Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa988028-efed-4415-9900-806e803d3c43.roa
File: fa988028-efed-4415-9900-806e803d3c43.roa (raw, json)
Hash identifier: lXcm9w6VyZeH3JoOVEUAvT1Lx4xVKbSsbrVZPbojySU=
Subject key identifier: C0:3A:C0:1C:4B:55:41:5E:67:CD:37:EB:E8:AA:D9:E9:11:B1:83:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47649AE2F61B12DE46438E2955D45C2B6ECF01F1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa988028-efed-4415-9900-806e803d3c43.roa
Signing time: Sun 31 May 2026 01:11:01 +0000
ROA not before: Sun 31 May 2026 01:11:01 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:64:9a:e2:f6:1b:12:de:46:43:8e:29:55:d4:5c:2b:6e:cf:01:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:11:01 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=a027ef2f1ce03276d05fddf6106c7030f6882577e45447c806a5fa4a2b35865d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7f:5a:05:f8:b8:68:87:ca:3a:b6:de:cc:0e:
1c:72:74:5d:c7:07:80:21:97:87:4b:03:6c:0b:bb:
dd:07:2c:33:e3:33:b2:2c:e0:77:9b:8b:82:cc:d3:
d4:6a:7e:e6:b2:6a:9a:3b:f7:00:36:bf:c4:5d:a0:
ee:cc:ce:77:9c:6d:4b:7d:aa:4a:16:ed:ea:1a:81:
00:ca:bb:15:2a:98:6a:4f:bb:0a:14:40:a2:b9:e3:
12:7a:c0:a8:c6:47:13:9c:c3:14:3f:0f:35:7a:ca:
9a:bb:87:f9:ce:ba:e4:95:21:ed:5d:cd:c3:0f:e7:
5b:ee:f8:e4:ac:0d:f3:68:6d:d3:46:3e:3c:84:24:
ee:8a:09:27:af:5e:78:74:e5:1b:0e:3b:db:d5:07:
a4:bb:f6:c6:75:f4:04:3d:07:af:d2:d1:3a:e4:4d:
28:d0:a0:e0:84:97:43:fe:1b:b4:6d:9b:57:15:5b:
96:53:c2:6a:37:c4:9e:b7:5d:49:e9:38:82:a7:8f:
47:2b:03:6e:58:16:fc:88:82:1b:14:bb:d3:2d:d1:
fe:69:2f:73:6f:e6:a7:e4:5b:4a:06:cb:65:b3:bd:
29:73:91:94:16:fa:57:61:3e:c8:c4:02:bc:27:3d:
f7:db:a3:36:a0:cc:da:4d:6d:a9:50:03:8e:43:31:
be:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:3A:C0:1C:4B:55:41:5E:67:CD:37:EB:E8:AA:D9:E9:11:B1:83:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa988028-efed-4415-9900-806e803d3c43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:8020::/48
Signature Algorithm: sha256WithRSAEncryption
b2:a2:0b:8f:43:3f:9d:c9:74:fe:58:5c:d8:a0:c0:69:62:5a:
08:87:ff:30:68:8c:13:58:81:aa:e2:c2:7b:a0:a6:7f:b9:fa:
ce:fd:ab:fc:d4:96:fd:23:c4:ff:3b:67:a3:d3:01:62:3f:c0:
07:d2:0e:b2:b0:b8:ce:12:e5:23:25:5d:cd:70:7d:6f:47:c5:
2e:61:05:72:0e:e3:64:7d:4a:84:64:57:74:e6:a7:bb:80:34:
ae:02:1f:79:de:94:4a:bd:45:8c:b5:ca:06:5e:1e:81:9d:9d:
57:d8:06:be:7c:11:89:07:d1:7e:4a:20:39:1e:39:aa:3c:a2:
ad:ed:16:10:6a:10:d2:8d:52:ab:b6:c5:ec:9a:96:dc:5f:80:
0b:52:19:b4:68:dc:a7:58:24:8e:e1:73:4c:1f:3a:c5:86:f9:
8c:75:e4:7c:25:0c:98:a0:34:b4:8a:66:ac:04:86:e0:3f:4b:
93:10:4d:c0:7b:00:bf:97:56:c7:3e:26:ed:97:a1:98:a1:da:
3e:a0:8f:bf:c9:66:d6:bd:96:47:be:91:20:1f:61:3a:89:56:
c2:1e:b7:65:8a:c2:c6:69:04:f5:b0:fe:88:1e:39:31:90:dd:
ff:40:58:ee:2b:25:10:25:74:a9:70:1d:da:12:6f:8c:62:e9:
1d:12:e3:93
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR2Sa4vYbEt5GQ44pVdRcK27PAfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTExMDFaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwMjdlZjJmMWNlMDMyNzZkMDVmZGRmNjEwNmM3MDMwZjY4ODI1NzdlNDU0
NDdjODA2YTVmYTRhMmIzNTg2NWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJ/WgX4uGiHyjq23swOHHJ0XccHgCGXh0sDbAu73QcsM+Mzsizgd5uLgszT
1Gp+5rJqmjv3ADa/xF2g7szOd5xtS32qShbt6hqBAMq7FSqYak+7ChRAornjEnrA
qMZHE5zDFD8PNXrKmruH+c665JUh7V3Nww/nW+745KwN82ht00Y+PIQk7ooJJ69e
eHTlGw4729UHpLv2xnX0BD0Hr9LROuRNKNCg4ISXQ/4btG2bVxVbllPCajfEnrdd
Sek4gqePRysDblgW/IiCGxS70y3R/mkvc2/mp+RbSgbLZbO9KXORlBb6V2E+yMQC
vCc999ujNqDM2k1tqVADjkMxvhkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTAOsAc
S1VBXmfNN+voqtnpEbGDhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmE5ODgwMjgtZWZlZC00NDE1LTk5MDAtODA2ZTgwM2QzYzQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FqA
IDANBgkqhkiG9w0BAQsFAAOCAQEAsqILj0M/ncl0/lhc2KDAaWJaCIf/MGiME1iB
quLCe6Cmf7n6zv2r/NSW/SPE/ztno9MBYj/AB9IOsrC4zhLlIyVdzXB9b0fFLmEF
cg7jZH1KhGRXdOanu4A0rgIfed6USr1FjLXKBl4egZ2dV9gGvnwRiQfRfkogOR45
qjyire0WEGoQ0o1Sq7bF7JqW3F+AC1IZtGjcp1gkjuFzTB86xYb5jHXkfCUMmKA0
tIpmrASG4D9LkxBNwHsAv5dWxz4m7ZehmKHaPqCPv8lm1r2WR76RIB9hOolWwh63
ZYrCxmkE9bD+iB45MZDd/0BY7islECV0qXAd2hJvjGLpHRLjkw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:27:57 2026 by rpki-client