Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2470da0-7607-467e-87c5-2b56043d8899.roa
File: e2470da0-7607-467e-87c5-2b56043d8899.roa (raw, json)
Hash identifier: 41VOciV9YSCeByld9XD3rMvbZ84YXb6rdNoaiC7ITvA=
Subject key identifier: 73:52:2E:EF:C8:E3:EC:2B:17:0E:C1:FB:4F:9F:0F:8E:C7:6C:C9:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04D93C5823B9BA66453ECDF75EEDC930BAC55DDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2470da0-7607-467e-87c5-2b56043d8899.roa
Signing time: Sun 31 May 2026 01:00:30 +0000
ROA not before: Sun 31 May 2026 01:00:30 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:d9:3c:58:23:b9:ba:66:45:3e:cd:f7:5e:ed:c9:30:ba:c5:5d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:30 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=0abf1788993e330fd7a3236cbd42cad2f3b63d2bb82f41e098d24c68a3f23fb1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6c:33:73:da:1c:7e:f8:82:d9:f2:d2:84:dc:
f2:6c:91:82:fb:c2:38:ae:10:ed:e7:e2:70:b3:2e:
36:a5:bd:8d:a9:b2:85:18:79:46:95:cf:d5:bf:ec:
0b:41:e8:01:a1:a0:d8:16:ed:d6:e3:bd:19:35:b7:
b7:f0:56:fa:49:59:a1:3c:f2:5a:42:e1:6d:2a:3b:
ce:59:40:9c:26:a1:99:41:91:f8:12:07:c8:3a:5f:
08:c8:24:86:45:96:4f:e3:51:d8:0b:e8:0f:80:7d:
ea:38:f5:b9:57:91:26:be:c2:8f:55:7e:91:59:af:
0a:05:72:97:5b:5b:90:db:17:31:03:38:c0:71:b6:
7d:56:1f:6c:f4:bd:2d:92:b2:c9:57:45:aa:bb:1a:
06:04:b9:57:7d:c6:9a:55:fe:dd:a9:ed:2d:73:7f:
1a:72:20:ac:c9:00:3e:40:cd:92:93:44:a7:6d:13:
66:3e:db:ed:c8:da:1a:83:11:db:47:3e:10:3c:07:
0e:2b:3d:6f:33:5c:f1:b3:b3:28:8f:be:8e:72:d5:
d2:31:2f:4a:01:b5:52:79:98:16:ed:04:dd:52:86:
26:df:3e:5d:23:eb:2b:08:8b:cd:f0:e4:6b:72:b7:
09:f4:85:1a:35:67:31:dc:50:d4:09:03:6e:59:77:
78:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:52:2E:EF:C8:E3:EC:2B:17:0E:C1:FB:4F:9F:0F:8E:C7:6C:C9:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2470da0-7607-467e-87c5-2b56043d8899.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
9c:4f:a8:d4:2e:d2:92:50:27:f8:d7:a6:b2:7c:b5:b2:b8:89:
be:e2:85:3c:91:d6:75:00:26:89:94:6c:22:ba:53:cc:24:51:
b4:2b:ce:7d:ab:3e:bf:97:bd:d6:3f:cf:3f:a2:36:4f:a9:c0:
c9:7e:0b:c5:55:13:2f:dd:ab:75:fc:17:b6:9e:b7:ae:0f:1e:
b8:5e:64:9d:ab:ca:0d:0f:b3:b4:46:5d:aa:e1:b9:f5:db:31:
5f:65:f8:1e:9f:d0:29:d1:e2:4e:e9:0d:2f:00:97:62:3b:d2:
49:cf:62:82:bc:29:10:04:dc:31:b7:59:e1:0c:4e:8c:46:fa:
48:27:4d:38:39:56:df:5f:0f:9a:ca:78:8d:a6:9a:6d:40:d6:
b3:b6:50:a0:0e:cb:a5:e3:df:7c:92:8a:95:b6:d9:f7:38:d2:
b4:17:6f:62:f7:18:c3:66:1a:43:cf:03:04:59:af:5b:42:de:
be:5b:a6:a7:b5:20:b4:9b:d3:66:af:f0:11:4c:03:bc:87:dd:
bd:fc:ef:f5:b2:ee:96:2d:bc:1f:a2:58:a5:9c:78:1f:9a:bd:
2f:d2:d8:80:36:19:d9:b6:80:68:ae:97:82:57:ef:1a:50:7b:
3b:86:78:36:a4:5e:9a:36:23:aa:2f:88:0d:32:73:05:08:c3:
9d:58:b1:47
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBNk8WCO5umZFPs33Xu3JMLrFXdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwMzBaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhYmYxNzg4OTkzZTMzMGZkN2EzMjM2Y2JkNDJjYWQyZjNiNjNkMmJiODJm
NDFlMDk4ZDI0YzY4YTNmMjNmYjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVsM3PaHH74gtny0oTc8myRgvvCOK4Q7eficLMuNqW9jamyhRh5RpXP1b/s
C0HoAaGg2Bbt1uO9GTW3t/BW+klZoTzyWkLhbSo7zllAnCahmUGR+BIHyDpfCMgk
hkWWT+NR2AvoD4B96jj1uVeRJr7Cj1V+kVmvCgVyl1tbkNsXMQM4wHG2fVYfbPS9
LZKyyVdFqrsaBgS5V33GmlX+3antLXN/GnIgrMkAPkDNkpNEp20TZj7b7cjaGoMR
20c+EDwHDis9bzNc8bOzKI++jnLV0jEvSgG1UnmYFu0E3VKGJt8+XSPrKwiLzfDk
a3K3CfSFGjVnMdxQ1AkDbll3eOUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRzUi7v
yOPsKxcOwftPnw+Ox2zJTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTI0NzBkYTAtNzYwNy00NjdlLTg3YzUtMmI1NjA0M2Q4ODk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FqA
wDANBgkqhkiG9w0BAQsFAAOCAQEAnE+o1C7SklAn+Nemsny1sriJvuKFPJHWdQAm
iZRsIrpTzCRRtCvOfas+v5e91j/PP6I2T6nAyX4LxVUTL92rdfwXtp63rg8euF5k
navKDQ+ztEZdquG59dsxX2X4Hp/QKdHiTukNLwCXYjvSSc9igrwpEATcMbdZ4QxO
jEb6SCdNODlW318Pmsp4jaaabUDWs7ZQoA7LpePffJKKlbbZ9zjStBdvYvcYw2Ya
Q88DBFmvW0Levlump7UgtJvTZq/wEUwDvIfdvfzv9bLuli28H6JYpZx4H5q9L9LY
gDYZ2baAaK6XglfvGlB7O4Z4NqRemjYjqi+IDTJzBQjDnVixRw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:46:12 2026 by rpki-client