Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json)
Hash identifier: wII7gc4D/fewlNpd9ejUiC1FoDL6EnaHnzNQFQxs/yw=
Subject key identifier: 64:4E:78:A6:19:9E:29:73:71:8E:79:26:D0:63:22:DB:46:5A:4D:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 658715929C63A98E684ED4E277BB68557D315621
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
Signing time: Tue 19 May 2026 05:20:09 +0000
ROA not before: Tue 19 May 2026 05:20:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:87:15:92:9c:63:a9:8e:68:4e:d4:e2:77:bb:68:55:7d:31:56:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b19db51cb0ff927e6f7812216a7ba3648b50a6908d89066822697c6b99ec90b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:99:80:21:27:b0:75:8c:78:99:21:73:8a:39:
3e:ea:bb:00:2e:70:54:2d:36:77:88:49:bf:6b:f9:
87:0c:90:35:46:d9:c7:80:34:6e:1f:dc:dc:98:f8:
d6:c1:31:66:eb:ef:ab:7e:cf:31:68:55:8a:57:52:
04:8e:88:0a:cb:81:73:7f:87:a3:57:b8:0c:d4:c5:
b0:36:bf:60:1c:71:ea:88:26:2d:80:68:46:65:33:
0a:6b:e2:9b:c4:a5:da:3f:86:38:a0:a9:54:95:e1:
24:59:19:58:cb:4e:21:7b:aa:89:84:fb:7b:e0:c9:
ba:d3:75:75:55:64:55:db:da:95:20:03:26:ed:b2:
04:30:e6:36:65:0e:66:57:1a:a7:47:39:f5:5b:19:
95:cb:98:80:14:c3:b0:ac:c1:db:27:26:0c:9f:f0:
c4:e0:a2:10:61:53:6a:21:61:0e:47:33:ec:78:df:
53:8c:3b:ca:16:e0:4f:45:32:2f:92:f0:72:64:5c:
5d:73:38:2b:33:a0:b0:17:3c:55:71:74:4d:05:69:
8c:f3:64:b0:97:61:28:d7:28:24:64:f2:47:c1:9e:
cf:98:d2:62:8f:2f:4a:ae:5e:a3:73:2a:f9:29:6a:
0f:48:69:3c:00:17:02:ea:40:95:d7:75:fb:16:5c:
91:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:4E:78:A6:19:9E:29:73:71:8E:79:26:D0:63:22:DB:46:5A:4D:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6080::/48
Signature Algorithm: sha256WithRSAEncryption
27:16:9e:7d:14:d0:8d:d6:51:72:9e:f4:b0:6b:41:52:32:b8:
f2:54:3a:e0:03:eb:77:5e:9a:9b:3f:fc:eb:44:9b:9f:32:03:
49:b7:48:fc:6d:ef:01:1e:6c:8b:9b:00:7e:14:dd:89:6e:08:
0a:42:39:16:b3:b0:b7:03:1e:31:41:ee:6c:1a:30:73:0d:e6:
f8:96:27:d7:58:32:ce:95:a2:a8:70:e1:5b:e9:9d:60:e1:79:
21:21:08:76:8b:58:10:38:20:df:df:39:31:ec:04:70:bb:fa:
c2:df:7b:f6:72:36:61:67:b9:80:1a:e3:a2:64:b4:f4:3b:89:
64:ea:53:5c:d5:53:d5:50:8d:c9:1b:c4:3c:6d:aa:c8:b5:bf:
f1:2c:d7:22:45:e5:5c:e0:42:e4:4b:84:fe:34:a7:4a:b4:90:
d6:6a:61:fd:19:8f:35:38:fc:69:a8:11:30:68:32:e6:f6:28:
52:58:a3:eb:ce:1e:58:e7:ae:99:a7:31:c5:e8:a5:47:a7:81:
cf:80:ab:12:9e:05:7c:4e:8a:8c:6a:f1:0e:cf:71:70:e8:b6:
d3:5b:00:6b:6e:ed:fa:c4:af:8f:a3:9f:bc:01:49:9e:d1:ac:
f3:c7:1f:55:65:a7:52:90:78:e6:13:fd:24:bc:cb:85:f3:ee:
6c:b3:ae:3d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZYcVkpxjqY5oTtTid7toVX0xViEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxOWRiNTFjYjBmZjkyN2U2Zjc4MTIyMTZhN2JhMzY0OGI1MGE2OTA4ZDg5
MDY2ODIyNjk3YzZiOTllYzkwYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO+ZgCEnsHWMeJkhc4o5Puq7AC5wVC02d4hJv2v5hwyQNUbZx4A0bh/c3Jj4
1sExZuvvq37PMWhVildSBI6ICsuBc3+Ho1e4DNTFsDa/YBxx6ogmLYBoRmUzCmvi
m8Sl2j+GOKCpVJXhJFkZWMtOIXuqiYT7e+DJutN1dVVkVdvalSADJu2yBDDmNmUO
Zlcap0c59VsZlcuYgBTDsKzB2ycmDJ/wxOCiEGFTaiFhDkcz7HjfU4w7yhbgT0Uy
L5LwcmRcXXM4KzOgsBc8VXF0TQVpjPNksJdhKNcoJGTyR8Gez5jSYo8vSq5eo3Mq
+SlqD0hpPAAXAupAldd1+xZckesCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRkTnim
GZ4pc3GOeSbQYyLbRlpN0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
gDANBgkqhkiG9w0BAQsFAAOCAQEAJxaefRTQjdZRcp70sGtBUjK48lQ64APrd16a
mz/860SbnzIDSbdI/G3vAR5si5sAfhTdiW4ICkI5FrOwtwMeMUHubBowcw3m+JYn
11gyzpWiqHDhW+mdYOF5ISEIdotYEDgg3985MewEcLv6wt979nI2YWe5gBrjomS0
9DuJZOpTXNVT1VCNyRvEPG2qyLW/8SzXIkXlXOBC5EuE/jSnSrSQ1mph/RmPNTj8
aagRMGgy5vYoUlij684eWOeumacxxeilR6eBz4CrEp4FfE6KjGrxDs9xcOi201sA
a27t+sSvj6OfvAFJntGs88cfVWWnUpB45hP9JLzLhfPubLOuPQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:33 2026 by rpki-client