Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03a11d7d-6d37-488c-8fe1-258c484d1682.roa
File: 03a11d7d-6d37-488c-8fe1-258c484d1682.roa (raw, json)
Hash identifier: hxkoelFo8Z/Z5LNMybB2AhChukUy6XC/fCXcO+8sgmI=
Subject key identifier: 57:B0:B1:DA:7F:7E:2A:71:CA:49:89:4E:60:A8:13:3D:60:6B:AA:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 561F143AB651EDE4E748AEC2F992244191D7BE47
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03a11d7d-6d37-488c-8fe1-258c484d1682.roa
Signing time: Tue 19 May 2026 05:00:36 +0000
ROA not before: Tue 19 May 2026 05:00:36 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:1f:14:3a:b6:51:ed:e4:e7:48:ae:c2:f9:92:24:41:91:d7:be:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:36 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f4be84e44247825732d6d57e965ec8ee0c1dd081810cb1603a3896f132e49ac1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8d:db:34:10:08:6a:2b:53:03:3c:3a:33:8e:
84:b5:04:ad:39:7e:c9:df:96:1f:67:3f:a6:02:5a:
40:53:1f:33:83:a6:1e:61:93:dc:64:c2:8f:75:e2:
14:a8:8c:9b:f3:ca:67:71:cf:dd:cd:8e:3b:92:f5:
b0:e8:a9:f7:09:32:e7:aa:e6:20:fb:36:c6:99:ef:
51:bb:40:9c:22:a2:e7:a1:75:bf:02:98:9d:48:6b:
45:0c:85:86:26:f6:31:ac:38:c6:ba:e5:60:18:e0:
ee:bf:4c:da:c4:ee:c6:7a:2b:c3:25:74:8e:7e:59:
11:d7:ef:16:f6:c1:56:0b:78:b0:00:97:34:dd:9c:
5f:f2:5e:68:a1:c2:a0:67:16:26:5d:3a:ec:b4:80:
4c:d7:93:f5:7e:ca:05:87:2a:df:7c:9f:b6:b2:d9:
9a:34:76:56:ae:3e:e1:8f:a3:11:72:19:75:f7:a8:
eb:b5:0b:08:00:52:90:67:5c:8c:cf:e1:5b:75:b9:
10:d2:0b:34:66:78:13:3a:21:61:cb:ae:3e:1e:a1:
da:91:c4:db:8d:8b:9a:00:07:61:50:e9:4e:b1:93:
f0:bb:fb:85:a3:17:5e:60:49:64:f9:e5:f1:cf:34:
22:9d:83:b6:a8:8f:5f:6f:10:1f:18:30:20:db:a0:
d7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B0:B1:DA:7F:7E:2A:71:CA:49:89:4E:60:A8:13:3D:60:6B:AA:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03a11d7d-6d37-488c-8fe1-258c484d1682.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:b000::/40
Signature Algorithm: sha256WithRSAEncryption
b4:fe:fc:a5:d9:88:c7:8a:81:29:f9:2f:b8:56:7c:df:54:67:
1f:74:fa:4b:c5:96:3e:54:ca:44:cc:fb:15:09:ff:83:2c:9c:
71:09:d7:9b:09:79:59:1a:9f:7d:bd:fc:1c:a8:21:58:49:4a:
7d:8e:fe:99:ed:5f:b4:76:66:d1:53:b1:b6:92:b6:eb:75:b8:
9c:a5:47:6b:4f:2d:17:a4:11:0d:a2:7d:2c:1d:a8:9d:f2:c2:
4b:27:ef:25:15:b9:2f:64:38:52:cb:21:86:3f:2f:03:48:e0:
ee:da:3e:98:3e:27:a5:45:17:11:2c:5e:77:02:fa:5b:a7:07:
28:7c:b8:ac:66:6e:1f:46:83:4f:cc:12:aa:4c:f5:e1:a2:be:
fc:d1:aa:05:ac:97:f5:a4:9a:54:45:d1:5e:e2:57:9c:1d:6c:
7e:1f:d7:1f:1d:87:7e:37:95:dc:11:f3:b4:d7:8a:62:79:44:
c9:4e:73:ae:40:35:a3:3f:d0:fe:7a:d4:e6:57:b9:70:d5:c8:
c6:e5:6d:46:cb:dc:ff:ab:df:08:e7:38:12:06:61:f9:05:00:
ee:41:63:52:85:84:8f:ae:68:2a:ae:2b:e4:24:1f:d1:4f:04:
8c:65:82:9a:be:c3:d0:e9:35:51:fd:7b:14:98:ad:a3:58:b5:
31:84:f7:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVh8UOrZR7eTnSK7C+ZIkQZHXvkcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMzZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YmU4NGU0NDI0NzgyNTczMmQ2ZDU3ZTk2NWVjOGVlMGMxZGQwODE4MTBj
YjE2MDNhMzg5NmYxMzJlNDlhYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2N2zQQCGorUwM8OjOOhLUErTl+yd+WH2c/pgJaQFMfM4OmHmGT3GTCj3Xi
FKiMm/PKZ3HP3c2OO5L1sOip9wky56rmIPs2xpnvUbtAnCKi56F1vwKYnUhrRQyF
hib2Maw4xrrlYBjg7r9M2sTuxnorwyV0jn5ZEdfvFvbBVgt4sACXNN2cX/JeaKHC
oGcWJl067LSATNeT9X7KBYcq33yftrLZmjR2Vq4+4Y+jEXIZdfeo67ULCABSkGdc
jM/hW3W5ENILNGZ4EzohYcuuPh6h2pHE242LmgAHYVDpTrGT8Lv7haMXXmBJZPnl
8c80Ip2DtqiPX28QHxgwINug1/UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRXsLHa
f34qccpJiU5gqBM9YGuqVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNhMTFkN2QtNmQzNy00ODhjLThmZTEtMjU4YzQ4NGQxNjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCw
MA0GCSqGSIb3DQEBCwUAA4IBAQC0/vyl2YjHioEp+S+4VnzfVGcfdPpLxZY+VMpE
zPsVCf+DLJxxCdebCXlZGp99vfwcqCFYSUp9jv6Z7V+0dmbRU7G2krbrdbicpUdr
Ty0XpBENon0sHaid8sJLJ+8lFbkvZDhSyyGGPy8DSODu2j6YPielRRcRLF53Avpb
pwcofLisZm4fRoNPzBKqTPXhor780aoFrJf1pJpURdFe4lecHWx+H9cfHYd+N5Xc
EfO014pieUTJTnOuQDWjP9D+etTmV7lw1cjG5W1Gy9z/q98I5zgSBmH5BQDuQWNS
hYSPrmgqrivkJB/RTwSMZYKavsPQ6TVR/XsUmK2jWLUxhPcV
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:38 2026 by rpki-client