Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa
File: 4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa (raw, json)
Hash identifier: Z9/VIjwxOt5GumK9kmq3ta8z93f43YFtRLStiQEE8Wk=
Subject key identifier: CB:FE:D1:F2:AA:31:B1:13:AC:C2:E4:67:41:7E:42:54:49:D9:32:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FFAC1F987BD7F257E9AEF20BDFE9F18884664B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa
Signing time: Mon 27 Apr 2026 00:30:10 +0000
ROA not before: Mon 27 Apr 2026 00:30:10 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:fa:c1:f9:87:bd:7f:25:7e:9a:ef:20:bd:fe:9f:18:88:46:64:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:30:10 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=e22243e21db0f61bae0da9b10f1fe0a3f1a11a8b694921a61c19496c0582d012, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:60:46:0c:35:02:4b:99:5d:f3:25:fb:1f:06:
f6:3b:df:f1:2a:91:2a:eb:4f:30:e7:83:b9:26:51:
42:c9:0c:26:78:f0:f7:48:b3:f6:06:b1:47:c3:9f:
19:f0:ed:fe:af:e7:e7:5a:bb:68:f4:cf:93:2f:83:
fb:02:04:f5:a8:b0:16:c2:b9:e5:f1:76:e2:23:a4:
19:70:7b:f9:5b:07:94:fa:8d:aa:54:ff:43:4d:29:
b0:e3:da:0d:38:e3:1f:6f:1e:de:b1:2b:e7:bf:af:
d8:68:5d:a2:be:ad:e0:ef:a0:77:db:26:ba:84:7c:
60:35:66:88:94:38:c2:f2:4f:db:6c:29:44:10:68:
75:70:ad:8f:d9:45:46:41:d4:11:12:a6:b6:62:d5:
b1:c6:55:28:a5:92:8b:bc:cf:92:90:cc:4f:31:d9:
53:58:6f:be:35:3f:4e:ca:a5:4f:6b:49:6f:a2:01:
92:6b:04:f9:74:d8:c2:63:1c:9d:e4:39:ad:25:21:
b7:a0:62:fb:40:5c:eb:29:d9:c5:e6:f3:d5:14:10:
32:fc:a4:ca:2a:b4:01:0e:54:cd:17:d0:8c:68:03:
49:ad:42:f9:33:fd:d0:ca:e5:f6:ef:0d:32:ec:6b:
d8:ab:c6:05:d2:c6:44:59:35:a6:16:96:f4:67:59:
52:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FE:D1:F2:AA:31:B1:13:AC:C2:E4:67:41:7E:42:54:49:D9:32:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6040::/46
Signature Algorithm: sha256WithRSAEncryption
35:90:ab:79:3c:80:81:8f:cd:06:58:eb:3e:50:13:9b:40:c9:
aa:a6:54:d0:98:42:05:c5:9d:79:b9:7c:26:95:4e:ba:1e:e2:
2c:a3:c7:e7:76:6e:8a:71:41:1d:03:0d:86:10:c7:10:32:0e:
6b:79:21:8e:de:a3:26:bc:13:fb:72:a3:38:38:bf:62:23:08:
53:7a:41:81:06:86:65:9a:20:c0:44:a5:28:48:42:5c:26:3a:
7a:8f:da:7f:a0:a8:59:72:81:58:d5:d2:c5:c5:ff:c3:37:05:
67:34:2f:6f:3a:e8:35:2d:bc:35:b0:18:30:b2:ef:4f:8b:6f:
60:2e:90:30:9e:fc:69:1d:55:b9:73:d7:3c:34:3f:74:0a:a5:
ec:05:f7:b1:91:67:19:11:59:2e:8a:3a:17:68:b8:9f:0c:ff:
43:21:02:00:a5:d4:ea:12:cf:ba:c7:a1:81:61:84:b8:5f:97:
f5:03:14:3b:20:1d:85:9b:8a:b3:d8:0b:bc:db:ea:76:21:36:
08:5b:a4:f6:2d:be:7c:9e:5f:24:da:bd:3a:77:9e:e4:78:5d:
75:d2:11:f9:51:0f:4f:23:a8:3a:10:17:5d:43:9e:2f:ad:63:
02:f2:fb:95:17:5d:58:39:94:12:ea:ce:0d:6f:f3:86:b3:a2:
ab:78:5c:59
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb/rB+Ye9fyV+mu8gvf6fGIhGZLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDMwMTBaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyMjI0M2UyMWRiMGY2MWJhZTBkYTliMTBmMWZlMGEzZjFhMTFhOGI2OTQ5
MjFhNjFjMTk0OTZjMDU4MmQwMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtgRgw1AkuZXfMl+x8G9jvf8SqRKutPMOeDuSZRQskMJnjw90iz9gaxR8Of
GfDt/q/n51q7aPTPky+D+wIE9aiwFsK55fF24iOkGXB7+VsHlPqNqlT/Q00psOPa
DTjjH28e3rEr57+v2Ghdor6t4O+gd9smuoR8YDVmiJQ4wvJP22wpRBBodXCtj9lF
RkHUERKmtmLVscZVKKWSi7zPkpDMTzHZU1hvvjU/TsqlT2tJb6IBkmsE+XTYwmMc
neQ5rSUht6Bi+0Bc6ynZxebz1RQQMvykyiq0AQ5UzRfQjGgDSa1C+TP90Mrl9u8N
Muxr2KvGBdLGRFk1phaW9GdZUsMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTL/tHy
qjGxE6zC5GdBfkJUSdkynjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFiZjFiMDQtMDI1Ni00MDRmLWE0YzctNWQxYzJjOGFkOWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
QDANBgkqhkiG9w0BAQsFAAOCAQEANZCreTyAgY/NBljrPlATm0DJqqZU0JhCBcWd
ebl8JpVOuh7iLKPH53ZuinFBHQMNhhDHEDIOa3khjt6jJrwT+3KjODi/YiMIU3pB
gQaGZZogwESlKEhCXCY6eo/af6CoWXKBWNXSxcX/wzcFZzQvbzroNS28NbAYMLLv
T4tvYC6QMJ78aR1VuXPXPDQ/dAql7AX3sZFnGRFZLoo6F2i4nwz/QyECAKXU6hLP
usehgWGEuF+X9QMUOyAdhZuKs9gLvNvqdiE2CFuk9i2+fJ5fJNq9Onee5HhdddIR
+VEPTyOoOhAXXUOeL61jAvL7lRddWDmUEurODW/zhrOiq3hcWQ==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:32:48 2026 by rpki-client