Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4208aec2-e501-4b80-8e94-0fe622727fba.roa
File: 4208aec2-e501-4b80-8e94-0fe622727fba.roa (raw, json)
Hash identifier: 7iQrj7IRQWd+V/QjG12Au8wp7x7SzIchSNeqPCmMJQM=
Subject key identifier: B5:99:B5:46:5D:FD:9B:66:3A:1F:DE:C2:B8:3A:2B:16:FC:AE:80:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B19B38E57468789C6FBEA98105A5F4A3E0D30E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4208aec2-e501-4b80-8e94-0fe622727fba.roa
Signing time: Mon 27 Apr 2026 00:30:14 +0000
ROA not before: Mon 27 Apr 2026 00:30:14 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:19:b3:8e:57:46:87:89:c6:fb:ea:98:10:5a:5f:4a:3e:0d:30:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:30:14 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=8ce85ff96e39f18761636931bb3ea32601f0e8308b2ad3b642c40c49d9b0ec97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:30:fa:fb:5b:a1:fd:b6:ac:1d:4d:cf:8f:0d:
76:31:f1:55:f8:c2:b0:36:53:b9:33:0d:ba:da:00:
2e:cf:bb:20:3d:47:91:5f:b7:4f:7d:13:cc:41:92:
0d:53:78:38:83:ee:20:0c:f3:d5:b2:13:3b:7e:21:
35:52:0a:07:06:00:09:d8:6e:c9:ac:63:70:04:3a:
a3:fa:fc:3b:3f:5e:01:8e:94:e0:5e:af:6a:e5:f6:
ae:95:fb:a0:46:19:71:19:8c:a8:d8:77:03:45:d2:
a7:6e:78:1f:fd:f4:02:44:e3:14:04:ed:6c:03:73:
3d:03:51:d6:ec:c8:6e:b5:e1:4a:5f:3f:d2:1e:28:
3c:70:e9:44:57:10:8b:84:c8:08:b3:c0:16:11:e9:
b5:9e:70:44:aa:61:71:09:69:76:d1:e3:83:7f:6e:
78:b7:40:38:f6:17:bc:36:4a:4d:3d:3f:a7:61:f9:
90:ff:50:e1:f4:92:b3:41:21:27:ba:ff:42:1a:7f:
fb:7f:13:92:f0:27:5b:4a:aa:3c:d4:da:35:86:40:
d9:94:bc:b9:88:24:98:45:81:af:5e:bd:3f:c5:9e:
6a:c3:a4:9e:c4:23:27:21:e2:65:14:06:f0:1e:b8:
06:d1:7a:46:ee:25:2b:76:36:78:04:e9:af:51:2d:
fb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:99:B5:46:5D:FD:9B:66:3A:1F:DE:C2:B8:3A:2B:16:FC:AE:80:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4208aec2-e501-4b80-8e94-0fe622727fba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6080::/48
Signature Algorithm: sha256WithRSAEncryption
a6:56:62:9a:f9:eb:d5:40:77:74:94:26:07:5e:ef:d5:3f:84:
49:f5:7d:1b:b8:cd:55:3b:0d:c4:e0:f1:9f:bf:5a:e6:ba:d7:
87:5a:4f:a7:d2:a3:7e:fa:9f:ce:82:44:e1:8f:1c:bb:2b:46:
c4:c7:7b:98:0c:31:71:ab:fa:4c:7a:6d:7c:90:f7:54:30:f7:
75:14:15:24:86:3e:40:ea:57:d4:75:64:43:ed:44:35:68:ae:
ba:51:32:0e:73:23:99:53:54:1e:c8:07:0e:fa:64:f7:7f:61:
f8:12:6c:ac:95:20:79:06:82:3c:9c:37:cf:8d:ff:4e:82:1f:
1c:d7:bc:ce:70:2b:21:36:2b:32:ad:b7:c5:de:cd:c8:32:5a:
4c:ae:d2:27:56:da:e9:05:9f:39:0f:76:c7:88:39:ef:c8:0d:
d0:30:6f:29:b4:0f:1e:7d:1e:bd:0a:35:8b:95:72:d2:99:2d:
d8:40:55:8d:0f:b3:23:34:e1:26:95:a4:fe:3d:43:55:fc:b4:
47:3b:63:4e:5f:1f:26:4f:ad:f8:4f:89:67:42:9b:9a:22:c9:
54:1d:96:a1:78:08:3f:49:ae:0f:fd:38:39:a6:51:46:61:d8:
f4:84:ba:29:f8:1b:34:30:ff:24:bd:96:49:e4:5d:fc:c9:d9:
1b:79:54:a5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGxmzjldGh4nG++qYEFpfSj4NMOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDMwMTRaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjZTg1ZmY5NmUzOWYxODc2MTYzNjkzMWJiM2VhMzI2MDFmMGU4MzA4YjJh
ZDNiNjQyYzQwYzQ5ZDliMGVjOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJAw+vtbof22rB1Nz48NdjHxVfjCsDZTuTMNutoALs+7ID1HkV+3T30TzEGS
DVN4OIPuIAzz1bITO34hNVIKBwYACdhuyaxjcAQ6o/r8Oz9eAY6U4F6vauX2rpX7
oEYZcRmMqNh3A0XSp254H/30AkTjFATtbANzPQNR1uzIbrXhSl8/0h4oPHDpRFcQ
i4TICLPAFhHptZ5wRKphcQlpdtHjg39ueLdAOPYXvDZKTT0/p2H5kP9Q4fSSs0Eh
J7r/Qhp/+38TkvAnW0qqPNTaNYZA2ZS8uYgkmEWBr169P8WeasOknsQjJyHiZRQG
8B64BtF6Ru4lK3Y2eATpr1Et+ycCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS1mbVG
Xf2bZjof3sK4OisW/K6AdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDIwOGFlYzItZTUwMS00YjgwLThlOTQtMGZlNjIyNzI3ZmJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
gDANBgkqhkiG9w0BAQsFAAOCAQEAplZimvnr1UB3dJQmB17v1T+ESfV9G7jNVTsN
xODxn79a5rrXh1pPp9KjfvqfzoJE4Y8cuytGxMd7mAwxcav6THptfJD3VDD3dRQV
JIY+QOpX1HVkQ+1ENWiuulEyDnMjmVNUHsgHDvpk939h+BJsrJUgeQaCPJw3z43/
ToIfHNe8znArITYrMq23xd7NyDJaTK7SJ1ba6QWfOQ92x4g578gN0DBvKbQPHn0e
vQo1i5Vy0pkt2EBVjQ+zIzThJpWk/j1DVfy0RztjTl8fJk+t+E+JZ0KbmiLJVB2W
oXgIP0muD/04OaZRRmHY9IS6KfgbNDD/JL2WSeRd/MnZG3lUpQ==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:32:23 2026 by rpki-client