Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
File: b7f51085-242e-4975-929d-5a48b9aa7650.roa (raw, json)
Hash identifier: bZMIYhGeBAV6gI5GcsUenkNNB92QmU8pAIn9PvF1rKk=
Subject key identifier: 93:10:BF:A4:80:F1:7A:37:D8:DF:C7:E1:40:D6:0D:50:D8:92:B5:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04993963ABA1B5A229D9902D183A026BAC9214BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
Signing time: Fri 15 May 2026 02:00:09 +0000
ROA not before: Fri 15 May 2026 02:00:09 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:99:39:63:ab:a1:b5:a2:29:d9:90:2d:18:3a:02:6b:ac:92:14:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:00:09 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=c219a01afcb3e39912fdfe74a0c7cb8a5e7b50553a2932db48604a78bede8f84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:54:95:d2:4e:06:16:da:0f:d0:2c:c6:68:cf:
df:79:56:cc:53:0d:ff:bb:4d:dc:54:01:3b:c2:bd:
99:53:5b:a4:f9:88:e4:56:38:61:9f:2b:d1:aa:09:
ab:82:9b:8f:4b:00:fb:e0:24:74:ed:c7:e6:e6:c8:
bc:c6:6d:91:32:4b:3a:f2:69:18:8b:6a:39:32:d2:
28:b2:4d:0e:63:b6:86:af:7e:b1:1c:10:dd:d2:47:
2c:50:15:74:21:43:15:ad:35:79:56:66:0a:aa:3f:
84:ad:d0:55:3e:0c:95:a7:99:16:b6:02:db:17:0e:
dd:9c:27:c8:36:15:b7:e7:24:87:03:65:cd:3b:50:
7a:f3:d1:53:a8:ec:4c:ac:39:c1:7f:41:9c:15:41:
0c:ee:26:fc:2a:e4:b1:e1:ed:cb:45:4e:69:84:04:
cd:f9:96:52:09:c6:b4:64:06:de:e5:bb:90:46:a0:
a1:7a:4e:c7:48:34:8c:2e:80:63:b4:5b:6a:b6:97:
18:fa:80:f1:56:05:6d:d7:0d:db:3d:d4:66:99:92:
fd:54:61:5c:fd:eb:17:85:f1:c5:58:d0:d7:32:a4:
94:74:3f:bd:16:8e:8f:a6:12:ae:ae:aa:0e:38:04:
68:43:bb:70:85:41:7c:83:be:27:f0:b6:17:00:83:
b5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:10:BF:A4:80:F1:7A:37:D8:DF:C7:E1:40:D6:0D:50:D8:92:B5:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:5000::/40
Signature Algorithm: sha256WithRSAEncryption
60:9e:f5:4c:5e:b1:60:71:16:5c:72:e3:5c:d5:a6:7a:01:45:
55:28:60:22:46:38:ba:b1:e5:55:74:c4:b9:f6:83:c1:5a:75:
40:c4:9a:9f:1f:10:cd:c7:24:1b:a0:ad:0d:e4:38:d7:72:51:
37:24:ef:7a:a5:d6:fa:4e:b3:19:34:db:a0:31:5c:18:b0:8d:
ec:70:33:ff:66:99:35:70:98:64:5f:42:c7:ab:09:b3:fb:bf:
c5:c4:a2:09:9c:48:5e:e2:d5:37:52:d1:ee:0e:cc:63:1d:0d:
d5:2d:0a:b3:ad:91:e6:67:32:80:bd:17:ec:21:0d:05:62:64:
0f:b8:d7:b5:57:3f:11:59:4f:31:39:c3:a9:dc:42:fe:a3:e9:
f3:5b:7c:3d:81:70:17:d9:65:73:8e:36:e0:3b:a0:d8:ff:f7:
dd:90:88:b5:5e:6a:81:59:04:c9:ba:99:52:63:e2:52:2f:e7:
38:fb:c7:23:60:b8:16:15:35:b2:38:3e:f1:21:83:93:6f:0e:
c7:1a:c2:48:04:bb:f7:6e:83:e9:19:ba:ed:7c:e7:4d:7d:ae:
36:15:4a:9d:fd:59:f8:ed:b3:74:88:3f:e1:58:6a:d4:cb:8c:
cd:96:c9:77:44:13:e5:e4:99:73:d7:8c:7d:20:1e:89:cf:d4:
dd:cf:cf:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBJk5Y6uhtaIp2ZAtGDoCa6ySFL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjAwMDlaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyMTlhMDFhZmNiM2UzOTkxMmZkZmU3NGEwYzdjYjhhNWU3YjUwNTUzYTI5
MzJkYjQ4NjA0YTc4YmVkZThmODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1UldJOBhbaD9AsxmjP33lWzFMN/7tN3FQBO8K9mVNbpPmI5FY4YZ8r0aoJ
q4Kbj0sA++AkdO3H5ubIvMZtkTJLOvJpGItqOTLSKLJNDmO2hq9+sRwQ3dJHLFAV
dCFDFa01eVZmCqo/hK3QVT4MlaeZFrYC2xcO3ZwnyDYVt+ckhwNlzTtQevPRU6js
TKw5wX9BnBVBDO4m/CrkseHty0VOaYQEzfmWUgnGtGQG3uW7kEagoXpOx0g0jC6A
Y7RbaraXGPqA8VYFbdcN2z3UZpmS/VRhXP3rF4XxxVjQ1zKklHQ/vRaOj6YSrq6q
DjgEaEO7cIVBfIO+J/C2FwCDtf0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSTEL+k
gPF6N9jfx+FA1g1Q2JK1ATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdmNTEwODUtMjQyZS00OTc1LTkyOWQtNWE0OGI5YWE3NjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBgnvVMXrFgcRZccuNc1aZ6AUVVKGAiRji6seVV
dMS59oPBWnVAxJqfHxDNxyQboK0N5DjXclE3JO96pdb6TrMZNNugMVwYsI3scDP/
Zpk1cJhkX0LHqwmz+7/FxKIJnEhe4tU3UtHuDsxjHQ3VLQqzrZHmZzKAvRfsIQ0F
YmQPuNe1Vz8RWU8xOcOp3EL+o+nzW3w9gXAX2WVzjjbgO6DY//fdkIi1XmqBWQTJ
uplSY+JSL+c4+8cjYLgWFTWyOD7xIYOTbw7HGsJIBLv3boPpGbrtfOdNfa42FUqd
/Vn47bN0iD/hWGrUy4zNlsl3RBPl5Jlz14x9IB6Jz9Tdz8/E
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:56 2026 by rpki-client