Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
File: c7743543-1a04-47c2-8128-1b90de9136a9.roa (raw, json)
Hash identifier: jG4jXxz9rKmnqIy3T2W8rHK4tU+qJynsTzK68fQ7QFo=
Subject key identifier: DB:34:DC:9F:50:EB:D5:8E:AB:3B:13:B3:9C:6E:4D:D8:9B:CB:D7:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21AFEF060B69BAC1379C2E369CB0DC4CA943BD1A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
Signing time: Tue 19 May 2026 05:00:59 +0000
ROA not before: Tue 19 May 2026 05:00:59 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:af:ef:06:0b:69:ba:c1:37:9c:2e:36:9c:b0:dc:4c:a9:43:bd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:59 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=c0ff3f644c142e849d244ceff6725c12312d5e9a89606a1db5c8103417618a05, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ba:3b:f5:0d:b6:3d:4f:ce:12:79:4f:b0:e7:
6a:61:e6:83:99:04:1b:ca:01:d8:43:fa:f7:bf:24:
7c:45:bd:99:87:ad:ed:42:36:70:42:83:5f:28:08:
1e:ed:f9:b7:0b:76:46:af:20:ae:f8:32:ac:7e:b4:
eb:67:f0:4b:79:7d:9e:b4:f7:a4:f2:0d:de:0c:56:
a0:c5:42:53:e3:8c:f6:f9:70:47:9c:57:b7:a1:e2:
ba:7d:c9:95:97:c6:bd:df:34:27:bc:81:e1:15:75:
e0:fe:26:e1:1a:fd:0c:e9:85:b5:2d:e0:57:cc:c2:
7e:fb:d7:0a:bf:31:94:8a:0e:80:e0:c7:85:db:a1:
6a:d1:7d:f9:e3:b0:e9:21:11:90:3d:ea:35:6a:dc:
6e:72:6b:b8:d1:bc:f3:23:f0:09:e2:15:ec:a2:4e:
a3:58:42:b6:b6:5e:ef:31:72:e6:b2:a1:e5:16:eb:
f1:a9:e6:4a:95:4a:58:b3:ef:33:3c:a8:0a:8a:ce:
56:92:7f:14:d5:fe:db:48:7a:24:7e:af:66:6c:36:
93:a6:75:3c:3a:77:a3:4b:53:f7:ae:d4:0a:f3:4b:
2c:c5:91:f6:eb:a9:ca:ff:c5:ef:44:46:23:6e:e0:
85:18:a5:0f:65:8f:67:ca:5b:34:20:29:e7:aa:0a:
73:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:34:DC:9F:50:EB:D5:8E:AB:3B:13:B3:9C:6E:4D:D8:9B:CB:D7:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8090::/48
Signature Algorithm: sha256WithRSAEncryption
7d:8c:ba:a2:fa:5c:f6:ad:95:8f:2f:98:49:6d:c1:fd:c9:50:
5f:8d:1f:12:35:ec:bd:2c:7e:cb:4f:ed:48:37:63:e1:da:88:
cb:9c:80:99:5d:51:69:5e:1f:81:99:b9:5a:5f:f4:3c:d2:29:
20:2b:ee:68:e5:a7:10:62:3b:cf:a3:41:40:c5:59:05:dd:9f:
38:c9:fa:bd:d6:4f:8e:5c:20:2b:84:72:98:32:f8:c2:1b:d4:
a3:92:c5:a8:7c:4f:f5:24:4e:c9:98:fd:50:55:87:d6:3e:78:
69:19:7e:6d:a1:c4:be:8a:5a:52:43:c2:d4:06:f7:30:23:91:
aa:53:b2:93:f1:73:34:35:ef:a9:8a:20:33:11:42:02:5e:8f:
f8:7c:58:1d:d6:3b:7c:d6:d4:3d:0d:01:da:71:3a:e6:24:e2:
8d:e7:f5:f6:41:ba:81:d6:b1:56:94:59:8d:33:34:8c:47:95:
f2:31:81:3e:91:56:7d:55:c6:ce:ac:80:d7:7d:48:1d:f7:a2:
1b:0b:11:06:25:72:d7:27:e8:45:40:08:cb:fe:c4:92:55:6e:
9b:0e:5d:aa:5d:fd:20:b4:26:57:a6:31:46:2f:a8:4d:40:0b:
f6:fd:71:e6:d1:70:85:44:ec:85:87:ac:29:21:25:87:61:dc:
e5:4c:e8:50
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIa/vBgtpusE3nC42nLDcTKlDvRowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwZmYzZjY0NGMxNDJlODQ5ZDI0NGNlZmY2NzI1YzEyMzEyZDVlOWE4OTYw
NmExZGI1YzgxMDM0MTc2MThhMDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKG6O/UNtj1PzhJ5T7DnamHmg5kEG8oB2EP6978kfEW9mYet7UI2cEKDXygI
Hu35twt2Rq8grvgyrH6062fwS3l9nrT3pPIN3gxWoMVCU+OM9vlwR5xXt6Hiun3J
lZfGvd80J7yB4RV14P4m4Rr9DOmFtS3gV8zCfvvXCr8xlIoOgODHhduhatF9+eOw
6SERkD3qNWrcbnJruNG88yPwCeIV7KJOo1hCtrZe7zFy5rKh5Rbr8anmSpVKWLPv
MzyoCorOVpJ/FNX+20h6JH6vZmw2k6Z1PDp3o0tT967UCvNLLMWR9uupyv/F70RG
I27ghRilD2WPZ8pbNCAp56oKc80CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTbNNyf
UOvVjqs7E7Ocbk3Ym8vXhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc3NDM1NDMtMWEwNC00N2MyLTgxMjgtMWI5MGRlOTEzNmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
kDANBgkqhkiG9w0BAQsFAAOCAQEAfYy6ovpc9q2Vjy+YSW3B/clQX40fEjXsvSx+
y0/tSDdj4dqIy5yAmV1RaV4fgZm5Wl/0PNIpICvuaOWnEGI7z6NBQMVZBd2fOMn6
vdZPjlwgK4RymDL4whvUo5LFqHxP9SROyZj9UFWH1j54aRl+baHEvopaUkPC1Ab3
MCORqlOyk/FzNDXvqYogMxFCAl6P+HxYHdY7fNbUPQ0B2nE65iTijef19kG6gdax
VpRZjTM0jEeV8jGBPpFWfVXGzqyA131IHfeiGwsRBiVy1yfoRUAIy/7EklVumw5d
ql39ILQmV6YxRi+oTUAL9v1x5tFwhUTshYesKSElh2Hc5UzoUA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:44 2026 by rpki-client