Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
File: af189eff-34de-4652-a029-d682c90d1fc5.roa (raw, json)
Hash identifier: Q+EkamxasSII2uF+xggTxxbEaX2CSXTIzd9F0OzRnWQ=
Subject key identifier: 19:17:1A:67:EB:5C:B2:AA:95:6D:FA:99:A1:B9:D3:13:97:7B:CB:09
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07D6D892EA0DF43FDF5C342641E1E0BE96E6B115
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
Signing time: Tue 19 May 2026 05:40:38 +0000
ROA not before: Tue 19 May 2026 05:40:38 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:d6:d8:92:ea:0d:f4:3f:df:5c:34:26:41:e1:e0:be:96:e6:b1:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:38 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=e6a4ac56b1ed14b720b9c02624a0e52e72c5b75d52a5a7eca7d38ab5ab6f0fc1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:01:f5:e7:e5:75:ae:b8:00:39:f6:03:6a:9d:
58:27:12:54:92:35:98:f6:2a:1d:c0:10:30:ee:c0:
28:99:8b:5d:de:81:5c:67:f1:42:25:af:45:47:10:
1f:0f:45:ce:ab:37:4a:8b:9b:67:b2:19:94:b6:ce:
33:5f:9e:2b:bf:95:67:32:4f:6e:f7:84:26:d7:c6:
88:70:f6:85:e1:aa:69:03:c0:64:dc:81:d2:3c:66:
c7:c0:c5:6a:08:e0:18:01:72:7e:43:6e:06:a5:76:
4d:98:ee:48:b5:fe:05:63:24:a4:9f:10:63:80:c6:
54:a9:75:6b:e4:5c:d8:1c:d5:c0:e3:dd:4c:dc:16:
31:31:d6:62:9e:f5:6b:e6:7b:9e:37:07:b5:1d:d6:
12:be:f9:f5:f3:3e:0d:32:60:ac:3f:7d:4c:1e:bc:
02:8a:62:04:33:42:d4:1c:4f:b6:7e:f9:93:67:77:
46:ca:01:f3:fa:1d:63:33:5d:d1:9f:1c:f4:b7:8a:
7d:9e:04:6b:51:9e:e5:94:c6:f2:94:e1:64:a1:59:
e1:6d:72:5a:2e:d9:50:6f:b8:5a:3e:d6:21:cd:96:
f1:51:81:06:45:6b:b5:73:e3:d9:39:9a:5a:18:1f:
b8:78:b9:25:41:35:cf:a4:11:86:1f:8f:08:78:48:
77:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:17:1A:67:EB:5C:B2:AA:95:6D:FA:99:A1:B9:D3:13:97:7B:CB:09
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
80:e4:38:2b:b6:00:4a:95:fc:d1:0d:d6:5b:29:cc:83:d0:ae:
1d:cd:9e:e3:af:a4:c1:d2:35:3f:99:78:ca:f9:12:35:70:35:
1f:2e:1e:18:c3:4a:e2:0d:86:53:0a:77:c9:13:5e:9a:eb:ab:
da:2c:67:2f:84:bb:a9:4a:35:f8:e4:95:ba:32:6d:0d:0c:b5:
c3:df:7f:3d:e6:06:ac:93:a6:ab:f2:c1:aa:5f:be:59:62:65:
fe:51:af:bc:99:b9:24:ef:0b:71:cc:e5:03:f4:44:58:d2:ba:
7c:a1:c7:5f:69:c3:c4:f8:50:04:69:ea:6e:d7:b4:0a:56:de:
67:fc:79:e4:79:3c:a6:9e:15:7b:5e:3f:f6:4a:c2:ee:ca:4b:
f2:86:8c:cb:5f:77:63:ea:ba:36:78:ae:72:c0:bf:98:1e:d6:
10:0e:8d:a9:91:42:67:d4:73:99:f7:0f:46:4b:7b:6c:28:83:
98:78:8b:92:f4:29:67:be:e8:a0:4d:df:7f:0b:7b:12:9f:5e:
f4:dd:b3:b5:79:ab:06:92:f6:20:21:2c:3c:33:3e:f9:c2:38:
41:e3:0f:6e:e7:26:ee:3d:5e:30:95:f0:2f:7a:60:b2:56:81:
e2:4f:b0:75:46:81:7d:90:4f:d2:5f:a3:16:80:3b:da:33:0e:
d8:d1:19:3f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUB9bYkuoN9D/fXDQmQeHgvpbmsRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwMzhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2YTRhYzU2YjFlZDE0YjcyMGI5YzAyNjI0YTBlNTJlNzJjNWI3NWQ1MmE1
YTdlY2E3ZDM4YWI1YWI2ZjBmYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoB9eflda64ADn2A2qdWCcSVJI1mPYqHcAQMO7AKJmLXd6BXGfxQiWvRUcQ
Hw9Fzqs3SoubZ7IZlLbOM1+eK7+VZzJPbveEJtfGiHD2heGqaQPAZNyB0jxmx8DF
agjgGAFyfkNuBqV2TZjuSLX+BWMkpJ8QY4DGVKl1a+Rc2BzVwOPdTNwWMTHWYp71
a+Z7njcHtR3WEr759fM+DTJgrD99TB68AopiBDNC1BxPtn75k2d3RsoB8/odYzNd
0Z8c9LeKfZ4Ea1Ge5ZTG8pThZKFZ4W1yWi7ZUG+4Wj7WIc2W8VGBBkVrtXPj2Tma
WhgfuHi5JUE1z6QRhh+PCHhId1sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQZFxpn
61yyqpVt+pmhudMTl3vLCTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWYxODllZmYtMzRkZS00NjUyLWEwMjktZDY4MmM5MGQxZmM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
wDANBgkqhkiG9w0BAQsFAAOCAQEAgOQ4K7YASpX80Q3WWynMg9CuHc2e46+kwdI1
P5l4yvkSNXA1Hy4eGMNK4g2GUwp3yRNemuur2ixnL4S7qUo1+OSVujJtDQy1w99/
PeYGrJOmq/LBql++WWJl/lGvvJm5JO8LcczlA/REWNK6fKHHX2nDxPhQBGnqbte0
ClbeZ/x55Hk8pp4Ve14/9krC7spL8oaMy193Y+q6NniucsC/mB7WEA6NqZFCZ9Rz
mfcPRkt7bCiDmHiLkvQpZ77ooE3ffwt7Ep9e9N2ztXmrBpL2ICEsPDM++cI4QeMP
bucm7j1eMJXwL3pgslaB4k+wdUaBfZBP0l+jFoA72jMO2NEZPw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:53 2026 by rpki-client