Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: WKs3lMNxlGqaN0Hnm+tmvLxOnGlIvAvt1sb7EeCeoss=
Subject key identifier: 9A:64:7C:6C:4E:86:76:72:52:00:96:64:E6:F6:7F:4F:6E:BA:76:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 514655EA60D11AF551DD46E995B184EE5D5BAF54
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Tue 19 May 2026 04:40:24 +0000
ROA not before: Tue 19 May 2026 04:40:24 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:46:55:ea:60:d1:1a:f5:51:dd:46:e9:95:b1:84:ee:5d:5b:af:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:24 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=895457489e8b9bbdb10d754bb3dae3b79babe785d5df24214295f979c0e187f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1d:b9:e5:42:8b:56:3f:ec:db:51:14:b7:6a:
5a:d4:cc:c8:32:24:24:8e:ca:7e:10:46:df:f4:8e:
a1:a2:fb:3e:d6:a8:6d:12:51:a3:bc:93:43:67:ee:
9e:e6:30:0a:1a:4d:d3:e9:56:97:d4:41:10:f4:55:
55:6e:35:42:41:bc:75:3d:06:c5:de:0f:4f:e4:a0:
ff:e6:5d:d8:ad:a4:8f:ee:a3:48:98:93:d8:31:1b:
df:da:54:36:cd:d0:7d:a6:47:3c:42:74:55:41:ab:
a5:04:ab:8d:11:1d:9d:74:fe:45:98:e3:fc:af:a7:
ab:ca:e6:54:59:ee:96:4d:80:84:94:dd:9b:4f:d9:
cf:1f:ff:78:84:cc:03:f4:d8:fd:85:c0:cc:71:8a:
05:3c:1e:aa:56:37:43:19:0d:49:ad:7a:d1:e8:07:
93:a1:9c:c9:99:74:b4:6f:5a:b8:7e:ca:4e:e4:68:
fd:03:5f:f1:44:0f:28:75:5d:37:f0:05:b2:96:6f:
15:40:01:82:31:80:23:ba:15:4f:d4:f6:35:73:2a:
0c:6b:23:84:ae:d5:b4:86:2b:2a:b6:45:1e:d7:ea:
e8:85:80:d1:c8:23:5b:2d:cf:ea:7c:28:6d:b7:e1:
00:22:7d:9e:e6:6c:5f:5b:61:ae:57:18:bd:0a:ca:
26:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:64:7C:6C:4E:86:76:72:52:00:96:64:E6:F6:7F:4F:6E:BA:76:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
6c:0b:70:97:f7:f2:ea:ec:2e:d0:16:af:a9:9b:91:d0:ed:a9:
2c:bb:b6:9d:73:25:f2:17:46:bc:f0:8c:11:6c:6d:09:9d:e4:
49:97:87:8e:14:b6:65:0b:f6:5f:f6:0a:ff:de:6e:d6:9f:3c:
d1:c3:dd:59:6a:a5:ab:43:f7:94:b9:83:f0:e0:98:22:e9:5f:
19:c0:5a:ac:fd:de:fe:cf:43:bd:84:f6:a4:fd:f4:85:3a:28:
a8:69:99:1f:78:ff:cc:7a:ce:7d:dd:44:d7:3e:83:16:a9:0e:
c7:a4:57:96:5f:f8:02:1b:2a:3e:58:9a:fe:e1:20:7e:96:d7:
7e:19:b1:cb:1d:b2:9a:d5:67:b3:dd:18:99:17:01:ef:f2:68:
74:e9:52:4c:64:96:31:24:60:4e:69:9c:af:f1:ee:0d:a0:7f:
ea:46:2c:da:74:b2:bb:db:aa:fa:d7:71:32:50:be:79:96:30:
23:21:16:be:97:0b:c6:40:97:9b:87:8d:a5:15:ec:ba:bb:68:
e8:80:59:09:43:2e:d5:c4:99:73:e1:0e:05:2e:f9:e0:d0:47:
f3:4f:0b:d0:49:30:cf:1f:79:10:e4:3a:78:81:5a:d4:14:92:
dd:94:28:93:b5:74:12:d4:a8:d8:90:2d:82:70:01:d8:4e:e3:
68:33:15:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUUZV6mDRGvVR3UbplbGE7l1br1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMjRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5NTQ1NzQ4OWU4YjliYmRiMTBkNzU0YmIzZGFlM2I3OWJhYmU3ODVkNWRm
MjQyMTQyOTVmOTc5YzBlMTg3ZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0dueVCi1Y/7NtRFLdqWtTMyDIkJI7KfhBG3/SOoaL7PtaobRJRo7yTQ2fu
nuYwChpN0+lWl9RBEPRVVW41QkG8dT0Gxd4PT+Sg/+Zd2K2kj+6jSJiT2DEb39pU
Ns3QfaZHPEJ0VUGrpQSrjREdnXT+RZjj/K+nq8rmVFnulk2AhJTdm0/Zzx//eITM
A/TY/YXAzHGKBTweqlY3QxkNSa160egHk6GcyZl0tG9auH7KTuRo/QNf8UQPKHVd
N/AFspZvFUABgjGAI7oVT9T2NXMqDGsjhK7VtIYrKrZFHtfq6IWA0cgjWy3P6nwo
bbfhACJ9nuZsX1thrlcYvQrKJlECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSaZHxs
ToZ2clIAlmTm9n9Pbrp2eTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBsC3CX9/Lq7C7QFq+pm5HQ7aksu7adcyXyF0a8
8IwRbG0JneRJl4eOFLZlC/Zf9gr/3m7WnzzRw91ZaqWrQ/eUuYPw4Jgi6V8ZwFqs
/d7+z0O9hPak/fSFOiioaZkfeP/Mes593UTXPoMWqQ7HpFeWX/gCGyo+WJr+4SB+
ltd+GbHLHbKa1Wez3RiZFwHv8mh06VJMZJYxJGBOaZyv8e4NoH/qRizadLK726r6
13EyUL55ljAjIRa+lwvGQJebh42lFey6u2jogFkJQy7VxJlz4Q4FLvng0EfzTwvQ
STDPH3kQ5Dp4gVrUFJLdlCiTtXQS1KjYkC2CcAHYTuNoMxXr
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:26 2026 by rpki-client