Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
File: 14a1cb35-92d7-4bc2-854c-094a3829c73e.roa (raw, json)
Hash identifier: 3G6LJj9XSIgyV27W6gWT9SOEuM1lGmPM3BaXC7x91pk=
Subject key identifier: 91:C7:B8:D4:34:A2:AE:41:94:0B:09:5D:18:44:33:E1:A4:BB:69:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6868F4BCFE32F895F38683DAA96BD7027A32BCB5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
Signing time: Tue 19 May 2026 04:50:11 +0000
ROA not before: Tue 19 May 2026 04:50:11 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:68:f4:bc:fe:32:f8:95:f3:86:83:da:a9:6b:d7:02:7a:32:bc:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:11 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=460ed535c0e47e53cf342861effa9c25809607829aaa9f3c8801ed23960d6232, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:78:2a:0a:d9:47:5d:b8:8b:ed:15:f8:2d:4c:
7d:b2:22:bf:52:12:1b:9d:41:2e:22:c7:ca:cc:70:
8a:c3:63:90:d6:bc:57:f7:4b:fa:e4:8b:93:62:2e:
84:bd:74:61:cb:3c:e6:54:9e:9c:a7:74:b6:5e:76:
54:01:ab:87:35:29:93:91:52:38:91:8c:8d:73:7c:
f3:f3:7d:5e:e6:9c:fa:9d:c0:43:60:f1:cd:68:d2:
d4:e1:df:44:dd:3d:dd:84:b5:77:68:bb:44:ba:fe:
4b:05:e7:53:53:6e:27:92:7d:ee:69:4d:da:bf:2c:
11:58:5c:2d:ba:43:dc:81:9c:92:a7:eb:56:b4:81:
c6:c2:fe:30:5a:80:b5:2c:6c:a8:d2:24:3e:77:c2:
c4:51:0a:d2:fd:19:aa:d7:92:10:d3:ad:ca:87:af:
ad:ac:e6:63:a2:d4:02:1a:c5:83:93:93:33:95:62:
27:97:c0:be:1d:c8:84:16:eb:ef:65:3c:ee:41:49:
2d:91:4e:fb:01:67:c1:d4:7c:cd:2c:33:70:f9:3e:
20:f7:d2:de:ab:71:35:f5:27:7a:f5:d1:ad:e7:9c:
90:21:3b:d7:5e:fb:19:ae:25:04:bd:32:90:9c:93:
46:01:49:e1:bb:ea:61:09:68:1e:d6:f8:1f:51:59:
ca:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C7:B8:D4:34:A2:AE:41:94:0B:09:5D:18:44:33:E1:A4:BB:69:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8040::/48
Signature Algorithm: sha256WithRSAEncryption
c0:6f:50:a4:5b:12:70:69:fd:85:66:a2:11:cf:f9:53:e0:65:
e5:80:06:75:a1:54:b3:33:fb:f5:9f:8a:38:c0:33:7a:0c:4c:
49:f3:19:39:57:7d:a9:4f:a9:dc:a3:16:53:a9:73:d4:81:1a:
21:cd:7a:70:f1:c7:eb:60:87:cf:cd:6e:56:5f:f3:94:db:3f:
7d:4c:9b:dd:c0:79:bf:ef:1c:39:64:63:28:72:b8:f0:c2:89:
f7:e3:fd:7b:b3:97:42:96:76:a5:8c:4c:49:ff:76:66:9c:76:
16:62:e6:8f:42:93:1c:81:57:f3:bd:1c:4a:a8:f2:2e:67:7d:
dd:4d:3b:0f:82:30:13:21:e9:42:77:74:96:db:3c:a8:c0:63:
d1:00:4e:d9:23:21:76:cc:fa:dd:44:43:78:ad:d7:2e:fd:6b:
a3:cf:87:01:73:55:35:74:54:10:12:63:ee:8c:8c:e2:51:0b:
b8:c2:a0:fd:57:b3:73:eb:72:76:92:ff:6c:f5:7b:ec:4b:0d:
a1:ce:b2:80:ba:ac:7e:e4:bf:86:30:e6:2e:c0:d4:e1:19:ad:
1a:4d:96:73:d9:bd:b3:6e:3f:da:d5:2a:88:72:db:af:33:d2:
9b:e4:03:f5:7b:7a:57:c4:d1:be:c8:75:74:02:d3:84:97:b1:
35:21:e5:9b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaGj0vP4y+JXzhoPaqWvXAnoyvLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2MGVkNTM1YzBlNDdlNTNjZjM0Mjg2MWVmZmE5YzI1ODA5NjA3ODI5YWFh
OWYzYzg4MDFlZDIzOTYwZDYyMzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZ4KgrZR124i+0V+C1MfbIiv1ISG51BLiLHysxwisNjkNa8V/dL+uSLk2Iu
hL10Ycs85lSenKd0tl52VAGrhzUpk5FSOJGMjXN88/N9Xuac+p3AQ2DxzWjS1OHf
RN093YS1d2i7RLr+SwXnU1NuJ5J97mlN2r8sEVhcLbpD3IGckqfrVrSBxsL+MFqA
tSxsqNIkPnfCxFEK0v0ZqteSENOtyoevrazmY6LUAhrFg5OTM5ViJ5fAvh3IhBbr
72U87kFJLZFO+wFnwdR8zSwzcPk+IPfS3qtxNfUnevXRreeckCE71177Ga4lBL0y
kJyTRgFJ4bvqYQloHtb4H1FZyiUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSRx7jU
NKKuQZQLCV0YRDPhpLtpTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTRhMWNiMzUtOTJkNy00YmMyLTg1NGMtMDk0YTM4MjljNzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
QDANBgkqhkiG9w0BAQsFAAOCAQEAwG9QpFsScGn9hWaiEc/5U+Bl5YAGdaFUszP7
9Z+KOMAzegxMSfMZOVd9qU+p3KMWU6lz1IEaIc16cPHH62CHz81uVl/zlNs/fUyb
3cB5v+8cOWRjKHK48MKJ9+P9e7OXQpZ2pYxMSf92Zpx2FmLmj0KTHIFX870cSqjy
Lmd93U07D4IwEyHpQnd0lts8qMBj0QBO2SMhdsz63URDeK3XLv1ro8+HAXNVNXRU
EBJj7oyM4lELuMKg/Vezc+tydpL/bPV77EsNoc6ygLqsfuS/hjDmLsDU4RmtGk2W
c9m9s24/2tUqiHLbrzPSm+QD9Xt6V8TRvsh1dALThJexNSHlmw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:33 2026 by rpki-client