Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
File: ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa (raw, json)
Hash identifier: mvX+PcIsGmAnAS0RGzB4dyLbWYkM607CvNcKZ/hoRVM=
Subject key identifier: B3:39:BF:23:C2:45:AA:84:FF:48:4D:7F:38:DD:65:F4:11:86:19:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E605F32CC39F7E740CA53643D03EF6CC414B986
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
Signing time: Tue 19 May 2026 05:01:14 +0000
ROA not before: Tue 19 May 2026 05:01:14 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:60:5f:32:cc:39:f7:e7:40:ca:53:64:3d:03:ef:6c:c4:14:b9:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:01:14 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=27a61b60a812efed2109b199a245e5845d0c822eeeb6f76bab193d1a90a246b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e3:01:c9:0e:6e:30:91:f4:b4:e1:1b:68:5f:
bb:b9:90:05:60:f7:53:d4:47:97:dd:0d:94:86:24:
99:2c:15:58:9c:0e:8c:e2:98:4f:dd:c3:80:ed:fe:
06:0c:21:c9:28:9a:f4:5d:1e:c2:f7:df:7d:a0:3f:
1e:1c:f2:f0:99:2c:8e:b9:45:46:30:6e:ae:63:70:
92:3a:2d:fc:9b:a0:84:31:31:e2:b9:21:2d:a3:45:
e2:42:21:5a:b5:6f:b5:b8:0f:65:4f:5d:55:7d:3f:
f2:7f:75:ab:3e:6e:7b:13:94:3b:4b:81:5d:94:c6:
36:1e:2e:1e:de:78:af:82:09:8d:91:fb:4e:59:ee:
25:c8:9d:a8:47:48:92:48:9f:dc:1f:ff:99:fc:9e:
a1:54:95:98:b1:52:f0:75:8b:88:71:c0:2c:d7:ed:
e8:50:d4:1e:8a:90:1d:e2:b7:8c:63:4f:e3:57:95:
9b:79:86:30:8b:e4:29:1a:48:16:bd:4d:73:6a:31:
59:c0:c2:da:94:0c:b9:c5:06:a2:40:04:f0:ba:bf:
1d:1b:58:d7:d5:3c:bd:17:2b:3c:38:68:2d:9a:12:
c6:6c:41:b9:51:ab:c2:86:13:ee:12:93:53:79:7a:
50:b1:ee:3e:12:99:2f:57:2f:a0:ea:74:7f:68:52:
68:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:39:BF:23:C2:45:AA:84:FF:48:4D:7F:38:DD:65:F4:11:86:19:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
3a:4c:c5:4b:a5:67:eb:81:fd:d5:71:9f:d1:8a:2a:33:16:f4:
5e:ae:9b:ba:2a:9d:56:dc:62:e1:18:e7:35:af:0a:28:ac:56:
a9:2c:0a:58:31:7b:c2:bf:79:63:a4:bb:88:70:e3:f2:d3:bb:
32:6d:f4:be:47:53:d9:04:66:aa:46:f4:91:6d:7d:f5:3f:01:
46:18:03:7d:82:7f:87:24:18:5f:b1:90:2f:77:4d:51:6f:73:
7b:02:6d:04:07:5d:01:f4:52:cb:eb:93:51:2f:02:cd:12:ad:
3f:8d:a3:6c:c2:5a:89:eb:37:fe:bb:cc:84:36:49:78:51:f2:
27:6b:32:8b:4c:f2:7a:da:5a:98:42:b2:cb:3d:ef:0f:c3:76:
b0:ac:f8:f0:a5:08:36:c9:fe:ef:0b:e4:5c:f1:aa:d1:44:4f:
dc:9f:0e:5d:d0:ca:06:66:03:59:fd:59:c5:69:8d:a9:4f:3d:
61:c6:f2:d8:4e:88:13:82:1d:54:2a:b2:52:14:ec:68:93:dd:
7b:60:50:07:79:db:b3:86:a6:ac:1b:09:13:57:fd:74:7c:74:
86:b1:69:b4:b8:00:e6:d6:0d:6d:31:79:6e:5c:8d:a6:2f:22:
9b:49:45:b1:94:fb:7e:49:68:35:eb:9b:6a:7b:a2:08:a4:6b:
f6:d9:94:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfmBfMsw59+dAylNkPQPvbMQUuYYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAxMTRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3YTYxYjYwYTgxMmVmZWQyMTA5YjE5OWEyNDVlNTg0NWQwYzgyMmVlZWI2
Zjc2YmFiMTkzZDFhOTBhMjQ2YjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbjAckObjCR9LThG2hfu7mQBWD3U9RHl90NlIYkmSwVWJwOjOKYT93DgO3+
BgwhySia9F0ewvfffaA/Hhzy8JksjrlFRjBurmNwkjot/JughDEx4rkhLaNF4kIh
WrVvtbgPZU9dVX0/8n91qz5uexOUO0uBXZTGNh4uHt54r4IJjZH7TlnuJcidqEdI
kkif3B//mfyeoVSVmLFS8HWLiHHALNft6FDUHoqQHeK3jGNP41eVm3mGMIvkKRpI
Fr1Nc2oxWcDC2pQMucUGokAE8Lq/HRtY19U8vRcrPDhoLZoSxmxBuVGrwoYT7hKT
U3l6ULHuPhKZL1cvoOp0f2hSaEMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSzOb8j
wkWqhP9ITX843WX0EYYZ7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxZmRjNGEtZmExYS00ODEzLTgyNzItOTYwMWEzZDc1NWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAOkzFS6Vn64H91XGf0YoqMxb0Xq6buiqdVtxi
4RjnNa8KKKxWqSwKWDF7wr95Y6S7iHDj8tO7Mm30vkdT2QRmqkb0kW199T8BRhgD
fYJ/hyQYX7GQL3dNUW9zewJtBAddAfRSy+uTUS8CzRKtP42jbMJaies3/rvMhDZJ
eFHyJ2syi0zyetpamEKyyz3vD8N2sKz48KUINsn+7wvkXPGq0URP3J8OXdDKBmYD
Wf1ZxWmNqU89Ycby2E6IE4IdVCqyUhTsaJPde2BQB3nbs4amrBsJE1f9dHx0hrFp
tLgA5tYNbTF5blyNpi8im0lFsZT7fkloNeubanuiCKRr9tmUaQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:09 2026 by rpki-client