Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
File: b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa (raw, json)
Hash identifier: agPcjcMx4HDtwvFQSDWCCHhui95QTLSnQu1yiIWO+48=
Subject key identifier: 81:A4:84:AE:A2:23:C6:0A:1E:CC:AD:94:9D:90:64:B3:5C:66:FC:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 472C857E96AD0EEE43538960DBB140166D40737B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
Signing time: Tue 19 May 2026 04:50:08 +0000
ROA not before: Tue 19 May 2026 04:50:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:2c:85:7e:96:ad:0e:ee:43:53:89:60:db:b1:40:16:6d:40:73:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=6ebac4814d1214c0e2187b5402e2e993b93a37a590abe2a52ec4a78518d643d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fa:ee:8f:e2:86:24:ff:e8:65:0d:95:8e:74:
cb:75:a7:f9:73:5f:35:b5:69:d7:df:19:d9:13:2d:
a4:cf:14:27:c5:cf:ac:85:19:1a:a1:88:28:fc:b0:
02:9d:87:fc:9c:87:83:46:a3:35:fb:c5:60:bb:db:
e0:82:2c:4c:8e:cf:4f:22:90:eb:70:e1:0e:48:8f:
54:cf:c9:08:b4:9f:6d:59:4c:fb:27:4c:fa:da:4c:
c4:3a:15:78:5d:c7:c2:4e:6a:cd:0d:d3:f3:f5:d3:
9c:bf:ba:d9:ac:07:27:a2:a9:81:b8:8f:39:14:06:
94:65:23:a1:2f:95:c3:ea:23:fa:cd:5e:90:17:5a:
eb:38:d2:8b:ed:65:3a:49:c2:7e:e1:72:b7:2c:a1:
7c:69:06:03:5e:3f:88:1c:33:2d:c1:0c:91:2c:c9:
c4:9d:6a:09:5e:94:32:9e:39:24:6c:07:1a:94:f3:
18:fe:78:3a:c5:83:ed:e0:63:09:9c:38:c8:7f:76:
0c:14:eb:cf:47:e0:29:32:78:87:ce:5f:56:3a:56:
03:d1:9c:85:8f:e0:42:92:90:94:bc:f5:c5:8b:a5:
03:93:4d:c5:9f:bd:c4:4a:80:09:0d:65:58:c8:7e:
b2:c9:2f:e3:df:ea:ac:d2:ef:4d:22:d5:cf:8d:19:
d8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A4:84:AE:A2:23:C6:0A:1E:CC:AD:94:9D:90:64:B3:5C:66:FC:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:400::/38
Signature Algorithm: sha256WithRSAEncryption
26:9a:b6:28:a6:8c:5c:ae:9a:d5:a4:c9:5e:f1:85:e3:64:9e:
e8:ae:1d:c1:52:53:f7:a5:59:16:73:2f:74:d7:92:ab:63:2d:
a2:5e:1e:c5:ac:d2:31:1f:61:dc:d5:fd:00:41:84:67:17:4b:
f0:cc:ff:3b:15:d1:fa:59:8f:80:94:6b:ce:6a:fe:8c:5c:37:
18:99:cc:6b:0c:10:d2:e8:d6:f3:1c:79:0b:83:1c:f1:09:da:
3c:9a:07:1f:de:da:7c:ef:f0:c7:49:8b:66:7a:d9:91:e3:f8:
66:17:a2:31:bf:62:ec:09:f4:27:e4:ed:68:dd:5f:51:85:cd:
24:d8:07:71:de:f9:e1:2c:58:81:cb:02:c7:62:53:63:45:ef:
e5:3a:c4:f8:9b:3e:cd:23:0e:01:3b:06:c2:dc:ee:c7:72:b8:
bf:b4:75:9f:f6:08:ab:11:df:ba:4b:56:fd:1f:9d:f9:fe:fc:
4f:d5:75:55:81:89:b8:fd:50:1a:22:92:46:94:dc:9e:db:06:
ad:3e:51:06:11:9c:6d:f0:b9:2c:b1:52:5b:83:8f:ef:3b:b9:
ea:25:b7:f1:f3:25:4c:04:4f:be:be:ec:f7:15:48:f9:b6:60:
c1:79:53:17:c0:85:06:48:7a:89:c5:d5:b5:73:94:61:d8:4f:
cb:2c:e4:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURyyFfpatDu5DU4lg27FAFm1Ac3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlYmFjNDgxNGQxMjE0YzBlMjE4N2I1NDAyZTJlOTkzYjkzYTM3YTU5MGFi
ZTJhNTJlYzRhNzg1MThkNjQzZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKr67o/ihiT/6GUNlY50y3Wn+XNfNbVp198Z2RMtpM8UJ8XPrIUZGqGIKPyw
Ap2H/JyHg0ajNfvFYLvb4IIsTI7PTyKQ63DhDkiPVM/JCLSfbVlM+ydM+tpMxDoV
eF3Hwk5qzQ3T8/XTnL+62awHJ6KpgbiPORQGlGUjoS+Vw+oj+s1ekBda6zjSi+1l
OknCfuFytyyhfGkGA14/iBwzLcEMkSzJxJ1qCV6UMp45JGwHGpTzGP54OsWD7eBj
CZw4yH92DBTrz0fgKTJ4h85fVjpWA9GchY/gQpKQlLz1xYulA5NNxZ+9xEqACQ1l
WMh+sskv49/qrNLvTSLVz40Z2CkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBpISu
oiPGCh7MrZSdkGSzXGb88zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjcyYTk1NDAtNTFlZi00ZGNjLWE1ZTItMjQxNzI0OWExYWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIE
MA0GCSqGSIb3DQEBCwUAA4IBAQAmmrYopoxcrprVpMle8YXjZJ7orh3BUlP3pVkW
cy9015KrYy2iXh7FrNIxH2Hc1f0AQYRnF0vwzP87FdH6WY+AlGvOav6MXDcYmcxr
DBDS6NbzHHkLgxzxCdo8mgcf3tp87/DHSYtmetmR4/hmF6Ixv2LsCfQn5O1o3V9R
hc0k2Adx3vnhLFiBywLHYlNjRe/lOsT4mz7NIw4BOwbC3O7Hcri/tHWf9girEd+6
S1b9H535/vxP1XVVgYm4/VAaIpJGlNye2watPlEGEZxt8LkssVJbg4/vO7nqJbfx
8yVMBE++vuz3FUj5tmDBeVMXwIUGSHqJxdW1c5Rh2E/LLOSb
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:17 2026 by rpki-client