Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
File: b0fb422a-c1ce-4269-b503-2c8145fc798a.roa (raw, json)
Hash identifier: cx3eq2INhNO232n0ywAWkwOCY0ofWS4tAYCoDKCv1F4=
Subject key identifier: 36:0C:D9:17:23:03:18:F4:30:3B:42:B8:77:33:D7:00:1D:C4:72:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E975B103497CAEA8F069414D5E0480800047A05
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
Signing time: Tue 19 May 2026 05:30:44 +0000
ROA not before: Tue 19 May 2026 05:30:44 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:97:5b:10:34:97:ca:ea:8f:06:94:14:d5:e0:48:08:00:04:7a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:44 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=427fb76582144d2cd5e21dfc650a41f8f2d04745260fe4b22b0017d3811ba421, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4c:9f:c8:5f:29:60:b5:61:b9:c1:1e:d9:7f:
e5:e4:81:62:b3:94:1e:25:0f:f9:ab:8a:a9:43:f6:
6d:3f:92:9a:56:1e:31:91:f9:aa:97:0a:b9:72:b3:
2b:32:4f:e9:f0:18:1d:d6:31:ec:34:6c:eb:d1:cf:
06:b0:16:02:47:ce:8a:8c:1f:e4:31:50:6a:40:6f:
d3:cf:b5:6c:91:c1:90:ee:4f:00:69:79:cf:b9:5e:
9a:df:74:5f:73:85:e2:55:3c:8b:ca:0c:91:8a:b2:
c4:e1:3b:9a:06:bd:f6:a0:93:a9:bd:82:71:c6:cf:
a3:34:2a:4c:21:a7:32:3f:f1:14:12:2e:c7:7c:fd:
d5:3a:ff:a6:b1:c5:4b:35:cd:85:4c:08:d2:d8:a8:
ab:40:68:7f:60:0d:50:73:e9:5d:3b:ba:b2:0c:7c:
00:db:35:74:38:f0:15:de:e8:28:72:1d:d7:d5:68:
0d:15:e8:d4:70:85:e0:47:dd:43:af:e0:34:82:90:
c2:88:5a:8d:b8:3b:ef:98:fe:d7:09:d4:35:b6:65:
32:68:1d:f0:7c:c5:21:94:59:fa:55:9c:4d:e4:59:
12:cd:d6:e9:38:5f:a2:24:7f:97:e6:df:1b:f5:60:
7b:b6:b8:0b:17:b1:10:09:64:86:1d:6f:47:05:67:
84:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0C:D9:17:23:03:18:F4:30:3B:42:B8:77:33:D7:00:1D:C4:72:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a020::/48
Signature Algorithm: sha256WithRSAEncryption
6f:79:15:9a:a5:17:17:37:63:16:52:c9:75:50:62:06:01:77:
1b:ec:c0:27:d0:5c:c2:c5:ba:31:3a:04:8a:31:9d:92:09:05:
2b:66:2b:57:94:5d:9c:c1:5d:0c:92:d3:a6:65:ae:c1:1a:76:
f4:6a:43:7b:29:6d:67:19:0e:47:db:05:3a:41:26:51:50:8c:
4d:f2:7b:62:b5:66:2d:17:07:30:1c:8a:30:f0:d6:99:b7:1f:
b7:7e:c3:35:e2:d0:56:54:03:c2:51:e3:01:14:40:d3:87:d7:
21:2c:31:da:4e:78:35:72:52:30:2a:a6:bf:eb:86:90:20:72:
38:bf:57:f1:bf:52:b5:5b:b1:d7:4d:ab:cb:cc:e1:0f:9c:c6:
4c:d3:8e:84:d1:99:61:b4:1e:40:e8:51:41:48:8c:d4:a3:bb:
9c:3f:36:2d:66:61:db:6d:c3:e7:3d:9b:d0:2a:73:5d:42:68:
5b:39:dc:62:6a:15:4b:36:9c:2c:4a:c3:cd:11:9f:1f:17:d3:
6d:a5:c0:33:5e:1a:f5:50:74:34:88:a3:a5:d0:25:41:c4:41:
cb:6b:48:29:23:60:b7:3d:e8:a4:20:53:a0:7b:6a:0f:fc:bd:
20:0a:f9:ec:21:ee:f9:0b:89:96:be:a3:aa:64:23:77:4f:de:
1c:b2:b1:c6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULpdbEDSXyuqPBpQU1eBICAAEegUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNDRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyN2ZiNzY1ODIxNDRkMmNkNWUyMWRmYzY1MGE0MWY4ZjJkMDQ3NDUyNjBm
ZTRiMjJiMDAxN2QzODExYmE0MjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9Mn8hfKWC1YbnBHtl/5eSBYrOUHiUP+auKqUP2bT+SmlYeMZH5qpcKuXKz
KzJP6fAYHdYx7DRs69HPBrAWAkfOiowf5DFQakBv08+1bJHBkO5PAGl5z7lemt90
X3OF4lU8i8oMkYqyxOE7mga99qCTqb2CccbPozQqTCGnMj/xFBIux3z91Tr/prHF
SzXNhUwI0tioq0Bof2ANUHPpXTu6sgx8ANs1dDjwFd7oKHId19VoDRXo1HCF4Efd
Q6/gNIKQwohajbg775j+1wnUNbZlMmgd8HzFIZRZ+lWcTeRZEs3W6ThfoiR/l+bf
G/Vge7a4CxexEAlkhh1vRwVnhF8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ2DNkX
IwMY9DA7Qrh3M9cAHcRygjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBmYjQyMmEtYzFjZS00MjY5LWI1MDMtMmM4MTQ1ZmM3OThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
IDANBgkqhkiG9w0BAQsFAAOCAQEAb3kVmqUXFzdjFlLJdVBiBgF3G+zAJ9BcwsW6
MToEijGdkgkFK2YrV5RdnMFdDJLTpmWuwRp29GpDeyltZxkOR9sFOkEmUVCMTfJ7
YrVmLRcHMByKMPDWmbcft37DNeLQVlQDwlHjARRA04fXISwx2k54NXJSMCqmv+uG
kCByOL9X8b9StVux102ry8zhD5zGTNOOhNGZYbQeQOhRQUiM1KO7nD82LWZh223D
5z2b0CpzXUJoWzncYmoVSzacLErDzRGfHxfTbaXAM14a9VB0NIijpdAlQcRBy2tI
KSNgtz3opCBToHtqD/y9IAr57CHu+QuJlr6jqmQjd0/eHLKxxg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:45 2026 by rpki-client