Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
File: 04593af5-4653-4d6a-8bb5-65270db84a4f.roa (raw, json)
Hash identifier: 2SICVXZZol0b9k0s5tn+aYOdt6maXXVqB7r5ueU/IFI=
Subject key identifier: A1:AC:24:86:94:32:3E:AA:00:AF:90:50:47:AF:23:34:6D:0E:1A:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FFA2CFA054157E433940137E5CB4A6404774BA1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
Signing time: Tue 19 May 2026 05:31:19 +0000
ROA not before: Tue 19 May 2026 05:31:19 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02d::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:fa:2c:fa:05:41:57:e4:33:94:01:37:e5:cb:4a:64:04:77:4b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:19 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=5e2b4836a900daebc487f0fcede826ddaa28e8cb5420de0bc5160922426da095, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f2:ea:43:98:6f:7a:43:43:c9:65:45:0b:34:
00:53:7a:f0:ea:99:7b:a2:af:33:d6:62:2b:f6:29:
c2:ff:1e:a1:2e:7f:56:0e:e3:5b:0a:e3:3f:11:9c:
53:c1:71:b9:81:21:64:a3:25:88:25:6a:5d:63:cf:
ca:0c:49:7c:62:80:49:1c:55:ab:72:d0:33:1c:8e:
fe:ac:eb:41:04:ae:08:82:5b:21:24:70:d1:60:c6:
50:c5:1e:04:00:72:5a:cd:0a:41:50:f7:64:f5:5b:
3b:36:3c:8c:5c:86:99:8a:c4:15:94:e0:e8:b9:fb:
85:86:bc:15:e6:fd:e3:0d:d5:07:db:0d:2e:db:a3:
95:d4:64:2f:86:5e:08:98:aa:6a:f8:9d:f0:95:60:
1b:74:c6:6e:2c:78:36:cb:0d:3e:82:f2:db:25:32:
3d:52:4c:ac:3b:ba:c8:d3:69:85:0b:5a:ad:ef:6a:
d2:23:cf:06:93:46:cc:cd:0b:d7:2b:2f:e1:04:30:
29:fc:97:48:71:52:88:9b:86:5c:a9:f5:b2:7a:25:
e4:3f:05:3f:d6:92:01:01:ff:f2:07:8d:f5:ac:00:
11:7c:15:3b:a2:0a:b1:ba:ed:f5:b8:52:31:8c:62:
c8:8b:ef:1b:49:3c:b3:00:1a:28:88:ad:a1:7c:2d:
42:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:AC:24:86:94:32:3E:AA:00:AF:90:50:47:AF:23:34:6D:0E:1A:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02d::/36
Signature Algorithm: sha256WithRSAEncryption
0b:f6:6c:bd:2e:02:71:95:88:5f:18:07:77:f4:5c:f7:3e:3f:
77:85:28:08:16:11:75:05:f1:f4:73:78:7c:87:67:31:ad:79:
3a:83:7f:c8:25:a8:db:b0:d9:ce:0d:28:8f:2c:59:47:1d:26:
a0:0d:ac:68:f2:ef:98:cb:e8:8f:9f:87:22:22:6e:e3:84:fd:
8c:27:2f:43:f5:57:01:4d:1f:19:7f:6d:41:2f:ab:13:4a:e1:
27:4e:4c:cf:1e:c5:d9:ea:2d:5b:0e:52:1b:72:d4:49:3f:e2:
96:04:ef:76:e9:c9:d6:6f:f5:3c:71:ea:44:c3:8f:0a:24:f4:
b9:14:15:db:43:7c:9f:8b:ea:1f:a9:3f:fd:8e:8b:9a:99:67:
7f:13:1d:2b:97:36:23:9d:8f:45:7f:fe:2c:ae:dc:f7:8d:cc:
42:ab:17:0a:0d:3d:27:21:f5:e0:a8:53:1b:71:d5:6c:8f:0a:
f6:43:90:d5:82:89:89:8c:13:39:df:83:ed:97:a3:04:7d:dd:
29:a7:bd:f6:06:4b:fe:9a:71:f0:a2:87:26:af:3b:96:4c:f6:
cc:b5:07:7a:66:07:c5:92:20:23:05:a0:42:12:24:59:9b:0f:
33:d7:68:5c:ac:cd:45:f3:0b:99:cb:e8:09:27:dd:ae:30:c4:
73:85:4b:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX/os+gVBV+QzlAE35ctKZAR3S6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlMmI0ODM2YTkwMGRhZWJjNDg3ZjBmY2VkZTgyNmRkYWEyOGU4Y2I1NDIw
ZGUwYmM1MTYwOTIyNDI2ZGEwOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJDy6kOYb3pDQ8llRQs0AFN68OqZe6KvM9ZiK/Ypwv8eoS5/Vg7jWwrjPxGc
U8FxuYEhZKMliCVqXWPPygxJfGKASRxVq3LQMxyO/qzrQQSuCIJbISRw0WDGUMUe
BAByWs0KQVD3ZPVbOzY8jFyGmYrEFZTg6Ln7hYa8Feb94w3VB9sNLtujldRkL4Ze
CJiqavid8JVgG3TGbix4NssNPoLy2yUyPVJMrDu6yNNphQtare9q0iPPBpNGzM0L
1ysv4QQwKfyXSHFSiJuGXKn1snol5D8FP9aSAQH/8geN9awAEXwVO6IKsbrt9bhS
MYxiyIvvG0k8swAaKIitoXwtQukCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShrCSG
lDI+qgCvkFBHryM0bQ4atTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ1OTNhZjUtNDY1My00ZDZhLThiYjUtNjUyNzBkYjg0YTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C0A
MA0GCSqGSIb3DQEBCwUAA4IBAQAL9my9LgJxlYhfGAd39Fz3Pj93hSgIFhF1BfH0
c3h8h2cxrXk6g3/IJajbsNnODSiPLFlHHSagDaxo8u+Yy+iPn4ciIm7jhP2MJy9D
9VcBTR8Zf21BL6sTSuEnTkzPHsXZ6i1bDlIbctRJP+KWBO926cnWb/U8cepEw48K
JPS5FBXbQ3yfi+ofqT/9jouamWd/Ex0rlzYjnY9Ff/4srtz3jcxCqxcKDT0nIfXg
qFMbcdVsjwr2Q5DVgomJjBM534Ptl6MEfd0pp732Bkv+mnHwoocmrzuWTPbMtQd6
ZgfFkiAjBaBCEiRZmw8z12hcrM1F8wuZy+gJJ92uMMRzhUsy
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:25 2026 by rpki-client