Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa
File: b6b5f2f6-236d-447e-aeb1-24c947937396.roa (raw, json)
Hash identifier: XEVG9wcaA56G25WAd4kog0VI1w+vsFSQBBdrtgHnazM=
Subject key identifier: 68:13:3D:99:7D:EF:14:12:6D:AA:31:BB:C0:C5:27:45:02:AF:AB:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43C4EB5D7A7D3F3F8CAD7FC60F7AEDFEF5FDAAF9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa
Signing time: Mon 27 Apr 2026 00:30:16 +0000
ROA not before: Mon 27 Apr 2026 00:30:16 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:c4:eb:5d:7a:7d:3f:3f:8c:ad:7f:c6:0f:7a:ed:fe:f5:fd:aa:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:30:16 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=3f45fc9dfdbf3b59bbf1234b92e709cd640fb81cc45286551077ffbd3ee6b765, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:24:c0:7e:e0:88:cf:58:d4:c6:8a:02:f5:5d:
9d:a2:2f:0d:bd:cb:7b:22:42:c1:b0:d1:43:05:f4:
d7:d4:5c:6e:72:54:35:2e:17:16:10:80:43:d2:ec:
d5:94:bb:ea:89:84:4b:43:10:60:dd:ef:87:61:ed:
08:3e:b2:ad:13:50:1c:af:e5:e6:58:3a:20:86:ee:
ec:f4:1f:cd:94:f6:9b:29:2a:cf:f7:9f:09:15:9a:
ed:9d:4b:53:ba:28:cf:6d:73:32:ff:36:be:9d:c2:
cd:06:44:fe:95:f3:fd:49:7d:bc:e9:af:60:34:ff:
cb:76:1d:8c:55:8c:44:cb:bb:57:9b:20:41:af:06:
81:53:3c:11:e0:f6:dc:a9:17:f7:51:16:ec:57:b5:
a5:be:2e:81:46:9f:77:ce:52:16:ba:24:76:c0:00:
e1:f6:10:f5:7c:37:08:28:a4:5c:e3:64:0f:63:d4:
80:89:55:a6:f8:25:6a:49:37:32:89:3e:c2:9e:b6:
da:64:7a:36:2e:09:94:56:1e:50:f6:9e:03:98:4a:
35:3c:f2:03:38:73:9c:df:38:93:1f:86:07:e9:01:
8f:02:42:de:87:5f:c6:e8:b8:fe:1c:3a:d6:e0:e4:
f5:4d:86:d2:b6:c2:2d:70:3a:de:56:44:b1:c5:2e:
8e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:13:3D:99:7D:EF:14:12:6D:AA:31:BB:C0:C5:27:45:02:AF:AB:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6b5f2f6-236d-447e-aeb1-24c947937396.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
96:0a:a1:69:7b:a7:f0:9d:ab:1f:68:ef:db:99:0c:cc:e3:c1:
09:44:84:29:a3:0e:14:a1:ff:3d:79:78:34:e5:92:ed:0c:41:
6d:22:2d:ea:a8:ef:80:7b:2f:20:ef:75:4e:a3:cb:d2:3f:c4:
5a:76:6d:58:c7:4d:77:04:cb:cd:7a:b2:06:e9:54:2d:e8:cf:
dd:27:2d:ab:a4:55:c4:e7:74:c1:fd:84:25:f2:e8:b6:bb:3a:
2c:b1:09:df:1f:3e:82:7b:ff:a6:5d:72:b2:d4:0a:cf:04:47:
66:c5:87:ad:ff:91:6a:b1:74:43:7c:04:8e:55:87:4c:8b:7a:
3b:1c:24:7c:43:3d:4e:6d:b0:59:71:2d:6a:00:dd:01:96:7a:
3c:7d:b0:30:0a:50:25:f0:3f:ee:bc:9c:28:5c:11:13:40:a5:
18:ac:a0:d2:5f:3c:53:f7:26:f0:21:8b:fc:b1:c2:b7:4d:7f:
60:10:be:50:cd:60:fc:ee:57:1a:6e:c5:92:3a:2d:bc:09:41:
e6:e5:41:a8:fa:89:3a:39:18:d4:67:26:c3:96:7f:8e:60:a9:
76:1b:9f:01:b6:81:b9:89:da:95:30:c2:d1:84:0c:bd:b6:4f:
eb:c1:48:b8:db:43:88:97:a5:6f:fc:c1:68:8d:10:dd:69:b9:
a7:07:d4:bf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ8TrXXp9Pz+MrX/GD3rt/vX9qvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDMwMTZaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmNDVmYzlkZmRiZjNiNTliYmYxMjM0YjkyZTcwOWNkNjQwZmI4MWNjNDUy
ODY1NTEwNzdmZmJkM2VlNmI3NjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI8kwH7giM9Y1MaKAvVdnaIvDb3LeyJCwbDRQwX019RcbnJUNS4XFhCAQ9Ls
1ZS76omES0MQYN3vh2HtCD6yrRNQHK/l5lg6IIbu7PQfzZT2mykqz/efCRWa7Z1L
U7ooz21zMv82vp3CzQZE/pXz/Ul9vOmvYDT/y3YdjFWMRMu7V5sgQa8GgVM8EeD2
3KkX91EW7Fe1pb4ugUafd85SFrokdsAA4fYQ9Xw3CCikXONkD2PUgIlVpvglakk3
Mok+wp622mR6Ni4JlFYeUPaeA5hKNTzyAzhznN84kx+GB+kBjwJC3odfxui4/hw6
1uDk9U2G0rbCLXA63lZEscUujp0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRoEz2Z
fe8UEm2qMbvAxSdFAq+rkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjZiNWYyZjYtMjM2ZC00NDdlLWFlYjEtMjRjOTQ3OTM3Mzk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G2A
wDANBgkqhkiG9w0BAQsFAAOCAQEAlgqhaXun8J2rH2jv25kMzOPBCUSEKaMOFKH/
PXl4NOWS7QxBbSIt6qjvgHsvIO91TqPL0j/EWnZtWMdNdwTLzXqyBulULejP3Sct
q6RVxOd0wf2EJfLotrs6LLEJ3x8+gnv/pl1ystQKzwRHZsWHrf+RarF0Q3wEjlWH
TIt6OxwkfEM9Tm2wWXEtagDdAZZ6PH2wMApQJfA/7rycKFwRE0ClGKyg0l88U/cm
8CGL/LHCt01/YBC+UM1g/O5XGm7FkjotvAlB5uVBqPqJOjkY1Gcmw5Z/jmCpdhuf
AbaBuYnalTDC0YQMvbZP68FIuNtDiJelb/zBaI0Q3Wm5pwfUvw==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:35:12 2026 by rpki-client