Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
File: f067aa52-ee52-4fb2-867c-8dc79786d43d.roa (raw, json)
Hash identifier: 2F3f4OUjnWd1gn+6KuDUHfpNjGbMXAp8d5Mcfndp8iA=
Subject key identifier: 80:40:92:47:DA:81:6E:7E:B5:B7:6E:BA:13:84:E3:94:8F:96:FA:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E4F989E7AC444BF5588DC645472562854E56646
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
Signing time: Tue 19 May 2026 04:50:36 +0000
ROA not before: Tue 19 May 2026 04:50:36 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:4f:98:9e:7a:c4:44:bf:55:88:dc:64:54:72:56:28:54:e5:66:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:36 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=05c47119e70c67a7ec4ad50af39bd72722cf192e01fb7d5ccc058f6ffafb100c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5f:8a:ce:0a:22:c2:de:21:e2:b4:b6:7c:1e:
97:83:68:90:95:07:ae:6e:05:a6:0e:1d:ea:eb:43:
8c:89:8b:52:55:d2:4d:48:87:2a:c9:8c:ba:32:e5:
31:ae:ff:45:a2:36:8d:d9:72:7c:d4:d6:4b:40:84:
7f:da:cb:db:c9:c6:78:61:26:04:29:af:6e:32:25:
eb:7d:dd:eb:0e:b1:bb:7f:d3:9d:21:c0:63:b8:32:
e9:da:aa:c9:c0:05:ed:46:a5:5a:37:58:40:cb:7a:
0b:00:80:a1:4e:a2:f0:cb:79:a4:a8:56:d2:e1:c3:
84:8b:b5:27:2e:ed:dd:96:bf:6b:c6:8b:64:11:00:
ae:06:44:4c:d0:a6:90:ec:56:72:5d:51:0c:90:6e:
e3:d8:4b:c1:a4:c1:63:11:7a:e5:0c:9c:70:f4:2e:
13:2e:c8:54:e7:b2:8e:1a:24:15:05:d2:84:6c:80:
78:bf:63:db:96:47:72:91:e7:ca:77:57:c7:ed:09:
01:16:44:21:75:8c:ea:76:21:31:3d:0b:92:f0:d6:
96:7f:f6:37:52:39:3f:d5:04:d9:b0:b7:cb:74:47:
7a:35:2d:2f:ce:fb:ba:d1:5a:82:72:cb:92:cf:ed:
0b:eb:c2:63:85:9c:08:07:68:a1:cd:59:4a:b7:90:
e4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:40:92:47:DA:81:6E:7E:B5:B7:6E:BA:13:84:E3:94:8F:96:FA:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2080::/48
Signature Algorithm: sha256WithRSAEncryption
74:aa:80:d0:bf:3e:59:b6:e3:10:e8:05:35:ff:4b:8b:da:c2:
4b:12:ac:2d:97:42:cc:df:f8:e8:c4:70:af:64:2f:31:47:f4:
ea:ca:bd:63:f8:18:f0:e7:de:9c:79:e4:de:fc:1b:50:ba:3b:
ce:89:56:84:56:63:d3:37:7c:26:83:cb:65:cc:d5:70:d4:44:
bf:f9:c3:40:aa:78:7d:47:57:69:8d:07:16:9d:ab:e5:8e:9a:
ef:67:d7:5c:b7:59:be:70:1d:75:af:03:67:f7:38:17:67:68:
38:b6:ab:5f:cb:c8:bc:7f:4c:2b:c4:a7:a3:b8:8e:ca:d5:98:
39:ff:4b:d6:2c:10:0e:1e:8d:2d:95:9b:1c:d6:42:0e:c2:af:
11:74:e8:ad:40:2f:ce:e3:e7:e4:5e:13:1a:7c:d6:e4:63:f9:
b8:04:52:23:d7:ad:0a:9f:2f:cf:73:73:b1:77:a6:23:3e:ee:
6e:d7:4c:e1:44:db:74:ca:e2:d1:50:92:38:8c:19:cb:80:d7:
44:25:c9:2a:5e:ea:6e:d6:35:b1:8a:17:1a:cd:70:19:19:ee:
71:cd:77:4f:9c:c2:29:8c:00:20:a6:81:ec:ef:21:17:6a:33:
0b:62:b0:d5:f2:ca:90:8d:90:3b:26:e0:e2:27:b6:b7:4c:4d:
89:7e:61:f1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDk+YnnrERL9ViNxkVHJWKFTlZkYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMzZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1YzQ3MTE5ZTcwYzY3YTdlYzRhZDUwYWYzOWJkNzI3MjJjZjE5MmUwMWZi
N2Q1Y2NjMDU4ZjZmZmFmYjEwMGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNfis4KIsLeIeK0tnwel4NokJUHrm4Fpg4d6utDjImLUlXSTUiHKsmMujLl
Ma7/RaI2jdlyfNTWS0CEf9rL28nGeGEmBCmvbjIl633d6w6xu3/TnSHAY7gy6dqq
ycAF7UalWjdYQMt6CwCAoU6i8Mt5pKhW0uHDhIu1Jy7t3Za/a8aLZBEArgZETNCm
kOxWcl1RDJBu49hLwaTBYxF65QyccPQuEy7IVOeyjhokFQXShGyAeL9j25ZHcpHn
yndXx+0JARZEIXWM6nYhMT0LkvDWln/2N1I5P9UE2bC3y3RHejUtL877utFagnLL
ks/tC+vCY4WcCAdooc1ZSreQ5DkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSAQJJH
2oFufrW3broThOOUj5b6sjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjA2N2FhNTItZWU1Mi00ZmIyLTg2N2MtOGRjNzk3ODZkNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
gDANBgkqhkiG9w0BAQsFAAOCAQEAdKqA0L8+WbbjEOgFNf9Li9rCSxKsLZdCzN/4
6MRwr2QvMUf06sq9Y/gY8OfenHnk3vwbULo7zolWhFZj0zd8JoPLZczVcNREv/nD
QKp4fUdXaY0HFp2r5Y6a72fXXLdZvnAdda8DZ/c4F2doOLarX8vIvH9MK8Sno7iO
ytWYOf9L1iwQDh6NLZWbHNZCDsKvEXTorUAvzuPn5F4TGnzW5GP5uARSI9etCp8v
z3NzsXemIz7ubtdM4UTbdMri0VCSOIwZy4DXRCXJKl7qbtY1sYoXGs1wGRnucc13
T5zCKYwAIKaB7O8hF2ozC2Kw1fLKkI2QOybg4ie2t0xNiX5h8Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:31 2026 by rpki-client