Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b50b516-b90a-4f69-ace2-8e904f240f1d.roa
File: 0b50b516-b90a-4f69-ace2-8e904f240f1d.roa (raw, json)
Hash identifier: drZjut9G6ajOO24zO5OZOR1z0gMFd3p1V4R5sGzCMyQ=
Subject key identifier: F2:A2:D7:C4:9D:AF:28:A3:51:F2:5D:DF:D6:3F:26:8C:E5:F1:98:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3511A08EBE3C4151A837C186CFDC799DCE648FE7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b50b516-b90a-4f69-ace2-8e904f240f1d.roa
Signing time: Tue 19 May 2026 04:40:26 +0000
ROA not before: Tue 19 May 2026 04:40:26 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:11:a0:8e:be:3c:41:51:a8:37:c1:86:cf:dc:79:9d:ce:64:8f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:26 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=16d099f9254733f0a34445efe712d3306c1d8c070ea15833eed8b718d3e2502e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:41:86:83:31:f0:94:02:64:95:05:61:9b:39:
39:73:b2:3c:23:97:e3:06:97:38:5d:7e:d4:1a:6a:
52:6f:85:51:ec:42:f3:f3:eb:86:0b:de:86:88:8b:
48:7d:cd:d5:4e:75:7e:92:cf:f2:c8:c6:b1:4d:8d:
fa:c4:a9:28:26:ea:3c:d4:e5:36:e9:da:98:4f:fc:
e7:5b:99:5f:54:95:29:71:bd:f5:f6:48:0e:12:6a:
23:5c:ce:76:c5:45:6a:05:24:cc:dd:12:d0:c5:86:
04:a3:61:49:b3:52:96:23:84:8a:f3:d4:99:d2:92:
89:01:32:07:27:3c:1e:fa:6c:8d:9b:8d:78:35:7e:
eb:c7:70:ca:51:c5:ad:f2:49:f9:16:d8:e2:03:69:
27:71:0d:c9:cc:ac:22:e7:c5:eb:11:35:51:b5:2d:
43:04:bc:f9:c5:d6:81:7d:5b:dd:c7:44:2d:d1:f1:
60:98:33:10:51:32:2d:34:8f:d3:f0:ae:77:a4:4d:
ef:db:de:a4:1f:80:51:85:30:ef:a7:32:12:07:d2:
c6:4d:8d:ba:33:f8:5f:6a:f3:4d:a0:69:bf:b1:7d:
19:7b:01:84:ec:34:86:60:58:5d:77:64:f9:ab:25:
c3:b0:cf:f2:3a:9c:3b:3a:85:e6:f5:e8:60:bf:8a:
b6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A2:D7:C4:9D:AF:28:A3:51:F2:5D:DF:D6:3F:26:8C:E5:F1:98:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b50b516-b90a-4f69-ace2-8e904f240f1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:c00::/38
Signature Algorithm: sha256WithRSAEncryption
01:00:9b:e3:c8:66:ca:a7:ed:17:f4:c4:7c:43:36:da:73:c1:
1f:05:61:28:eb:fe:c7:ab:53:ab:f2:6f:d3:9c:56:6e:13:42:
88:1d:2d:d3:48:d2:1b:06:1e:bf:24:03:02:a8:9f:2c:0f:07:
33:36:38:52:22:52:e8:45:4d:b1:ee:bf:40:d0:f5:22:94:ba:
9c:63:e3:68:fb:a9:7d:55:0a:8d:e5:d1:39:48:a0:f1:13:5a:
e2:27:f5:aa:e7:75:fd:5f:d4:4b:85:d0:32:47:30:45:60:3b:
ed:b4:28:d2:ae:7c:28:34:62:50:5d:ff:04:43:e0:9b:3b:80:
37:a1:a5:17:3d:07:d2:6f:8e:05:3f:15:cd:43:b8:bb:7e:d5:
1f:a0:5e:9c:b7:6a:62:1f:4c:01:1c:b3:3e:21:6b:8a:98:7f:
b3:4d:bd:c6:fa:b0:90:96:07:57:c1:7c:55:f7:83:4c:27:46:
47:79:93:8a:fd:22:42:17:d1:aa:f8:75:76:16:b6:c7:34:a3:
f9:f1:c0:fa:57:2e:90:52:25:86:33:c8:77:60:df:41:44:93:
27:eb:8e:b1:33:e6:06:59:77:fc:5b:44:a2:81:4a:fe:a7:87:
75:fe:63:07:dd:69:cc:63:2e:e4:86:80:dc:c0:1d:f4:23:1c:
4d:41:af:17
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNRGgjr48QVGoN8GGz9x5nc5kj+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMjZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ZDA5OWY5MjU0NzMzZjBhMzQ0NDVlZmU3MTJkMzMwNmMxZDhjMDcwZWEx
NTgzM2VlZDhiNzE4ZDNlMjUwMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhBhoMx8JQCZJUFYZs5OXOyPCOX4waXOF1+1BpqUm+FUexC8/PrhgvehoiL
SH3N1U51fpLP8sjGsU2N+sSpKCbqPNTlNunamE/851uZX1SVKXG99fZIDhJqI1zO
dsVFagUkzN0S0MWGBKNhSbNSliOEivPUmdKSiQEyByc8HvpsjZuNeDV+68dwylHF
rfJJ+RbY4gNpJ3ENycysIufF6xE1UbUtQwS8+cXWgX1b3cdELdHxYJgzEFEyLTSP
0/Cud6RN79vepB+AUYUw76cyEgfSxk2NujP4X2rzTaBpv7F9GXsBhOw0hmBYXXdk
+aslw7DP8jqcOzqF5vXoYL+KtrMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyotfE
na8oo1HyXd/WPyaM5fGY/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGI1MGI1MTYtYjkwYS00ZjY5LWFjZTItOGU5MDRmMjQwZjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoM
MA0GCSqGSIb3DQEBCwUAA4IBAQABAJvjyGbKp+0X9MR8Qzbac8EfBWEo6/7Hq1Or
8m/TnFZuE0KIHS3TSNIbBh6/JAMCqJ8sDwczNjhSIlLoRU2x7r9A0PUilLqcY+No
+6l9VQqN5dE5SKDxE1riJ/Wq53X9X9RLhdAyRzBFYDvttCjSrnwoNGJQXf8EQ+Cb
O4A3oaUXPQfSb44FPxXNQ7i7ftUfoF6ct2piH0wBHLM+IWuKmH+zTb3G+rCQlgdX
wXxV94NMJ0ZHeZOK/SJCF9Gq+HV2FrbHNKP58cD6Vy6QUiWGM8h3YN9BRJMn646x
M+YGWXf8W0SigUr+p4d1/mMH3WnMYy7khoDcwB30IxxNQa8X
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:33 2026 by rpki-client