Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
File: b01a5a70-e8bc-4c88-8f86-597d891eae77.roa (raw, json)
Hash identifier: KKw7RagnoC621B0z/7N6GmlwfVrzhOTwZNN2i3hp9Tg=
Subject key identifier: 74:26:2F:B1:DB:96:E3:B0:2D:15:1F:FB:F8:7A:53:41:C1:7F:ED:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4996C68ED0C63C350E905A9E5584123F0880EF07
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
Signing time: Tue 19 May 2026 05:30:45 +0000
ROA not before: Tue 19 May 2026 05:30:45 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:96:c6:8e:d0:c6:3c:35:0e:90:5a:9e:55:84:12:3f:08:80:ef:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:45 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=311db4ce698515e8ae61be7724db263658e0f26b3b9d9f840b196b0fd3f4bce0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:eb:52:43:d8:2e:60:bc:ec:43:9f:77:16:b0:
6e:c1:dd:e2:0a:91:0a:fd:fe:7f:23:11:56:b0:55:
3c:7a:a8:44:ef:03:dd:78:43:cd:4a:37:86:79:f1:
d9:6b:b1:4b:b4:5f:f2:9b:ae:ac:d3:cb:6a:7d:d5:
0f:d5:42:19:af:c8:f9:f0:c4:28:38:15:b1:de:9e:
52:b4:94:37:f4:2b:2e:83:7e:71:55:ed:1a:a3:1a:
ac:1f:5e:1c:5a:2d:98:da:9d:49:9d:67:d6:28:ed:
ee:25:4f:d1:d5:aa:5d:1f:f6:ca:07:37:de:24:3f:
d2:57:9f:98:5e:72:1d:54:3d:c2:bb:32:c6:57:4b:
f1:11:0f:11:f8:b1:5c:0c:51:46:12:3d:86:5f:97:
e0:b9:4a:79:4f:11:99:5a:78:66:37:80:a3:7a:85:
ff:b6:eb:8d:ef:5a:35:20:f0:75:c3:ee:65:a2:77:
f9:c0:59:c3:02:1e:a5:ff:85:41:33:bf:f4:81:ff:
fc:da:c9:d8:f6:bb:bc:a3:bf:7e:a0:f9:8d:dd:b2:
4f:f3:c7:32:1e:c2:56:e8:2e:7f:f4:11:c8:5f:99:
99:5f:73:b2:bc:9a:a8:b4:ac:c6:7e:7d:4b:a6:f0:
62:9e:3b:cb:9d:ec:1e:71:33:d6:67:04:9a:df:bd:
37:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:26:2F:B1:DB:96:E3:B0:2D:15:1F:FB:F8:7A:53:41:C1:7F:ED:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2080::/48
Signature Algorithm: sha256WithRSAEncryption
25:f0:af:fe:41:92:81:db:61:b9:90:0d:dc:19:83:a9:7f:07:
9e:93:10:30:45:6c:b6:e7:5d:ee:0d:a8:f5:cb:ee:74:21:c0:
54:11:6d:59:15:8a:de:95:18:bd:74:59:e5:cc:33:93:8e:d2:
8a:a7:8b:e6:c4:39:89:5b:76:e2:be:c7:8d:c6:27:2a:92:cb:
78:5e:fb:ae:64:82:85:96:7b:d7:8b:fd:aa:b9:bb:29:c3:c7:
9b:ee:dc:50:cd:eb:f3:ee:ef:ed:46:53:0b:5f:ff:07:7f:19:
6e:ce:2c:29:34:cd:49:59:c7:53:74:1c:0d:12:65:69:d5:21:
3f:08:ed:63:67:7a:6b:a9:8a:3e:67:62:10:e7:2e:9f:d4:fa:
f6:d9:ac:50:c0:76:79:62:53:6a:46:6e:2f:16:ee:64:09:2d:
e5:67:5b:1e:03:d2:ad:bf:ed:cd:c5:7b:61:1d:d6:ac:ae:c2:
84:c3:a8:0f:03:ac:35:4d:2e:ed:bf:27:43:a2:7d:a0:45:75:
2f:52:7b:c5:bd:bc:0c:94:e1:9e:f9:c9:0b:37:82:c1:cb:9a:
85:0e:f3:75:02:88:ab:c9:69:9e:a3:cf:1b:7d:8d:cf:e4:d2:
3a:a0:a8:f8:c7:a2:3d:90:56:e6:2f:2e:d7:5e:51:e6:e7:f1:
4b:1d:c9:73
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSZbGjtDGPDUOkFqeVYQSPwiA7wcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxMWRiNGNlNjk4NTE1ZThhZTYxYmU3NzI0ZGIyNjM2NThlMGYyNmIzYjlk
OWY4NDBiMTk2YjBmZDNmNGJjZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzrUkPYLmC87EOfdxawbsHd4gqRCv3+fyMRVrBVPHqoRO8D3XhDzUo3hnnx
2WuxS7Rf8puurNPLan3VD9VCGa/I+fDEKDgVsd6eUrSUN/QrLoN+cVXtGqMarB9e
HFotmNqdSZ1n1ijt7iVP0dWqXR/2ygc33iQ/0lefmF5yHVQ9wrsyxldL8REPEfix
XAxRRhI9hl+X4LlKeU8RmVp4ZjeAo3qF/7brje9aNSDwdcPuZaJ3+cBZwwIepf+F
QTO/9IH//NrJ2Pa7vKO/fqD5jd2yT/PHMh7CVuguf/QRyF+ZmV9zsryaqLSsxn59
S6bwYp47y53sHnEz1mcEmt+9NwMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0Ji+x
25bjsC0VH/v4elNBwX/tpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjAxYTVhNzAtZThiYy00Yzg4LThmODYtNTk3ZDg5MWVhZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
gDANBgkqhkiG9w0BAQsFAAOCAQEAJfCv/kGSgdthuZAN3BmDqX8HnpMQMEVstudd
7g2o9cvudCHAVBFtWRWK3pUYvXRZ5cwzk47SiqeL5sQ5iVt24r7HjcYnKpLLeF77
rmSChZZ714v9qrm7KcPHm+7cUM3r8+7v7UZTC1//B38Zbs4sKTTNSVnHU3QcDRJl
adUhPwjtY2d6a6mKPmdiEOcun9T69tmsUMB2eWJTakZuLxbuZAkt5WdbHgPSrb/t
zcV7YR3WrK7ChMOoDwOsNU0u7b8nQ6J9oEV1L1J7xb28DJThnvnJCzeCwcuahQ7z
dQKIq8lpnqPPG32Nz+TSOqCo+MeiPZBW5i8u115R5ufxSx3Jcw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:42:29 2026 by rpki-client