:f1:68:58:d8:4b:25:54:
fa:53:56:b7:a8:2b:1b:e0:c3:8a:02:1b:98:32:bb:7a:8a:01:
35:42:06:d0:6f:99:58:67:8e:07:43:a4:69:75:c1:30:82:da:
78:54:65:f8:a4:1d:f3:bd:df:51:dd:b6:d9:1c:d9:12:e7:9c:
8e:5a:9f:99:f5:84:02:d6:56:72:a3:3c:b3:64:d5:79:45:48:
7b:3d:78:c4:ed:7c:bf:87:01:f0:48:4c:84:b4:6f:64:95:bc:
48:62:93:38:6a:1f:10:f1:df:ed:4d:ac:e5:03:ca:8b:c4:bb:
cc:89:da:8b:8a:87:86:ab:2c:c4:60:94:72:a3:df:0d:41:81:
2b:78:7b:d2:b0:94:27:b5:0d:99:d3:44:da:2f:4c:7b:e7:94:
db:a2:60:40:26:cd:a9:9f:c2:09:e0:c8:86:78:b1:0b:56:04:
78:88:6d:33:b8:dd:5b:aa:7e:6d:cf:65:37:8e:ee:63:1b:5a:
15:bb:b7:44
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUa/Ylky77/vRQwaPv7HltUUPfZLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAxMTNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4YzY5MzU4MTMzOTRiMTg4MWY0NWViNjNiOTg1M2UxN2MyMzdmMzc5YjEx
NjYwYjQ1ZTc3MDNiN2JhYTNlNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANalm35NiCjgfRU2x6Cd6RVFVlrvI9jwNh94YWj6t0NFAVntKx3fOUjbZwaI
liSfsgGZFtdiGX0uOusbUJx+o32mEi8Kybf7BVa5oDDI0RW74SZhCPsope7dStGt
keMlgrBbvT4P9PB9ocmPrv1XwS33VnwVKLPXYt1RNlXqZjJ4T/Qu7ExaQ2edvpuD
pn2mxgHrQ7HynSJXN0/yzB6Se1uzFRBsrTFVa0vjNTDAEWx6JZG2lRFBMR8Jmb4Z
yAFSzrZo9wjqFLkF1GqJIni800NL+LdLn7EALSy9IFnx9A7NhXUvxyxDeydpFmJC
FBQZCrnqNpy8R9lel91wD7i2EDkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSqm2GT
WetIkdn7APuygyH8mnoVWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZkMTRkMDEtMWExYi00NDhlLWJiNGEtNzMyNzlhMDZjNTQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAQ1p37xc3YSdcGuW57fq7LVK+ZloNFI+BnfPb
ka6Vw0YpHcgTZa0Fmgb7M6RC6SzScEq8G8Vh7WCyM6h+7dG59vbxaFjYSyVU+lNW
t6grG+DDigIbmDK7eooBNUIG0G+ZWGeOB0OkaXXBMILaeFRl+KQd873fUd222RzZ
EuecjlqfmfWEAtZWcqM8s2TVeUVIez14xO18v4cB8EhMhLRvZJW8SGKTOGofEPHf
7U2s5QPKi8S7zInai4qHhqssxGCUcqPfDUGBK3h70rCUJ7UNmdNE2i9Me+eU26Jg
QCbNqZ/CCeDIhnixC1YEeIhtM7jdW6p+bc9lN47uYxtaFbu3RA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:29 2026 by rpki-client