Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
File: b9f26696-5522-477d-b8bf-72de7350b09a.roa (raw, json)
Hash identifier: 08cvEY0J3NbZml/WJG1z9Q0cY6UKvFO7FunHwO2OKLM=
Subject key identifier: 1A:FD:C4:7B:AF:28:1C:D0:30:30:FE:E5:0F:FE:D3:45:10:F1:E7:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45DA23D45E882937900B16EA445789A6F88CD383
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
Signing time: Tue 19 May 2026 04:40:43 +0000
ROA not before: Tue 19 May 2026 04:40:43 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:da:23:d4:5e:88:29:37:90:0b:16:ea:44:57:89:a6:f8:8c:d3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:43 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=072a426e4f8ae19a98c501c0678ff1eb031d4cc6f928b0eb56ce4dd9c5db4130, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0c:62:6b:af:29:60:3b:d7:21:9d:6d:0e:1e:
0c:e2:d2:ad:f2:6a:fb:8c:bd:57:c3:3e:e0:91:f9:
14:23:2b:f6:e7:78:a2:db:3a:aa:d7:8b:19:e3:8e:
a3:46:42:c0:44:1f:99:37:4e:9d:c0:30:14:cf:5e:
43:8e:6e:ef:5e:c6:81:ae:14:8e:96:f6:f8:55:e9:
34:04:c3:99:66:ca:8b:4e:2c:e2:a8:0c:f6:4b:a9:
29:47:a5:8f:b8:92:c3:59:39:39:b6:27:68:82:ea:
1f:e7:a0:a2:16:0b:f8:39:73:b2:5c:37:c9:ec:3a:
eb:4b:b3:b0:5b:3b:01:d8:6e:f0:07:ca:ff:b8:4b:
fd:0f:00:19:4c:17:48:fa:83:b8:4c:f4:25:51:0b:
7d:83:07:81:18:2a:94:00:06:ea:84:31:55:6c:57:
de:2a:e0:9a:0e:03:ac:04:1b:15:15:c7:d9:af:d2:
1a:7f:3f:88:7b:37:94:5d:f3:7e:23:6d:8e:1a:dc:
4e:55:a2:9d:76:1d:91:8e:ea:08:77:ae:28:a4:4d:
72:38:57:db:83:ec:b4:ae:52:8a:65:85:99:77:41:
f3:61:07:13:c1:dd:6d:22:9d:d3:c0:dc:29:f1:0b:
7c:d8:1e:99:71:ff:e2:36:6d:5e:17:21:4b:54:60:
3b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FD:C4:7B:AF:28:1C:D0:30:30:FE:E5:0F:FE:D3:45:10:F1:E7:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5000::/40
Signature Algorithm: sha256WithRSAEncryption
70:38:6c:e2:49:9e:cb:69:36:90:de:19:65:00:98:2e:ec:29:
d5:f7:01:6f:7a:05:d6:7a:da:7b:0d:50:da:95:62:4a:44:9b:
d0:0b:d3:93:e3:a7:2d:e8:9c:c3:1a:98:71:7d:ce:8b:db:9e:
f0:b0:ba:98:57:49:c1:f8:1d:b2:f7:8b:9c:06:6a:01:87:c0:
3e:6b:c4:26:b0:c0:f4:71:e9:4d:68:3d:b5:b9:5e:7e:8c:c5:
f7:40:17:b4:7d:17:42:ae:44:17:72:da:37:63:94:2b:99:fb:
80:67:9b:2c:22:a2:08:01:94:d1:af:23:73:1b:fd:5a:4b:99:
18:75:a9:7c:4c:a5:7b:44:7e:d1:9d:73:ef:dd:22:47:b4:e3:
47:2d:2a:8c:57:ad:ad:04:61:fc:eb:be:22:3c:9e:b2:1f:05:
29:98:20:9b:c9:1f:a1:6a:47:7c:a0:39:4d:8b:de:56:89:92:
c0:2d:d8:64:14:b3:5d:f5:03:b6:fc:6f:72:b3:91:3d:d3:e4:
26:e9:d1:c9:ca:be:3f:d7:3b:76:a6:94:9d:dc:85:c8:57:7b:
38:8c:e8:0a:4c:91:c5:01:41:ef:d0:b8:41:e8:2a:c4:ec:e7:
5f:60:4b:a8:c6:15:a7:9a:ef:cd:c5:44:f0:cd:ec:cf:07:ca:
9f:01:86:4b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURdoj1F6IKTeQCxbqRFeJpviM04MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3MmE0MjZlNGY4YWUxOWE5OGM1MDFjMDY3OGZmMWViMDMxZDRjYzZmOTI4
YjBlYjU2Y2U0ZGQ5YzVkYjQxMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcMYmuvKWA71yGdbQ4eDOLSrfJq+4y9V8M+4JH5FCMr9ud4ots6qteLGeOO
o0ZCwEQfmTdOncAwFM9eQ45u717Gga4Ujpb2+FXpNATDmWbKi04s4qgM9kupKUel
j7iSw1k5ObYnaILqH+egohYL+Dlzslw3yew660uzsFs7Adhu8AfK/7hL/Q8AGUwX
SPqDuEz0JVELfYMHgRgqlAAG6oQxVWxX3irgmg4DrAQbFRXH2a/SGn8/iHs3lF3z
fiNtjhrcTlWinXYdkY7qCHeuKKRNcjhX24PstK5SimWFmXdB82EHE8HdbSKd08Dc
KfELfNgemXH/4jZtXhchS1RgO90CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQa/cR7
rygc0DAw/uUP/tNFEPHn5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmMjY2OTYtNTUyMi00NzdkLWI4YmYtNzJkZTczNTBiMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBwOGziSZ7LaTaQ3hllAJgu7CnV9wFvegXWetp7
DVDalWJKRJvQC9OT46ct6JzDGphxfc6L257wsLqYV0nB+B2y94ucBmoBh8A+a8Qm
sMD0celNaD21uV5+jMX3QBe0fRdCrkQXcto3Y5QrmfuAZ5ssIqIIAZTRryNzG/1a
S5kYdal8TKV7RH7RnXPv3SJHtONHLSqMV62tBGH8674iPJ6yHwUpmCCbyR+hakd8
oDlNi95WiZLALdhkFLNd9QO2/G9ys5E90+Qm6dHJyr4/1zt2ppSd3IXIV3s4jOgK
TJHFAUHv0LhB6CrE7OdfYEuoxhWnmu/NxUTwzezPB8qfAYZL
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:02 2026 by rpki-client