Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
File: 03f51c56-79aa-48ca-895c-790a431bbd73.roa (raw, json)
Hash identifier: YCekdR1vlpxiqGHmgMJJnlriafYJslUZz2kS8CLG+s0=
Subject key identifier: 16:7C:4E:AE:4E:54:51:4B:E9:FF:B2:7B:97:90:00:C3:9D:7D:B1:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F5D2A65BB42A57C67F5D52FBF4E82FD4376C9DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
Signing time: Sun 17 May 2026 02:00:04 +0000
ROA not before: Sun 17 May 2026 02:00:04 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:5d:2a:65:bb:42:a5:7c:67:f5:d5:2f:bf:4e:82:fd:43:76:c9:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:04 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=7d57e2bcf399625b6e22bd3d0e8a47ecd4597dffb1b4efd02f18d0798885ac54, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c1:98:c8:7f:86:ad:14:ef:44:76:9a:fa:77:
65:c4:0e:13:05:6b:d0:54:79:a8:c9:01:f5:1f:21:
da:2d:7f:72:75:09:72:01:43:8d:27:7f:7e:88:19:
1d:99:6f:ff:30:fb:fa:65:10:3e:40:36:66:54:7c:
e9:ba:fe:27:21:84:dd:be:a8:38:5f:07:b7:95:0c:
12:26:30:f8:c8:26:3b:16:9a:de:95:3b:52:b5:bd:
8b:6c:b4:38:2e:2a:dd:e3:ff:eb:72:49:ad:39:a6:
58:45:b8:63:e1:20:e2:2d:34:5e:0f:85:3e:79:2d:
1d:77:8a:d9:f7:c4:86:63:7c:00:82:30:87:7f:19:
09:52:ac:4a:25:94:98:67:5a:2d:16:54:de:e5:5f:
e4:bb:98:05:0d:37:85:da:22:a2:eb:45:e4:54:d0:
fc:ab:29:15:e0:b9:4a:df:5a:ec:60:86:e9:be:58:
0c:fd:d5:da:7f:e1:0e:fb:ed:2d:88:ee:1f:f5:fe:
19:42:cf:b2:6c:13:b0:fc:d2:1f:3e:75:e3:87:3d:
f9:4d:d6:5d:78:b4:23:f6:bc:68:66:e5:0b:01:28:
17:63:66:f5:c0:c4:02:33:bb:a0:48:89:3d:14:e2:
52:ec:d3:5e:a0:ea:8d:3a:8c:cd:a8:d8:b4:76:fe:
cd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7C:4E:AE:4E:54:51:4B:E9:FF:B2:7B:97:90:00:C3:9D:7D:B1:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:800::/40
Signature Algorithm: sha256WithRSAEncryption
4c:bb:cc:cf:d6:b5:20:70:2a:07:05:da:7b:5b:37:80:a2:dd:
8d:4c:81:18:a4:3f:0f:1e:9f:19:17:bf:4e:16:00:de:82:62:
fe:b6:b9:8d:1c:b3:56:94:8c:41:96:ec:10:5e:1f:10:0a:49:
48:4c:c9:c0:6a:7b:14:ad:d7:30:fd:ca:ee:c0:99:b7:50:df:
4c:e1:06:ae:51:d1:66:c8:35:9e:f2:9b:df:d7:d7:57:7f:23:
72:cc:c5:41:55:7b:cc:b7:58:db:d6:27:14:a2:52:47:38:b7:
5b:26:27:45:ad:b3:12:80:44:cc:ef:6d:b9:69:0f:b6:03:03:
d3:7b:3f:ca:a6:07:e4:e8:18:42:fd:1d:bd:e7:2a:40:9a:18:
41:fa:91:b3:4b:6f:ce:12:52:7b:ea:89:5a:de:21:0d:73:f6:
b3:63:59:5e:61:2f:28:2b:4b:93:3e:16:cd:28:0d:f1:90:cc:
9e:82:ba:48:07:9c:85:1f:62:f2:28:07:89:e0:12:57:c3:09:
e4:ac:d8:05:10:81:24:0e:22:01:23:9a:9c:65:62:fd:e4:a0:
eb:54:b8:87:bc:ca:f6:ed:5a:df:5b:96:2f:7f:6c:fb:83:a2:
7c:53:6f:3a:9b:43:52:2d:83:a0:56:75:63:13:28:86:29:7d:
1b:6b:54:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL10qZbtCpXxn9dUvv06C/UN2ydowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDRaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkNTdlMmJjZjM5OTYyNWI2ZTIyYmQzZDBlOGE0N2VjZDQ1OTdkZmZiMWI0
ZWZkMDJmMThkMDc5ODg4NWFjNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHBmMh/hq0U70R2mvp3ZcQOEwVr0FR5qMkB9R8h2i1/cnUJcgFDjSd/fogZ
HZlv/zD7+mUQPkA2ZlR86br+JyGE3b6oOF8Ht5UMEiYw+MgmOxaa3pU7UrW9i2y0
OC4q3eP/63JJrTmmWEW4Y+Eg4i00Xg+FPnktHXeK2ffEhmN8AIIwh38ZCVKsSiWU
mGdaLRZU3uVf5LuYBQ03hdoioutF5FTQ/KspFeC5St9a7GCG6b5YDP3V2n/hDvvt
LYjuH/X+GULPsmwTsPzSHz5144c9+U3WXXi0I/a8aGblCwEoF2Nm9cDEAjO7oEiJ
PRTiUuzTXqDqjTqMzajYtHb+zZsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWfE6u
TlRRS+n/snuXkADDnX2x8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNmNTFjNTYtNzlhYS00OGNhLTg5NWMtNzkwYTQzMWJiZDczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUI
MA0GCSqGSIb3DQEBCwUAA4IBAQBMu8zP1rUgcCoHBdp7WzeAot2NTIEYpD8PHp8Z
F79OFgDegmL+trmNHLNWlIxBluwQXh8QCklITMnAansUrdcw/cruwJm3UN9M4Qau
UdFmyDWe8pvf19dXfyNyzMVBVXvMt1jb1icUolJHOLdbJidFrbMSgETM7225aQ+2
AwPTez/Kpgfk6BhC/R295ypAmhhB+pGzS2/OElJ76ola3iENc/azY1leYS8oK0uT
PhbNKA3xkMyegrpIB5yFH2LyKAeJ4BJXwwnkrNgFEIEkDiIBI5qcZWL95KDrVLiH
vMr27VrfW5Yvf2z7g6J8U286m0NSLYOgVnVjEyiGKX0ba1T+
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:11 2026 by rpki-client