Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
File: c02bd597-170b-4eec-b8d1-18d678b065fa.roa (raw, json)
Hash identifier: dOQe6QT2Ld1hy1Gq38EupBqtqeF3DJ732ikOCcoESAM=
Subject key identifier: 72:37:95:D8:B7:D6:6F:C2:98:52:36:6F:7C:44:4D:D6:CD:63:69:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0666949078C1AC70B12C7C4C0E222999A7D9AE4F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
Signing time: Tue 19 May 2026 05:10:05 +0000
ROA not before: Tue 19 May 2026 05:10:05 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:66:94:90:78:c1:ac:70:b1:2c:7c:4c:0e:22:29:99:a7:d9:ae:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:05 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8fa6e88cc87364bcba2450449cb7d6d6a72877f4ff57c4d153ea9cb228987361, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9f:d5:78:7e:7b:7d:5c:7e:25:23:15:e5:0f:
68:95:80:63:83:72:11:82:ff:46:f7:ff:ac:d7:61:
23:12:da:dc:46:c0:ca:79:93:a3:08:1f:47:0d:28:
31:8d:ba:84:06:2c:cd:51:c3:6d:b1:ea:fa:e1:bf:
c9:94:b8:16:e3:0e:27:a0:3a:f4:e2:62:e5:a3:d9:
ca:3f:8c:ba:71:a2:02:02:78:0a:90:64:bf:02:04:
67:cf:a1:9b:ca:3d:41:a1:21:ea:f2:47:84:f0:57:
08:a9:f9:d6:0d:9e:7f:f1:95:a8:ea:87:49:18:d9:
e6:64:eb:00:7e:87:99:c5:86:5c:07:14:af:8c:48:
15:5c:02:bf:84:3c:cf:d3:47:d5:54:db:22:0b:d2:
4f:71:9f:67:dc:4c:74:01:c1:7c:57:bd:fd:ba:1f:
cb:fa:59:50:6d:2b:3f:38:5f:5d:21:9a:4e:dd:e2:
2f:b0:14:58:40:31:9c:fa:5e:6d:32:be:3f:25:cb:
ba:d9:f6:f6:b1:bd:ed:be:c3:de:99:21:8e:8a:29:
b1:32:6f:35:46:08:da:6a:23:58:bd:ac:ce:92:5f:
b5:73:65:b1:30:1f:96:62:67:19:9b:71:bc:fe:e8:
bf:a8:71:72:6a:65:54:aa:f4:0c:31:ef:4e:6a:aa:
8b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:37:95:D8:B7:D6:6F:C2:98:52:36:6F:7C:44:4D:D6:CD:63:69:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8010::/48
Signature Algorithm: sha256WithRSAEncryption
1b:1a:6f:8c:9f:fe:d6:0f:bd:99:1a:8e:d4:a6:e0:b0:25:dd:
32:39:e7:3b:16:63:3e:36:cc:cb:71:b9:df:45:eb:d1:bc:e9:
25:5e:6d:59:4b:c0:96:89:d1:02:b1:66:17:22:1b:96:74:11:
3d:85:4f:b3:09:8c:95:c7:55:63:f7:0f:fc:51:d4:05:0b:44:
40:70:dc:6d:32:e0:e1:e7:d7:5a:03:eb:45:19:b0:fd:37:0a:
79:90:dc:8c:6e:93:06:10:45:61:61:8c:4f:12:eb:43:4c:80:
48:09:76:b9:62:ac:bf:9d:24:8a:14:2e:ad:99:8e:d3:d5:ac:
68:79:a0:91:c0:08:9f:89:ee:d8:a6:9b:67:bc:ad:47:c1:a3:
ef:12:3c:1b:0c:8c:ea:8e:96:00:e9:42:2d:1e:7c:db:a7:96:
21:b7:5c:1b:71:e1:91:e3:b7:fd:3b:6a:91:1a:2f:6f:09:a4:
dd:e9:6b:6c:57:2a:3e:0e:aa:d7:ff:49:d7:69:1b:39:73:ab:
31:ed:74:0b:69:25:74:de:e4:57:06:aa:6e:37:49:03:1b:1b:
0c:4a:4f:59:aa:18:92:c9:0e:35:82:9e:a2:40:0f:5c:36:b4:
49:25:3a:d0:d1:f9:d6:44:cf:03:0a:b3:e2:7a:1c:e9:38:11:
60:43:3f:6c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBmaUkHjBrHCxLHxMDiIpmafZrk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmYTZlODhjYzg3MzY0YmNiYTI0NTA0NDljYjdkNmQ2YTcyODc3ZjRmZjU3
YzRkMTUzZWE5Y2IyMjg5ODczNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGf1Xh+e31cfiUjFeUPaJWAY4NyEYL/Rvf/rNdhIxLa3EbAynmTowgfRw0o
MY26hAYszVHDbbHq+uG/yZS4FuMOJ6A69OJi5aPZyj+MunGiAgJ4CpBkvwIEZ8+h
m8o9QaEh6vJHhPBXCKn51g2ef/GVqOqHSRjZ5mTrAH6HmcWGXAcUr4xIFVwCv4Q8
z9NH1VTbIgvST3GfZ9xMdAHBfFe9/bofy/pZUG0rPzhfXSGaTt3iL7AUWEAxnPpe
bTK+PyXLutn29rG97b7D3pkhjoopsTJvNUYI2mojWL2szpJftXNlsTAflmJnGZtx
vP7ov6hxcmplVKr0DDHvTmqqi1MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRyN5XY
t9ZvwphSNm98RE3WzWNp8zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzAyYmQ1OTctMTcwYi00ZWVjLWI4ZDEtMThkNjc4YjA2NWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
EDANBgkqhkiG9w0BAQsFAAOCAQEAGxpvjJ/+1g+9mRqO1KbgsCXdMjnnOxZjPjbM
y3G530Xr0bzpJV5tWUvAlonRArFmFyIblnQRPYVPswmMlcdVY/cP/FHUBQtEQHDc
bTLg4efXWgPrRRmw/TcKeZDcjG6TBhBFYWGMTxLrQ0yASAl2uWKsv50kihQurZmO
09WsaHmgkcAIn4nu2KabZ7ytR8Gj7xI8GwyM6o6WAOlCLR5826eWIbdcG3HhkeO3
/TtqkRovbwmk3elrbFcqPg6q1/9J12kbOXOrMe10C2kldN7kVwaqbjdJAxsbDEpP
WaoYkskONYKeokAPXDa0SSU60NH51kTPAwqz4noc6TgRYEM/bA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:02 2026 by rpki-client