Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa
File: 03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa (raw, json)
Hash identifier: zRIpbWiMssaI+GLR4FyYnil73oYL4xF8mek4+r69JMI=
Subject key identifier: 52:3C:9E:7D:D8:6C:03:E0:9D:AF:D1:6D:7A:FF:38:C7:43:44:08:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C16C29D891BC8EB58A8ABA4AF0D0686E1BFC82B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa
Signing time: Tue 19 May 2026 05:20:59 +0000
ROA not before: Tue 19 May 2026 05:20:59 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:16:c2:9d:89:1b:c8:eb:58:a8:ab:a4:af:0d:06:86:e1:bf:c8:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:59 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=c601edd51527a2e4da791715f2ec2fbfe00ef9d41824ff059c7e7be8fa220d5d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:54:f0:ef:2a:7a:4a:91:66:2a:44:87:cc:ee:
b1:c0:e6:50:85:36:0c:e6:09:a0:e7:db:5d:42:2e:
ec:07:dc:fa:0b:69:63:b1:0f:f5:43:e8:c6:69:fb:
48:e5:15:c8:ad:67:81:a5:34:89:1a:dd:7a:d3:2a:
2c:66:87:75:e9:0f:2d:76:87:56:66:5a:d9:36:1c:
6d:51:21:b3:e5:f6:37:37:58:82:11:f3:00:1e:f9:
0d:4c:1d:10:bf:71:dd:07:bd:c4:7d:55:4f:b9:6d:
17:27:65:b9:06:b0:32:6c:3e:8f:4a:c1:54:45:bf:
d2:87:6a:09:cd:ce:b7:76:2b:f2:36:58:d3:23:b4:
ff:a5:60:c3:5d:dc:d0:03:c2:94:53:24:ad:74:c4:
34:ad:bc:a7:2c:0e:7b:5c:77:6d:9f:9d:f7:da:8e:
f1:c1:d6:fc:8a:12:ef:a1:db:86:b5:cf:cd:d9:23:
08:43:1e:ba:f0:b9:98:4a:4b:fc:06:8f:98:34:1a:
c6:97:12:47:de:f6:c0:29:6e:df:bd:32:2a:23:89:
fc:08:4a:d7:9a:b5:f9:dc:30:4e:9b:cb:c9:10:01:
a9:1e:38:3e:94:3d:6b:ae:95:85:20:c8:62:60:60:
3b:d6:b3:2e:db:91:d1:8e:51:88:a7:50:eb:eb:93:
2b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3C:9E:7D:D8:6C:03:E0:9D:AF:D1:6D:7A:FF:38:C7:43:44:08:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8040::/48
Signature Algorithm: sha256WithRSAEncryption
3d:15:f6:a3:7d:d7:3e:2b:05:56:30:d3:0e:7b:03:02:b9:8a:
52:0a:d2:ab:c8:05:53:a3:43:73:97:1f:a9:bc:4a:0b:bf:57:
a2:bc:8f:cd:c4:26:8f:aa:99:c3:26:cb:c8:86:d2:86:df:b5:
e1:37:63:4f:ef:a4:fb:a0:ca:70:ce:4a:81:ad:e2:b2:aa:7a:
31:28:cf:a8:8f:f9:82:04:20:33:bb:20:77:6f:4a:28:7b:f0:
59:20:18:3b:77:6d:92:14:dc:1a:8a:f9:87:b5:d3:14:ef:20:
1d:98:99:f3:da:c5:3f:8b:e5:45:5e:a5:8f:95:bd:78:1b:a2:
62:f1:3e:cf:8a:f7:dc:a7:e4:d5:ef:9c:cd:01:2c:6b:ab:0e:
87:50:b1:c4:c4:10:8d:c4:32:57:54:eb:d9:83:aa:c0:21:ef:
5b:8e:d1:f4:0d:4b:40:1d:0c:04:d8:d1:e2:f1:ec:80:82:3e:
09:4d:38:b5:c5:41:1f:65:3c:9e:45:f8:11:fa:8a:50:62:fe:
1b:e7:a9:2c:29:1f:14:6c:4e:9d:5a:29:c7:65:14:ce:dc:66:
7a:9b:f0:06:ba:48:aa:68:b5:45:c2:9b:b9:a4:4c:92:5b:79:
4e:5a:ad:28:bc:fd:c2:3e:90:6d:4c:0e:1f:62:84:d0:b7:27:
c7:8a:d8:fc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfBbCnYkbyOtYqKukrw0GhuG/yCswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwNTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2MDFlZGQ1MTUyN2EyZTRkYTc5MTcxNWYyZWMyZmJmZTAwZWY5ZDQxODI0
ZmYwNTljN2U3YmU4ZmEyMjBkNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhU8O8qekqRZipEh8zuscDmUIU2DOYJoOfbXUIu7Afc+gtpY7EP9UPoxmn7
SOUVyK1ngaU0iRrdetMqLGaHdekPLXaHVmZa2TYcbVEhs+X2NzdYghHzAB75DUwd
EL9x3Qe9xH1VT7ltFydluQawMmw+j0rBVEW/0odqCc3Ot3Yr8jZY0yO0/6Vgw13c
0APClFMkrXTENK28pywOe1x3bZ+d99qO8cHW/IoS76HbhrXPzdkjCEMeuvC5mEpL
/AaPmDQaxpcSR972wClu370yKiOJ/AhK15q1+dwwTpvLyRABqR44PpQ9a66VhSDI
YmBgO9azLtuR0Y5RiKdQ6+uTKxECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRSPJ59
2GwD4J2v0W16/zjHQ0QIdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDM0MTZjZTUtMDQyYS00YjhiLTgxZGQtODE5YzVlMWNkZjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
QDANBgkqhkiG9w0BAQsFAAOCAQEAPRX2o33XPisFVjDTDnsDArmKUgrSq8gFU6ND
c5cfqbxKC79XoryPzcQmj6qZwybLyIbSht+14TdjT++k+6DKcM5Kga3isqp6MSjP
qI/5ggQgM7sgd29KKHvwWSAYO3dtkhTcGor5h7XTFO8gHZiZ89rFP4vlRV6lj5W9
eBuiYvE+z4r33Kfk1e+czQEsa6sOh1CxxMQQjcQyV1Tr2YOqwCHvW47R9A1LQB0M
BNjR4vHsgII+CU04tcVBH2U8nkX4EfqKUGL+G+epLCkfFGxOnVopx2UUztxmepvw
BrpIqmi1RcKbuaRMklt5TlqtKLz9wj6QbUwOH2KE0Lcnx4rY/A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:48 2026 by rpki-client