Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
File: a72cbea9-100c-4974-8211-87debb0f6fbd.roa (raw, json)
Hash identifier: G+rCiWyJiRRFTc/tSg4ND5D+pRhzw8MC0Siz/4saRqE=
Subject key identifier: CD:49:AE:03:EA:5B:49:1B:53:4F:EC:9C:F0:B9:FB:E2:EE:6D:63:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 754A8C819E4487CBD81CE2F073544BBC686FE972
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
Signing time: Tue 19 May 2026 04:30:30 +0000
ROA not before: Tue 19 May 2026 04:30:30 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:4a:8c:81:9e:44:87:cb:d8:1c:e2:f0:73:54:4b:bc:68:6f:e9:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:30 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=38c933593a163cd4913deb8ff4888a066970ab17ffb21e4a02cf4d61f8417668, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:aa:e3:23:1a:5b:2b:47:93:76:96:ba:f2:b5:
c4:02:e7:4a:f7:00:e9:5f:a9:ed:b8:8a:b2:7f:60:
98:42:db:19:a8:30:19:a2:c6:d6:a2:b6:6a:7a:4c:
29:e3:5e:fb:3e:db:c2:b4:6c:68:55:02:4b:1e:b1:
18:72:84:d2:40:89:90:44:d1:14:4e:10:eb:c4:9e:
e8:ff:31:be:40:50:a4:30:5c:3f:72:71:74:3e:4b:
04:5f:99:08:ea:c4:32:ac:32:93:23:00:75:68:39:
19:7f:2c:f0:60:70:f2:ed:8c:8b:c8:c1:e1:6c:e8:
a5:dc:eb:0e:08:b4:d2:98:13:8f:41:7e:5f:ed:63:
87:77:66:c7:cd:a6:90:85:46:19:b1:b8:86:09:4b:
ae:e5:cb:44:e7:3e:de:a0:8a:97:43:31:95:02:42:
96:4c:75:4b:42:84:df:75:f5:38:00:2d:25:de:fe:
06:0f:a6:e0:61:e5:7d:10:7a:9b:31:91:05:b4:0c:
4a:f4:6a:cf:b2:66:4f:f7:23:b3:16:06:8c:f4:5e:
ec:e8:e4:34:00:82:79:df:c3:84:fa:c8:6d:6d:95:
fe:09:d9:8b:cb:8c:a6:28:ee:7a:a9:aa:d8:67:c9:
dd:c5:e2:4b:e2:ea:8d:36:67:fc:cc:f1:8a:58:93:
69:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:49:AE:03:EA:5B:49:1B:53:4F:EC:9C:F0:B9:FB:E2:EE:6D:63:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:81:87:6e:23:5d:e4:05:63:90:6a:0a:3e:ef:28:1b:14:a6:
c9:70:c4:e3:7c:7e:c5:e1:82:a7:9f:74:04:82:90:de:a6:65:
ee:ec:e8:6f:af:65:34:15:50:c4:8e:e4:c8:f4:b7:19:15:0d:
f5:6c:ed:10:32:69:ab:63:aa:33:50:a1:c6:2c:77:33:ce:9e:
d3:e2:4f:85:4c:86:ab:88:d0:08:6e:b3:82:7c:89:71:1b:6d:
00:f7:b2:cb:3e:a3:7a:e9:f1:d6:8e:d8:de:a6:a6:a8:80:45:
20:66:de:5b:e7:44:1b:1f:c6:f3:98:60:aa:68:20:0a:af:33:
31:33:f0:95:59:76:2c:d4:9b:5e:cf:47:ea:45:72:50:bd:2d:
9e:bd:29:2f:07:07:69:c0:f8:00:a9:67:1b:77:be:60:82:12:
65:5f:9c:d6:ae:65:75:19:c6:c8:0b:64:e1:d5:f1:2d:0c:38:
61:36:e6:6c:99:3b:0e:b5:0e:d7:e6:1d:8f:7d:fb:81:71:5d:
3a:ef:96:61:62:c5:ed:ac:73:f5:f0:b5:72:6a:9e:6b:2a:81:
d4:fe:7e:fa:f2:54:50:0e:4e:f6:7d:70:65:ce:38:d7:01:eb:
c0:47:53:66:9b:6a:3d:07:5f:47:bb:77:60:de:0b:56:3c:c4:
6e:e7:0f:64
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdUqMgZ5Eh8vYHOLwc1RLvGhv6XIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMzBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4YzkzMzU5M2ExNjNjZDQ5MTNkZWI4ZmY0ODg4YTA2Njk3MGFiMTdmZmIy
MWU0YTAyY2Y0ZDYxZjg0MTc2NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyq4yMaWytHk3aWuvK1xALnSvcA6V+p7biKsn9gmELbGagwGaLG1qK2anpM
KeNe+z7bwrRsaFUCSx6xGHKE0kCJkETRFE4Q68Se6P8xvkBQpDBcP3JxdD5LBF+Z
COrEMqwykyMAdWg5GX8s8GBw8u2Mi8jB4WzopdzrDgi00pgTj0F+X+1jh3dmx82m
kIVGGbG4hglLruXLROc+3qCKl0MxlQJClkx1S0KE33X1OAAtJd7+Bg+m4GHlfRB6
mzGRBbQMSvRqz7JmT/cjsxYGjPRe7OjkNACCed/DhPrIbW2V/gnZi8uMpijueqmq
2GfJ3cXiS+LqjTZn/MzxiliTabkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNSa4D
6ltJG1NP7Jzwufvi7m1j7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcyY2JlYTktMTAwYy00OTc0LTgyMTEtODdkZWJiMGY2ZmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmA
MA0GCSqGSIb3DQEBCwUAA4IBAQCigYduI13kBWOQago+7ygbFKbJcMTjfH7F4YKn
n3QEgpDepmXu7Ohvr2U0FVDEjuTI9LcZFQ31bO0QMmmrY6ozUKHGLHczzp7T4k+F
TIariNAIbrOCfIlxG20A97LLPqN66fHWjtjepqaogEUgZt5b50QbH8bzmGCqaCAK
rzMxM/CVWXYs1Jtez0fqRXJQvS2evSkvBwdpwPgAqWcbd75gghJlX5zWrmV1GcbI
C2Th1fEtDDhhNuZsmTsOtQ7X5h2PffuBcV0675ZhYsXtrHP18LVyap5rKoHU/n76
8lRQDk72fXBlzjjXAevAR1Nmm2o9B19Hu3dg3gtWPMRu5w9k
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:06 2026 by rpki-client