Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
File: ab7811c0-f548-43b8-897d-fac68de3433a.roa (raw, json)
Hash identifier: Ru1fLdL6H5z5JqDiaP/nK1j47svkNlpOuB8WZ1q31k8=
Subject key identifier: 5F:E7:E1:F3:E4:C5:46:63:C2:F4:B3:DF:69:F9:69:18:F0:77:27:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FA98BB884919E91584ED89D9C328D5AFFDD2BDD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
Signing time: Tue 19 May 2026 05:20:23 +0000
ROA not before: Tue 19 May 2026 05:20:23 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:a9:8b:b8:84:91:9e:91:58:4e:d8:9d:9c:32:8d:5a:ff:dd:2b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:23 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=ef9e16c116efa179970362624121a38538d04e6df3584ef20c70a7338370ad3d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d9:4b:2b:32:84:1a:83:94:5e:4c:a2:29:98:
c4:9d:80:f5:aa:23:d1:b1:2f:f1:71:b4:97:5f:a8:
8e:46:6b:b6:27:98:af:5f:13:70:19:f7:c6:76:43:
90:82:db:73:0f:9e:b6:0b:42:bb:70:53:2f:34:8a:
08:09:55:c6:2b:01:51:3e:32:94:8b:58:53:23:3a:
07:86:9e:38:92:ab:b3:05:4b:65:d2:4d:cd:2d:14:
ca:bc:b1:0b:4f:6f:56:55:5c:45:2c:4f:1a:02:c4:
7f:4c:ff:2a:93:34:d9:57:00:ca:42:d6:d4:97:81:
71:2d:e1:7c:a2:c4:34:60:e1:0f:e3:0e:20:1a:a9:
96:c4:df:2c:88:e3:5c:40:d3:da:0c:a3:00:66:5a:
46:c7:e2:a8:9b:65:a9:ef:55:ba:ce:d5:0b:4d:39:
7b:40:3f:99:09:59:f2:a5:70:72:11:d4:ea:6d:f6:
2f:f8:86:60:18:84:58:64:5c:a6:00:f0:b9:ee:a1:
23:7d:99:24:c9:bc:5e:c4:69:d3:76:a4:85:10:90:
40:40:8e:8d:92:a5:e6:5b:52:22:55:7b:db:c5:8d:
14:7c:c4:09:7b:a1:a3:48:e1:d1:d4:4f:57:de:7d:
3a:7f:dd:6d:64:51:fc:41:77:bb:e5:cd:cd:af:95:
32:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E7:E1:F3:E4:C5:46:63:C2:F4:B3:DF:69:F9:69:18:F0:77:27:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/36
Signature Algorithm: sha256WithRSAEncryption
58:71:4a:58:c6:cd:8f:48:b8:a8:d5:e4:64:12:6f:64:68:c1:
09:c1:39:a1:03:5a:68:93:12:71:67:22:00:05:9b:ad:9b:fd:
9f:90:da:9c:25:bb:e5:1e:76:dd:0e:55:60:ef:56:22:73:9c:
45:08:46:da:d3:ff:e9:26:d3:b7:f6:42:bd:19:f6:88:86:de:
af:1c:f6:e7:ba:69:ab:4e:f9:08:cf:f7:aa:65:a2:b2:e0:30:
21:07:67:d1:74:b8:9a:0b:21:55:b0:88:3e:54:d7:c8:5c:2c:
dd:4b:b0:f9:6b:50:de:20:10:e0:89:b4:d0:f5:e8:74:3e:72:
fa:cb:0c:55:fc:a9:5d:83:be:be:0c:2a:60:2f:8e:1b:dd:18:
a1:4c:1d:73:a6:b0:a6:30:80:53:2a:1e:4c:ea:c5:d4:ac:4f:
df:fb:4e:55:dc:f3:98:b6:fb:7c:43:f7:51:1a:2d:9d:e6:06:
73:ac:b4:18:fc:5a:d8:d2:fd:43:57:d2:f5:62:5a:5d:36:f9:
59:87:58:76:6c:d8:eb:b3:7c:93:f5:10:a4:eb:a5:fb:fc:43:
b3:2b:57:23:00:86:1a:a1:3f:73:78:fc:62:9d:48:0a:15:1a:
90:91:e9:ba:4f:85:1f:0e:ef:f8:0a:86:d6:fd:fd:9e:4a:cf:
6e:e4:bb:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf6mLuISRnpFYTtidnDKNWv/dK90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMjNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmOWUxNmMxMTZlZmExNzk5NzAzNjI2MjQxMjFhMzg1MzhkMDRlNmRmMzU4
NGVmMjBjNzBhNzMzODM3MGFkM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJHZSysyhBqDlF5MoimYxJ2A9aoj0bEv8XG0l1+ojkZrtieYr18TcBn3xnZD
kILbcw+etgtCu3BTLzSKCAlVxisBUT4ylItYUyM6B4aeOJKrswVLZdJNzS0Uyryx
C09vVlVcRSxPGgLEf0z/KpM02VcAykLW1JeBcS3hfKLENGDhD+MOIBqplsTfLIjj
XEDT2gyjAGZaRsfiqJtlqe9Vus7VC005e0A/mQlZ8qVwchHU6m32L/iGYBiEWGRc
pgDwue6hI32ZJMm8XsRp03akhRCQQECOjZKl5ltSIlV728WNFHzECXuho0jh0dRP
V959On/dbWRR/EF3u+XNza+VMisCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRf5+Hz
5MVGY8L0s99p+WkY8HcnSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI3ODExYzAtZjU0OC00M2I4LTg5N2QtZmFjNjhkZTM0MzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQBYcUpYxs2PSLio1eRkEm9kaMEJwTmhA1pokxJx
ZyIABZutm/2fkNqcJbvlHnbdDlVg71Yic5xFCEba0//pJtO39kK9GfaIht6vHPbn
ummrTvkIz/eqZaKy4DAhB2fRdLiaCyFVsIg+VNfIXCzdS7D5a1DeIBDgibTQ9eh0
PnL6ywxV/Kldg76+DCpgL44b3RihTB1zprCmMIBTKh5M6sXUrE/f+05V3POYtvt8
Q/dRGi2d5gZzrLQY/FrY0v1DV9L1YlpdNvlZh1h2bNjrs3yT9RCk66X7/EOzK1cj
AIYaoT9zePxinUgKFRqQkem6T4UfDu/4CobW/f2eSs9u5LsQ
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:04:10 2026 by rpki-client