Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
File: de12834a-9370-4c63-969f-bf8eef4cd73b.roa (raw, json)
Hash identifier: v++WjQaijzuQUgxvoa9XA9RG3RcqFvt2wyHxIiNZZ0Y=
Subject key identifier: CF:B2:C3:F9:F6:55:EA:13:5C:63:B1:B7:97:A8:3D:4E:C2:00:3C:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F7A43A84A9DB4952CCA0CA22AE620061A049411
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
Signing time: Fri 15 May 2026 02:20:12 +0000
ROA not before: Fri 15 May 2026 02:20:12 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:7a:43:a8:4a:9d:b4:95:2c:ca:0c:a2:2a:e6:20:06:1a:04:94:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:20:12 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=9546463b262316c5379241cbc35dcc08009a3c9dc2fd1fd637a38fd4ba717fbe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:73:b5:21:ce:73:be:e4:74:e7:1d:70:83:d5:
46:e0:2b:f1:f9:5c:55:da:48:34:0b:ff:4d:23:53:
0e:05:b6:70:8e:f0:71:f3:a3:5a:29:b6:3a:e4:5b:
df:e0:b6:37:d0:21:9b:41:3a:e2:e6:30:8d:10:62:
19:cc:57:3d:56:a1:17:57:f2:58:51:20:ce:cc:95:
f8:45:e7:44:a1:5c:fe:c5:58:84:34:a1:32:c6:c2:
9f:85:5e:6c:11:e5:ea:70:92:1a:95:f4:ee:f6:45:
27:23:5e:a5:e7:94:a1:a3:1f:0f:67:59:79:44:6a:
a0:0a:e2:10:77:b1:ff:62:e2:08:79:ac:b3:b6:a0:
83:da:1d:f8:da:cf:50:73:1d:77:f2:f7:da:55:db:
74:57:56:28:49:57:d6:41:a2:77:f0:c2:6c:0d:99:
09:f6:90:57:f7:61:c5:c0:95:19:6e:09:50:51:c1:
83:1b:66:d3:17:c7:96:68:4d:31:4a:73:28:5c:6d:
34:0a:3e:f5:bf:00:40:49:6d:72:70:97:5b:06:f2:
40:fb:23:d7:8e:0e:3e:8a:50:ff:96:df:14:bf:22:
6d:68:42:fd:f0:fa:80:b2:86:34:3b:dc:30:15:69:
6d:33:f4:5d:61:7d:6d:b3:4e:48:6f:3d:96:3f:15:
76:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B2:C3:F9:F6:55:EA:13:5C:63:B1:B7:97:A8:3D:4E:C2:00:3C:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4010::/48
Signature Algorithm: sha256WithRSAEncryption
bb:08:38:2f:6c:3e:97:04:f9:dc:85:52:21:ca:7d:2e:97:6e:
ec:20:28:4f:c0:57:0a:97:57:5c:f3:8e:ac:76:7a:8a:94:d7:
ff:f9:1c:34:53:77:2e:22:e2:67:67:ac:95:a5:14:e5:ce:34:
e1:d3:2b:30:99:fe:28:ca:d5:df:71:fd:fc:73:43:5b:56:ec:
b4:6b:1b:f0:c1:34:be:28:e0:c4:32:98:76:71:3b:db:3b:a2:
39:2e:f9:32:8b:69:c7:ca:c6:a3:8a:49:1f:55:64:7b:17:87:
fc:aa:8f:59:e5:5b:d0:49:eb:ee:1c:3d:bb:ac:88:0f:1f:fd:
4a:1a:fb:2c:1f:02:04:40:f7:47:34:a6:74:92:8d:14:7e:17:
f2:24:e5:cf:e5:20:07:81:5b:80:71:de:2f:7a:6d:59:f0:e9:
b7:25:30:58:5c:d9:fa:98:55:41:03:29:c9:e5:a8:31:e4:5f:
1d:5b:41:0c:e2:0a:fe:58:33:10:df:1d:ad:02:47:64:e0:19:
f3:3c:9a:47:80:28:e2:89:9b:7c:49:30:ff:5b:56:d6:0a:4a:
92:a4:59:bb:c9:9c:13:47:5a:13:c7:93:28:d2:0b:a9:5f:56:
1a:e2:bd:48:08:65:67:b7:4b:e0:37:cc:00:c2:ea:8e:4f:5e:
ce:9e:a0:86
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD3pDqEqdtJUsygyiKuYgBhoElBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjIwMTJaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1NDY0NjNiMjYyMzE2YzUzNzkyNDFjYmMzNWRjYzA4MDA5YTNjOWRjMmZk
MWZkNjM3YTM4ZmQ0YmE3MTdmYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJBztSHOc77kdOcdcIPVRuAr8flcVdpINAv/TSNTDgW2cI7wcfOjWim2OuRb
3+C2N9Ahm0E64uYwjRBiGcxXPVahF1fyWFEgzsyV+EXnRKFc/sVYhDShMsbCn4Ve
bBHl6nCSGpX07vZFJyNepeeUoaMfD2dZeURqoAriEHex/2LiCHmss7agg9od+NrP
UHMdd/L32lXbdFdWKElX1kGid/DCbA2ZCfaQV/dhxcCVGW4JUFHBgxtm0xfHlmhN
MUpzKFxtNAo+9b8AQEltcnCXWwbyQPsj144OPopQ/5bfFL8ibWhC/fD6gLKGNDvc
MBVpbTP0XWF9bbNOSG89lj8VdqsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTPssP5
9lXqE1xjsbeXqD1OwgA8GTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGUxMjgzNGEtOTM3MC00YzYzLTk2OWYtYmY4ZWVmNGNkNzNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
EDANBgkqhkiG9w0BAQsFAAOCAQEAuwg4L2w+lwT53IVSIcp9Lpdu7CAoT8BXCpdX
XPOOrHZ6ipTX//kcNFN3LiLiZ2eslaUU5c404dMrMJn+KMrV33H9/HNDW1bstGsb
8ME0vijgxDKYdnE72zuiOS75Motpx8rGo4pJH1VkexeH/KqPWeVb0Enr7hw9u6yI
Dx/9Shr7LB8CBED3RzSmdJKNFH4X8iTlz+UgB4FbgHHeL3ptWfDptyUwWFzZ+phV
QQMpyeWoMeRfHVtBDOIK/lgzEN8drQJHZOAZ8zyaR4Ao4ombfEkw/1tW1gpKkqRZ
u8mcE0daE8eTKNILqV9WGuK9SAhlZ7dL4DfMAMLqjk9ezp6ghg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:28 2026 by rpki-client