Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db5de5bf-c386-47fc-819b-84f11b94fb74.roa
File: db5de5bf-c386-47fc-819b-84f11b94fb74.roa (raw, json)
Hash identifier: Isw7N1QL1f0hetVh98BOrDnHnw0aziO9PoDsbO0JE/8=
Subject key identifier: 47:DA:34:58:C8:40:3D:29:48:A7:3B:24:36:CA:16:23:8C:30:C4:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D360B078F30BD10A6312E8EDB79F217917151A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db5de5bf-c386-47fc-819b-84f11b94fb74.roa
Signing time: Sun 31 May 2026 01:00:27 +0000
ROA not before: Sun 31 May 2026 01:00:27 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:36:0b:07:8f:30:bd:10:a6:31:2e:8e:db:79:f2:17:91:71:51:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:27 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=4a43267c2e6aebe76169c04c5d1ee998d62bea940777239b6a4522c1078178ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:34:28:58:57:5a:19:90:ea:46:fd:e4:27:54:
6f:ac:f7:b1:6d:e5:42:4f:30:67:0d:63:be:4b:c3:
e0:4b:6c:7f:5b:ee:d3:55:75:2a:63:e0:6b:c7:c4:
2a:8c:6e:6c:fc:f4:66:8d:7c:56:e4:05:b5:5b:57:
7e:d8:13:01:b1:23:3c:88:4d:7f:07:2e:0d:88:65:
60:6c:e2:e7:72:79:80:f3:12:e3:2f:51:f1:3d:ab:
66:43:19:50:c8:ed:c9:cb:fc:b1:88:66:25:50:f0:
78:a5:25:8b:70:68:1b:da:7e:ac:d2:4b:2b:6f:7b:
65:c6:45:1f:f0:dd:5b:07:cc:51:64:79:ce:e6:06:
10:0d:ea:02:54:aa:fe:fa:81:59:21:7f:26:07:74:
49:9f:a1:5f:91:47:74:9c:15:40:d9:1f:97:31:72:
71:c0:ba:1f:33:cd:76:dc:61:3c:43:2a:90:22:6c:
ec:63:b9:3e:94:21:4a:aa:6b:28:66:78:43:a1:66:
80:5a:c2:26:32:f0:eb:14:a1:7b:41:a0:66:4d:4b:
8f:0b:3d:a9:96:bf:85:c8:81:a3:2b:8c:79:d7:60:
26:86:ab:81:b5:54:2a:3b:36:14:c3:9b:a5:8e:15:
4d:90:de:29:6f:3d:48:dc:c6:75:b7:96:99:a2:ac:
9b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:DA:34:58:C8:40:3D:29:48:A7:3B:24:36:CA:16:23:8C:30:C4:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db5de5bf-c386-47fc-819b-84f11b94fb74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:e080::/48
Signature Algorithm: sha256WithRSAEncryption
50:17:fd:fe:97:71:69:8d:3d:ef:76:14:e9:72:96:b7:23:0b:
5b:ad:cd:7c:0b:da:bc:49:cc:1e:31:89:f4:93:bd:43:b9:ff:
87:3d:5f:44:32:f0:a4:f4:3b:cf:16:51:79:3d:38:04:51:bd:
cd:38:9a:aa:60:20:78:75:f0:2e:f9:6c:af:c2:47:fc:63:cd:
c2:3c:43:96:2a:96:64:64:97:72:0f:a7:d5:16:ab:d1:b0:89:
f2:74:77:d0:94:40:83:ea:91:96:63:41:55:40:cd:c0:ef:99:
e2:9c:64:e8:37:4f:62:1d:08:ee:68:60:12:da:f8:2f:27:ec:
46:82:6e:d8:ee:af:2d:d0:f5:e1:94:b3:db:e6:eb:45:2d:09:
64:59:e4:b5:24:84:c3:30:dc:81:64:2e:27:92:0f:09:f6:d7:
d1:70:b7:05:bc:82:d7:e6:5b:2b:ed:6d:21:2e:19:ca:51:10:
55:f9:0b:48:3d:ad:36:38:a7:87:f4:ed:b8:ff:06:eb:7c:6e:
d9:60:74:6f:32:02:99:e4:db:88:d8:b5:62:1a:93:b8:eb:c7:
37:17:77:32:8e:51:b8:cf:cd:62:de:13:41:f8:fb:ff:4a:e0:
ed:17:4e:b1:96:ba:4e:18:27:08:2a:5e:ba:46:7f:be:7a:ab:
40:c3:9b:88
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULTYLB48wvRCmMS6O23nyF5FxUaIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwMjdaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhNDMyNjdjMmU2YWViZTc2MTY5YzA0YzVkMWVlOTk4ZDYyYmVhOTQwNzc3
MjM5YjZhNDUyMmMxMDc4MTc4ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKg0KFhXWhmQ6kb95CdUb6z3sW3lQk8wZw1jvkvD4Etsf1vu01V1KmPga8fE
KoxubPz0Zo18VuQFtVtXftgTAbEjPIhNfwcuDYhlYGzi53J5gPMS4y9R8T2rZkMZ
UMjtycv8sYhmJVDweKUli3BoG9p+rNJLK297ZcZFH/DdWwfMUWR5zuYGEA3qAlSq
/vqBWSF/Jgd0SZ+hX5FHdJwVQNkflzFyccC6HzPNdtxhPEMqkCJs7GO5PpQhSqpr
KGZ4Q6FmgFrCJjLw6xShe0GgZk1Ljws9qZa/hciBoyuMeddgJoargbVUKjs2FMOb
pY4VTZDeKW89SNzGdbeWmaKsm6UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRH2jRY
yEA9KUinOyQ2yhYjjDDEaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGI1ZGU1YmYtYzM4Ni00N2ZjLTgxOWItODRmMTFiOTRmYjc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3g
gDANBgkqhkiG9w0BAQsFAAOCAQEAUBf9/pdxaY0973YU6XKWtyMLW63NfAvavEnM
HjGJ9JO9Q7n/hz1fRDLwpPQ7zxZReT04BFG9zTiaqmAgeHXwLvlsr8JH/GPNwjxD
liqWZGSXcg+n1Rar0bCJ8nR30JRAg+qRlmNBVUDNwO+Z4pxk6DdPYh0I7mhgEtr4
LyfsRoJu2O6vLdD14ZSz2+brRS0JZFnktSSEwzDcgWQuJ5IPCfbX0XC3BbyC1+Zb
K+1tIS4ZylEQVfkLSD2tNjinh/TtuP8G63xu2WB0bzICmeTbiNi1YhqTuOvHNxd3
Mo5RuM/NYt4TQfj7/0rg7RdOsZa6ThgnCCpeukZ/vnqrQMObiA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:08 2026 by rpki-client