Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f67554-ef04-4edc-997e-0a2f920a8c91.roa
File: 03f67554-ef04-4edc-997e-0a2f920a8c91.roa (raw, json)
Hash identifier: s+WwjPO6SRk3VbATmTbGSuq/ZuR6xMpbacdqG5JGhA0=
Subject key identifier: 80:77:29:9A:37:99:6B:97:7F:37:E2:F8:8B:9D:82:C9:76:F8:A0:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D3EAACB5D96E5D01BC40CA00737363579445524
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f67554-ef04-4edc-997e-0a2f920a8c91.roa
Signing time: Fri 22 May 2026 16:03:29 +0000
ROA not before: Fri 22 May 2026 16:03:29 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:3e:aa:cb:5d:96:e5:d0:1b:c4:0c:a0:07:37:36:35:79:44:55:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:03:29 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=5da41ca19e25a050a135bad0a7e5edd857a99cf819485afbd2d2e053de98bf2d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e5:65:40:e2:93:59:99:3b:e6:d2:b7:14:6b:
26:4e:df:e6:f2:90:fd:1a:5e:12:7c:c2:d6:4e:9d:
15:ed:c1:d7:34:4b:4a:33:41:a3:c2:86:e3:8b:b3:
12:5a:25:f2:33:05:57:26:84:fa:28:a3:4d:ef:5c:
e2:c8:02:db:43:6c:cd:3b:8f:7a:05:1a:9b:52:00:
61:01:d1:ca:77:b8:76:8a:57:e5:49:46:0f:29:38:
6e:d0:47:7d:9f:5f:a0:39:e5:be:96:85:28:b4:e0:
f3:93:c7:c4:38:d2:de:93:84:89:c5:ae:f8:05:5c:
40:99:49:8b:11:9b:77:0f:34:a3:02:fa:27:ec:6a:
0c:1f:4c:a7:8b:20:01:47:90:5e:61:26:e7:6a:94:
9b:cb:44:4d:31:c7:2c:7a:da:ac:ec:28:3f:48:64:
f2:c7:3f:45:dc:75:62:cf:ee:71:38:e8:a1:7a:b5:
bc:ba:2c:1e:08:7a:32:8f:49:2e:ba:b8:88:60:83:
79:fc:b7:81:d0:62:51:b1:37:55:fa:ef:46:93:80:
d5:38:60:a3:6c:af:a1:87:ba:b7:a6:35:b4:c8:29:
2a:36:ac:b0:49:71:9e:15:9f:d7:fb:3b:08:eb:17:
44:17:5e:70:8f:e4:56:39:35:0c:c1:fe:0d:ef:b3:
2a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:77:29:9A:37:99:6B:97:7F:37:E2:F8:8B:9D:82:C9:76:F8:A0:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f67554-ef04-4edc-997e-0a2f920a8c91.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:4080::/48
Signature Algorithm: sha256WithRSAEncryption
65:2e:aa:2a:34:b9:fc:e9:16:43:79:35:6d:3d:30:cf:69:eb:
b7:52:66:f2:7d:33:62:71:4c:d2:ee:a7:ec:46:e6:ba:80:b6:
f2:b5:af:d3:f3:55:f8:b4:2e:60:cf:3c:e1:25:2a:16:81:b4:
3c:37:1c:f5:a7:6e:71:f2:77:76:9e:02:c9:65:e2:e5:24:bb:
e6:31:0d:e7:58:65:2a:96:23:8d:d2:96:5a:e9:db:b2:0d:82:
f6:9e:44:51:30:45:41:6d:ae:49:50:7e:a2:a0:7e:c9:a6:9d:
6c:59:69:49:b4:1e:48:6a:ff:40:44:01:10:21:70:c9:9b:fd:
61:ed:16:3d:da:3a:4f:be:91:e6:1e:77:02:0c:c4:ac:6a:f3:
b0:2c:02:c3:0f:2d:71:ad:f3:c9:b2:fd:f1:31:55:77:ef:1d:
f9:7d:0c:56:7b:0b:67:4f:cb:02:25:4d:bc:3f:41:49:4c:e7:
87:9c:a5:91:5e:39:b3:79:90:fc:78:f1:5d:bb:d5:dd:39:f2:
5f:8a:67:57:c5:6c:20:3e:8b:91:c9:b6:18:82:2c:36:8a:7c:
53:8a:65:4b:1d:73:9a:54:7d:af:23:0d:67:80:62:5b:24:55:
1c:96:16:9e:7d:90:a7:42:6f:b3:16:28:77:73:3a:7a:24:aa:
8e:07:8c:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTT6qy12W5dAbxAygBzc2NXlEVSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAzMjlaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkYTQxY2ExOWUyNWEwNTBhMTM1YmFkMGE3ZTVlZGQ4NTdhOTljZjgxOTQ4
NWFmYmQyZDJlMDUzZGU5OGJmMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAITlZUDik1mZO+bStxRrJk7f5vKQ/RpeEnzC1k6dFe3B1zRLSjNBo8KG44uz
Elol8jMFVyaE+iijTe9c4sgC20NszTuPegUam1IAYQHRyne4dopX5UlGDyk4btBH
fZ9foDnlvpaFKLTg85PHxDjS3pOEicWu+AVcQJlJixGbdw80owL6J+xqDB9Mp4sg
AUeQXmEm52qUm8tETTHHLHrarOwoP0hk8sc/Rdx1Ys/ucTjooXq1vLosHgh6Mo9J
Lrq4iGCDefy3gdBiUbE3VfrvRpOA1Thgo2yvoYe6t6Y1tMgpKjassElxnhWf1/s7
COsXRBdecI/kVjk1DMH+De+zKucCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSAdyma
N5lrl3834viLnYLJdvigbjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNmNjc1NTQtZWYwNC00ZWRjLTk5N2UtMGEyZjkyMGE4YzkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GhA
gDANBgkqhkiG9w0BAQsFAAOCAQEAZS6qKjS5/OkWQ3k1bT0wz2nrt1Jm8n0zYnFM
0u6n7EbmuoC28rWv0/NV+LQuYM884SUqFoG0PDcc9aducfJ3dp4CyWXi5SS75jEN
51hlKpYjjdKWWunbsg2C9p5EUTBFQW2uSVB+oqB+yaadbFlpSbQeSGr/QEQBECFw
yZv9Ye0WPdo6T76R5h53AgzErGrzsCwCww8tca3zybL98TFVd+8d+X0MVnsLZ0/L
AiVNvD9BSUznh5ylkV45s3mQ/HjxXbvV3TnyX4pnV8VsID6Lkcm2GIIsNop8U4pl
Sx1zmlR9ryMNZ4BiWyRVHJYWnn2Qp0JvsxYod3M6eiSqjgeMaQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:54:04 2026 by rpki-client