Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
File: fc40321f-72c2-43a4-8c42-0e935f8f1943.roa (raw, json)
Hash identifier: HPwcTcTgeklxXXS90TqzzOdx7yFkqrpBBQGF/yMHEGg=
Subject key identifier: 08:BB:A8:3B:2F:37:86:F2:20:0D:EA:DF:08:06:6B:D9:EE:34:8E:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AC24E45456DB3A7760E8A0961808F274823EF0A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
Signing time: Tue 19 May 2026 05:00:08 +0000
ROA not before: Tue 19 May 2026 05:00:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:c2:4e:45:45:6d:b3:a7:76:0e:8a:09:61:80:8f:27:48:23:ef:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f7588fd9f133d71978fab0c1156f6f4f971750687d56912fb6282e1799635bb4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:54:85:74:15:56:1a:db:16:de:ba:66:84:02:
02:e1:24:0c:00:24:ae:4c:03:d1:21:ec:9e:22:0c:
da:72:ab:c1:d3:b5:3c:a3:fb:a7:f6:09:4d:eb:bd:
c4:73:79:9f:8e:f8:07:e3:53:79:a1:16:7a:ae:a9:
3f:53:53:20:e1:ad:84:0f:da:5b:32:b5:c0:4a:cb:
06:8d:6a:36:ab:65:1f:6c:f3:a6:d5:3c:1f:ad:5c:
f4:a7:9d:3d:b9:54:81:06:d8:fd:7e:d7:06:53:1b:
a1:b5:df:db:29:fc:b9:04:1b:46:fa:f4:56:e5:8c:
8e:8d:1b:e7:9d:e0:19:10:ba:89:ab:e5:b1:50:d2:
7a:94:71:d3:7f:1e:7a:ca:cd:fe:87:14:9d:b6:d3:
af:ee:45:ae:18:c1:b0:dc:14:b0:b4:98:9c:07:a4:
c9:aa:c7:39:8e:65:ba:8f:ea:1f:38:8f:ae:d2:2e:
dd:37:08:f5:e4:e4:65:0b:84:40:ff:d5:5a:fe:2e:
ab:36:60:55:4a:98:79:bf:73:51:4a:9b:b7:9e:f3:
21:41:1b:6e:ba:76:a3:ef:94:59:29:47:c3:3e:66:
95:94:fb:43:02:56:78:15:4c:fd:ab:a0:cb:01:99:
3d:aa:76:7c:bb:c1:53:1d:b8:73:a4:b5:06:79:b1:
db:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BB:A8:3B:2F:37:86:F2:20:0D:EA:DF:08:06:6B:D9:EE:34:8E:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
56:09:4c:35:78:71:c6:c3:06:90:a2:a0:93:db:87:b4:99:37:
93:a4:75:18:a0:cb:0e:3e:60:33:02:18:3d:af:b7:37:9f:bb:
23:d5:aa:52:48:07:19:81:0b:cf:76:fc:0f:bb:4e:fd:e0:98:
5a:54:b2:21:b6:58:a6:78:83:30:c5:70:98:b3:2a:85:d8:82:
58:05:7c:c7:89:8c:4e:7a:72:5c:04:3c:e7:09:c3:a7:18:87:
9e:fa:d8:53:e4:e6:c5:ba:68:47:d9:85:91:2a:af:b7:95:f9:
51:0f:6d:0f:08:ba:aa:7e:12:a5:e9:aa:58:e7:76:34:c6:76:
e6:cc:30:3f:48:2a:f4:aa:49:d8:28:df:9d:c0:78:1e:b8:4e:
c4:44:63:b9:85:44:2c:25:79:a9:c6:de:4c:97:97:ee:ff:1f:
a3:25:4b:39:7f:28:20:b5:23:7d:ee:c5:35:77:ff:e5:ab:19:
0a:5a:15:d7:7f:e8:66:c0:69:03:58:6a:1f:e4:34:a4:01:81:
84:79:47:4c:40:46:e1:2e:72:09:55:96:ed:7c:f1:1d:ee:35:
de:12:24:5c:f9:85:45:2f:37:b4:d9:21:40:33:c5:c4:5b:a1:
62:d1:a5:37:a7:96:d3:77:05:23:08:f5:41:d1:14:32:5c:b6:
a0:f5:d4:e9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUesJORUVts6d2DooJYYCPJ0gj7wowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3NTg4ZmQ5ZjEzM2Q3MTk3OGZhYjBjMTE1NmY2ZjRmOTcxNzUwNjg3ZDU2
OTEyZmI2MjgyZTE3OTk2MzViYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdUhXQVVhrbFt66ZoQCAuEkDAAkrkwD0SHsniIM2nKrwdO1PKP7p/YJTeu9
xHN5n474B+NTeaEWeq6pP1NTIOGthA/aWzK1wErLBo1qNqtlH2zzptU8H61c9Ked
PblUgQbY/X7XBlMbobXf2yn8uQQbRvr0VuWMjo0b553gGRC6iavlsVDSepRx038e
esrN/ocUnbbTr+5FrhjBsNwUsLSYnAekyarHOY5luo/qHziPrtIu3TcI9eTkZQuE
QP/VWv4uqzZgVUqYeb9zUUqbt57zIUEbbrp2o++UWSlHwz5mlZT7QwJWeBVM/aug
ywGZPap2fLvBUx24c6S1Bnmx29kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQIu6g7
LzeG8iAN6t8IBmvZ7jSOTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0MDMyMWYtNzJjMi00M2E0LThjNDItMGU5MzVmOGYxOTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
wDANBgkqhkiG9w0BAQsFAAOCAQEAVglMNXhxxsMGkKKgk9uHtJk3k6R1GKDLDj5g
MwIYPa+3N5+7I9WqUkgHGYELz3b8D7tO/eCYWlSyIbZYpniDMMVwmLMqhdiCWAV8
x4mMTnpyXAQ85wnDpxiHnvrYU+TmxbpoR9mFkSqvt5X5UQ9tDwi6qn4SpemqWOd2
NMZ25swwP0gq9KpJ2CjfncB4HrhOxERjuYVELCV5qcbeTJeX7v8foyVLOX8oILUj
fe7FNXf/5asZCloV13/oZsBpA1hqH+Q0pAGBhHlHTEBG4S5yCVWW7XzxHe413hIk
XPmFRS83tNkhQDPFxFuhYtGlN6eW03cFIwj1QdEUMly2oPXU6Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:30 2026 by rpki-client