Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bbba23f6-dc95-4602-8972-c409631731f1.roa
File: bbba23f6-dc95-4602-8972-c409631731f1.roa (raw, json)
Hash identifier: fXqJv8pgPczsdKysC9ciB9guyDB0+bUN2xL81fNufW0=
Subject key identifier: 3A:18:04:7B:79:B2:44:DA:98:73:E7:E8:A1:28:CF:D7:6C:05:94:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C6B004A8DD7E0AAE34DD29DA5655C6742AD7271
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bbba23f6-dc95-4602-8972-c409631731f1.roa
Signing time: Fri 08 May 2026 03:21:16 +0000
ROA not before: Fri 08 May 2026 03:21:16 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:6b:00:4a:8d:d7:e0:aa:e3:4d:d2:9d:a5:65:5c:67:42:ad:72:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:21:16 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=9b9721eaa221423856e9849caf357273dfc082544d671b39100ce0db5337923a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fe:26:17:f3:23:b1:a3:86:51:22:60:dd:5c:
d2:51:97:cf:52:66:17:2c:00:05:59:33:18:e1:0c:
4f:5c:08:d9:3c:06:ac:f4:7d:64:10:97:0e:ca:25:
d8:54:d4:28:26:7d:e4:7f:a4:e6:3f:14:69:b8:15:
66:04:3d:55:16:fa:ea:06:3f:71:45:ee:56:ca:ad:
ad:03:32:51:72:e5:28:75:22:72:b4:66:55:3e:0b:
c0:63:92:04:a9:c1:72:13:01:45:fc:15:8b:b5:7f:
f5:06:73:b1:cc:41:42:5d:37:ce:2c:df:85:36:2b:
e9:30:c1:5d:39:5e:5f:f6:0f:dc:71:7e:a2:8d:44:
cf:2f:0c:f4:7f:33:14:6f:1c:22:57:20:b4:b3:5f:
67:22:28:15:70:37:8f:87:17:71:d8:72:23:2d:bd:
4e:cb:37:fb:0f:fa:f8:6d:17:9a:15:27:45:9c:dc:
13:0f:62:f0:93:bd:ce:a5:4c:de:3b:4b:1c:c8:c7:
39:07:ae:e1:b2:d8:29:f4:79:7e:fd:8e:20:a9:d3:
1b:16:a8:d5:79:cd:24:2b:36:0b:be:88:35:68:19:
14:cd:c6:10:26:e8:45:8a:32:b5:c0:dc:9e:46:f7:
16:d0:88:58:b6:5e:cf:43:b8:89:d5:f9:80:6b:1e:
3d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:18:04:7B:79:B2:44:DA:98:73:E7:E8:A1:28:CF:D7:6C:05:94:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bbba23f6-dc95-4602-8972-c409631731f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:800::/40
Signature Algorithm: sha256WithRSAEncryption
2a:e9:a8:89:8b:40:64:e9:d1:6f:68:8c:fa:4a:9e:c3:29:c2:
b1:e8:5e:68:ab:1e:c5:0b:00:62:f1:94:23:3d:5b:e8:25:23:
fb:d7:65:8b:bb:a6:c5:cb:9c:68:7c:ec:79:0d:1f:f6:bc:81:
05:9e:7f:c6:11:a2:e8:c6:9a:ba:d4:eb:2d:92:3c:ab:9a:83:
e8:9a:d3:6e:b0:a3:c8:ad:b6:d2:d6:9d:4b:b1:d3:ae:23:8b:
28:02:0e:9a:31:f1:63:36:4b:57:f2:04:93:a1:b0:c3:9a:96:
24:cb:77:85:47:8f:cc:6e:a4:46:a2:09:52:1b:e5:3d:ad:1a:
77:2e:58:03:02:0e:7c:fb:73:04:a3:dd:32:54:37:11:c8:8e:
18:7a:25:6b:4a:9c:12:45:4f:75:3f:28:1b:23:50:05:0d:57:
78:74:db:f3:19:88:c0:ea:5d:fa:0d:23:6a:9f:84:74:6c:50:
44:04:25:51:d0:5e:61:8e:94:47:bb:5b:6e:a4:61:50:30:f7:
2a:31:01:da:bd:0b:f0:ab:43:51:9b:a2:54:64:25:eb:b3:92:
ff:4a:3d:dc:ef:5e:af:f0:95:b1:d7:39:97:9d:eb:7e:4e:ad:
ec:80:54:7a:e6:59:3c:5f:a5:f6:8c:a8:81:5b:88:2a:ec:64:
86:3e:58:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbGsASo3X4KrjTdKdpWVcZ0KtcnEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIxMTZaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDliOTcyMWVhYTIyMTQyMzg1NmU5ODQ5Y2FmMzU3MjczZGZjMDgyNTQ0ZDY3
MWIzOTEwMGNlMGRiNTMzNzkyM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOP+JhfzI7GjhlEiYN1c0lGXz1JmFywABVkzGOEMT1wI2TwGrPR9ZBCXDsol
2FTUKCZ95H+k5j8UabgVZgQ9VRb66gY/cUXuVsqtrQMyUXLlKHUicrRmVT4LwGOS
BKnBchMBRfwVi7V/9QZzscxBQl03zizfhTYr6TDBXTleX/YP3HF+oo1Ezy8M9H8z
FG8cIlcgtLNfZyIoFXA3j4cXcdhyIy29Tss3+w/6+G0XmhUnRZzcEw9i8JO9zqVM
3jtLHMjHOQeu4bLYKfR5fv2OIKnTGxao1XnNJCs2C76INWgZFM3GECboRYoytcDc
nkb3FtCIWLZez0O4idX5gGsePcMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6GAR7
ebJE2phz5+ihKM/XbAWUPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmJiYTIzZjYtZGM5NS00NjAyLTg5NzItYzQwOTYzMTczMWYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQI
MA0GCSqGSIb3DQEBCwUAA4IBAQAq6aiJi0Bk6dFvaIz6Sp7DKcKx6F5oqx7FCwBi
8ZQjPVvoJSP712WLu6bFy5xofOx5DR/2vIEFnn/GEaLoxpq61OstkjyrmoPomtNu
sKPIrbbS1p1LsdOuI4soAg6aMfFjNktX8gSTobDDmpYky3eFR4/MbqRGoglSG+U9
rRp3LlgDAg58+3MEo90yVDcRyI4YeiVrSpwSRU91PygbI1AFDVd4dNvzGYjA6l36
DSNqn4R0bFBEBCVR0F5hjpRHu1tupGFQMPcqMQHavQvwq0NRm6JUZCXrs5L/Sj3c
716v8JWx1zmXnet+Tq3sgFR65lk8X6X2jKiBW4gq7GSGPliB
-----END CERTIFICATE-----
Generated at Wed May 13 01:25:37 2026 by rpki-client