Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b360e2c-382b-4420-8550-330a58e946ee.roa
File: 0b360e2c-382b-4420-8550-330a58e946ee.roa (raw, json)
Hash identifier: l2LlRff3D5geI8lvPtpIOwKh9vmXFObILVkZeIH3K5Q=
Subject key identifier: 01:43:AD:CF:60:A1:A6:6D:F0:01:59:A3:5F:39:A0:19:88:3C:74:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DB3340BDA4D9CCF9E02F0DBE61D6288501D031C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b360e2c-382b-4420-8550-330a58e946ee.roa
Signing time: Tue 19 May 2026 05:40:04 +0000
ROA not before: Tue 19 May 2026 05:40:04 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:b3:34:0b:da:4d:9c:cf:9e:02:f0:db:e6:1d:62:88:50:1d:03:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:04 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=da1fee0f2059c9c58fa059cdd50bc33033f3ec54a814918a4085bb969f2d0474, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:16:fb:93:94:80:d0:51:02:2a:ac:c5:1b:d8:
05:31:84:e6:88:25:c3:c7:99:fb:c6:cb:af:1e:57:
44:6a:04:f8:6b:95:e3:2e:2d:a7:5e:61:06:95:e7:
8b:d4:67:71:37:75:d8:bf:b5:a2:96:cb:3b:f8:a8:
ec:80:31:4e:70:65:af:54:fc:5e:96:43:7a:18:08:
d2:89:c5:8e:3d:8b:34:bf:dc:49:ea:af:64:d1:55:
c0:5f:63:c8:c2:e5:0f:56:65:7f:c8:53:4b:26:d1:
be:2d:0e:23:bf:eb:c5:e8:09:4a:8a:a6:c3:61:76:
33:6f:63:d3:40:c5:7a:0a:af:76:f6:2d:ea:02:08:
18:03:7b:1a:4c:e9:70:ac:ac:b7:e5:32:16:4c:26:
cd:41:cf:0e:69:7e:4f:62:b8:94:59:89:fc:eb:a0:
8d:21:7a:11:03:66:9a:4f:bc:34:da:3a:1e:e8:d7:
5a:11:26:44:5d:c9:d7:f5:99:03:d8:90:79:d3:29:
a0:7e:9b:a3:f3:87:10:bc:46:1f:6f:90:a9:ab:d7:
43:6b:c8:1f:94:60:bd:ad:b4:1d:e4:0b:85:7e:98:
13:e6:93:3a:50:5f:8c:ae:cd:92:3d:9c:8b:48:8c:
06:78:db:f8:0d:fc:63:29:bf:40:fd:32:bd:33:fe:
76:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:43:AD:CF:60:A1:A6:6D:F0:01:59:A3:5F:39:A0:19:88:3C:74:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b360e2c-382b-4420-8550-330a58e946ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:6000::/40
Signature Algorithm: sha256WithRSAEncryption
35:4e:1d:c2:b1:93:0c:b1:de:55:ef:33:d0:47:69:08:27:b8:
b8:d7:5c:f9:29:36:5e:d1:2c:a8:4f:17:a6:95:41:4b:b4:6a:
85:f1:2b:e8:78:26:2f:3d:eb:ad:9b:95:3b:ef:6a:8e:16:42:
4f:66:88:48:5f:43:62:51:fd:6c:b6:b2:c1:35:eb:57:9f:26:
0e:14:27:10:eb:a6:1e:bd:93:09:34:cf:dd:d6:a5:92:38:ef:
4a:90:df:cb:fa:e4:c8:bf:7d:4d:4f:a9:38:e1:53:a8:dc:0d:
ad:64:ff:46:19:b0:14:23:17:48:6a:c6:0b:28:9f:66:a2:bb:
40:e9:41:1e:80:c7:bf:9d:40:1c:f8:ec:ad:39:79:58:32:e3:
b1:52:2c:40:bb:ea:5d:a0:a5:d8:6c:bb:80:f8:c5:02:12:68:
ee:a7:18:8f:5a:13:10:36:59:21:8c:ab:f1:e9:2b:c1:fd:55:
62:1b:d8:32:39:c8:42:6e:3a:4f:41:f7:95:26:89:27:85:c9:
ed:a0:2e:40:a1:d6:dd:3d:3e:a8:d3:fe:1b:8c:05:26:1d:22:
f4:48:b8:4d:14:46:58:a4:5d:15:5e:a2:f2:2e:8c:32:17:f9:
4c:7e:ad:12:15:fd:32:40:cf:e1:6d:0f:85:6d:b1:07:e7:57:
73:38:4d:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHbM0C9pNnM+eAvDb5h1iiFAdAxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwMDRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhMWZlZTBmMjA1OWM5YzU4ZmEwNTljZGQ1MGJjMzMwMzNmM2VjNTRhODE0
OTE4YTQwODViYjk2OWYyZDA0NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIW+5OUgNBRAiqsxRvYBTGE5oglw8eZ+8bLrx5XRGoE+GuV4y4tp15hBpXn
i9RncTd12L+1opbLO/io7IAxTnBlr1T8XpZDehgI0onFjj2LNL/cSeqvZNFVwF9j
yMLlD1Zlf8hTSybRvi0OI7/rxegJSoqmw2F2M29j00DFegqvdvYt6gIIGAN7Gkzp
cKyst+UyFkwmzUHPDml+T2K4lFmJ/OugjSF6EQNmmk+8NNo6HujXWhEmRF3J1/WZ
A9iQedMpoH6bo/OHELxGH2+QqavXQ2vIH5Rgva20HeQLhX6YE+aTOlBfjK7Nkj2c
i0iMBnjb+A38Yym/QP0yvTP+diMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQBQ63P
YKGmbfABWaNfOaAZiDx0YzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIzNjBlMmMtMzgyYi00NDIwLTg1NTAtMzMwYTU4ZTk0NmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fhg
MA0GCSqGSIb3DQEBCwUAA4IBAQA1Th3CsZMMsd5V7zPQR2kIJ7i411z5KTZe0Syo
TxemlUFLtGqF8SvoeCYvPeutm5U772qOFkJPZohIX0NiUf1strLBNetXnyYOFCcQ
66YevZMJNM/d1qWSOO9KkN/L+uTIv31NT6k44VOo3A2tZP9GGbAUIxdIasYLKJ9m
ortA6UEegMe/nUAc+OytOXlYMuOxUixAu+pdoKXYbLuA+MUCEmjupxiPWhMQNlkh
jKvx6SvB/VViG9gyOchCbjpPQfeVJoknhcntoC5AodbdPT6o0/4bjAUmHSL0SLhN
FEZYpF0VXqLyLowyF/lMfq0SFf0yQM/hbQ+FbbEH51dzOE2H
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:15 2026 by rpki-client