Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json)
Hash identifier: eYS8eePQOjNGMweavqMfrsDXXvCDIo2cvjPn3xf6nYs=
Subject key identifier: A9:C2:D6:C0:15:98:DC:20:15:93:01:FB:5A:C5:3C:88:BE:33:1A:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7851D4A2201EB9F41133410A5BA568C4A6B9FDE8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
Signing time: Tue 19 May 2026 04:40:08 +0000
ROA not before: Tue 19 May 2026 04:40:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:51:d4:a2:20:1e:b9:f4:11:33:41:0a:5b:a5:68:c4:a6:b9:fd:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=055647dfaf0a7afaf8a8975e67ffd3647b268a5269835fece644764c0e5080eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:7e:e2:38:85:53:fd:45:60:b4:df:f6:92:b6:
28:51:6c:6e:5e:e0:b9:6f:61:10:17:0a:e3:01:c8:
5f:bd:cf:5b:1b:4f:68:0b:4c:73:12:ea:0d:0a:a6:
08:7f:e7:f2:98:06:fd:7d:b4:4c:2e:95:16:38:82:
ef:d8:0a:a2:a7:99:c7:74:1e:3f:23:4d:05:c9:e9:
5c:4f:3a:b2:69:10:d3:cd:b6:a7:82:3e:43:89:86:
b9:ed:d7:a3:25:36:98:05:56:d9:3b:db:3a:9b:5d:
c3:d2:92:a2:b7:a9:d2:a6:f3:5a:93:28:04:2e:e5:
7b:7f:bf:84:41:b1:ae:ff:75:ec:c3:0e:2e:15:e4:
77:4f:dd:98:04:57:50:0f:4c:bc:b0:d3:42:e2:71:
4d:b5:cb:c9:ca:86:99:84:df:6d:7b:5b:ed:a0:c8:
46:7d:bd:5a:be:f3:17:14:54:38:6f:b6:e7:8e:70:
a3:30:21:fd:3e:64:13:9f:b6:40:9a:ed:9b:77:f0:
a4:97:aa:eb:82:3e:ba:2c:b8:29:35:a9:5d:e2:bf:
75:dc:55:74:58:4f:17:60:5c:24:85:0d:f2:5d:2b:
b2:ac:be:7d:ef:78:19:ec:09:bb:1a:d5:08:41:42:
7c:99:f1:dc:bc:2c:1a:9b:1a:1b:7f:a2:04:fa:25:
a2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C2:D6:C0:15:98:DC:20:15:93:01:FB:5A:C5:3C:88:BE:33:1A:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
87:3d:0b:74:f0:09:9d:1a:a7:43:8f:4a:79:8a:9e:34:ed:28:
28:3b:56:e4:72:2c:7b:ed:82:af:33:bd:bf:b5:59:69:d7:3b:
51:81:3d:3a:41:84:fe:04:37:28:5c:ce:2b:e8:42:2c:8f:75:
f2:3d:6f:5a:b8:36:57:04:b2:46:1e:ce:86:fb:81:c1:e3:9a:
ab:50:42:be:fb:ba:59:94:87:a8:f4:24:d4:2b:52:f9:cf:8d:
0a:5f:03:34:7b:7b:57:a8:b5:d2:1d:a5:18:f4:29:a1:95:22:
b8:7e:bb:59:41:d9:25:21:92:5d:94:71:b0:5a:01:65:b5:04:
8f:a1:c7:11:71:30:25:6c:44:23:fb:ec:64:c4:1c:be:dc:bf:
51:dd:7c:70:fd:fe:58:ff:b8:82:b5:c8:64:e4:01:f1:ab:98:
af:e4:5d:69:c8:d5:e3:a8:33:ae:2e:16:a8:bd:52:8c:ae:63:
63:c1:1b:89:a6:14:8f:c8:c4:70:82:a2:92:4c:12:33:f0:55:
c3:3f:ab:f0:7e:d8:0d:d9:ca:c3:eb:7c:f4:3c:ed:5e:ed:ff:
cd:0d:95:e4:e7:8d:f3:b1:65:a4:a5:80:bd:56:20:15:f2:72:
46:47:07:9c:fa:44:0b:2c:e9:21:ba:37:2d:ca:8d:c8:96:2c:
cf:f7:c2:5f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeFHUoiAeufQRM0EKW6VoxKa5/egwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1NTY0N2RmYWYwYTdhZmFmOGE4OTc1ZTY3ZmZkMzY0N2IyNjhhNTI2OTgz
NWZlY2U2NDQ3NjRjMGU1MDgwZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPJ+4jiFU/1FYLTf9pK2KFFsbl7guW9hEBcK4wHIX73PWxtPaAtMcxLqDQqm
CH/n8pgG/X20TC6VFjiC79gKoqeZx3QePyNNBcnpXE86smkQ0822p4I+Q4mGue3X
oyU2mAVW2TvbOptdw9KSorep0qbzWpMoBC7le3+/hEGxrv917MMOLhXkd0/dmARX
UA9MvLDTQuJxTbXLycqGmYTfbXtb7aDIRn29Wr7zFxRUOG+2545wozAh/T5kE5+2
QJrtm3fwpJeq64I+uiy4KTWpXeK/ddxVdFhPF2BcJIUN8l0rsqy+fe94GewJuxrV
CEFCfJnx3LwsGpsaG3+iBPolotUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSpwtbA
FZjcIBWTAftaxTyIvjMaITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
0DANBgkqhkiG9w0BAQsFAAOCAQEAhz0LdPAJnRqnQ49KeYqeNO0oKDtW5HIse+2C
rzO9v7VZadc7UYE9OkGE/gQ3KFzOK+hCLI918j1vWrg2VwSyRh7OhvuBweOaq1BC
vvu6WZSHqPQk1CtS+c+NCl8DNHt7V6i10h2lGPQpoZUiuH67WUHZJSGSXZRxsFoB
ZbUEj6HHEXEwJWxEI/vsZMQcvty/Ud18cP3+WP+4grXIZOQB8auYr+RdacjV46gz
ri4WqL1SjK5jY8EbiaYUj8jEcIKikkwSM/BVwz+r8H7YDdnKw+t89DztXu3/zQ2V
5OeN87FlpKWAvVYgFfJyRkcHnPpECyzpIbo3LcqNyJYsz/fCXw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:54 2026 by rpki-client