Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
File: 17057de1-0841-47c5-9f52-f4f803d5e2d4.roa (raw, json)
Hash identifier: dhe312EGtneXS3DUo8CqmfbrY0otrAnWCL/ocQLiUJM=
Subject key identifier: C5:E1:60:F5:EC:0D:79:DD:AD:F1:10:DA:46:29:BB:D6:EB:E0:BB:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20B4B89B2A97DA7BB26D347B3BA798D0B2063DFC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
Signing time: Tue 19 May 2026 05:10:03 +0000
ROA not before: Tue 19 May 2026 05:10:03 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:b4:b8:9b:2a:97:da:7b:b2:6d:34:7b:3b:a7:98:d0:b2:06:3d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:03 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=46f7f8e3ddc0227223ffde0512f561acee2745fe13e636e804d158a24fa2497d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e1:58:04:af:8c:c2:7e:52:e5:3c:1a:ba:97:
e0:86:67:a7:90:ba:8b:b6:39:16:78:ff:94:ce:e6:
61:c9:ba:54:91:7a:73:02:25:f1:71:34:33:a7:04:
1b:ce:c3:9d:d3:a6:77:af:a2:54:3b:c2:0b:ea:9c:
ca:70:25:b7:33:b6:47:9e:6f:72:31:f3:a2:25:55:
34:fb:d9:b3:76:a9:97:3b:62:f1:a3:6e:98:c3:db:
8a:61:ff:52:6c:10:b9:c2:7e:9a:d0:37:36:a8:3f:
14:aa:03:a1:08:3e:9f:fa:3b:90:9e:ca:be:67:b1:
98:fa:a8:0c:c6:e0:5f:39:e9:39:c1:9d:59:e2:b4:
2c:f0:88:e5:9b:e5:70:ad:af:de:83:88:4b:8f:0a:
72:2e:06:97:7f:66:c1:32:8a:87:87:fc:e3:ac:2f:
62:c4:45:8c:32:1b:9c:50:de:45:d2:74:eb:a8:d5:
1c:65:35:96:7a:76:b4:21:93:51:e2:ad:67:5e:c3:
2d:4d:69:9c:e5:cc:72:06:89:7d:27:e0:b2:da:89:
21:8a:a0:4e:60:7f:1b:ee:8b:da:0a:6d:f1:49:7e:
67:70:76:81:ec:ed:10:92:a7:15:2a:b8:6d:dd:01:
38:fc:66:5e:f8:48:6c:ae:33:16:48:3a:3d:41:46:
f2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E1:60:F5:EC:0D:79:DD:AD:F1:10:DA:46:29:BB:D6:EB:E0:BB:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
71:ba:81:b2:9c:f9:3b:81:df:e0:86:60:de:6c:06:26:07:a8:
f8:bf:bd:b3:f4:cb:e5:fe:51:3b:93:53:f3:87:80:6d:06:c2:
72:f1:5a:74:68:b0:e2:16:64:15:55:b2:d3:1d:f1:6a:8b:c4:
73:15:da:51:4f:d6:ac:c7:44:a0:21:1f:7e:d2:69:bc:89:8f:
71:de:9a:95:f6:1b:3e:2b:87:11:df:72:c4:45:e8:3a:64:03:
95:4e:e1:62:5b:2a:34:7c:fa:48:08:84:5f:b2:85:82:b7:6f:
bb:97:d8:dc:f2:7d:78:6e:8f:c5:eb:bc:cf:2e:6c:e5:e7:82:
c5:ea:b5:bb:34:df:30:d6:ac:12:c9:87:dc:48:6f:43:5f:92:
7b:3a:29:a3:45:4f:ad:b5:f0:2e:6c:ab:8a:11:61:d9:be:6b:
86:b7:c6:aa:dc:63:f7:95:38:af:43:63:59:89:ad:56:98:4e:
5a:9c:28:6d:03:89:6e:cb:65:a1:bc:18:1e:f6:46:e2:a6:65:
1e:1b:4b:57:b5:a0:9e:cf:99:d7:d6:62:31:a7:94:c3:3a:90:
5a:3e:27:8e:98:32:b0:05:c3:a6:5a:37:59:7f:06:7c:cc:65:
32:d4:8a:ca:01:85:0a:fe:5a:79:19:1f:35:7c:2a:b8:f6:58:
ed:27:6e:dd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUILS4myqX2nuybTR7O6eY0LIGPfwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2ZjdmOGUzZGRjMDIyNzIyM2ZmZGUwNTEyZjU2MWFjZWUyNzQ1ZmUxM2U2
MzZlODA0ZDE1OGEyNGZhMjQ5N2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3hWASvjMJ+UuU8GrqX4IZnp5C6i7Y5Fnj/lM7mYcm6VJF6cwIl8XE0M6cE
G87DndOmd6+iVDvCC+qcynAltzO2R55vcjHzoiVVNPvZs3aplzti8aNumMPbimH/
UmwQucJ+mtA3Nqg/FKoDoQg+n/o7kJ7KvmexmPqoDMbgXznpOcGdWeK0LPCI5Zvl
cK2v3oOIS48Kci4Gl39mwTKKh4f846wvYsRFjDIbnFDeRdJ066jVHGU1lnp2tCGT
UeKtZ17DLU1pnOXMcgaJfSfgstqJIYqgTmB/G+6L2gpt8Ul+Z3B2geztEJKnFSq4
bd0BOPxmXvhIbK4zFkg6PUFG8nUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTF4WD1
7A153a3xENpGKbvW6+C7wTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTcwNTdkZTEtMDg0MS00N2M1LTlmNTItZjRmODAzZDVlMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQBxuoGynPk7gd/ghmDebAYmB6j4v72z9Mvl/lE7
k1Pzh4BtBsJy8Vp0aLDiFmQVVbLTHfFqi8RzFdpRT9asx0SgIR9+0mm8iY9x3pqV
9hs+K4cR33LEReg6ZAOVTuFiWyo0fPpICIRfsoWCt2+7l9jc8n14bo/F67zPLmzl
54LF6rW7NN8w1qwSyYfcSG9DX5J7OimjRU+ttfAubKuKEWHZvmuGt8aq3GP3lTiv
Q2NZia1WmE5anChtA4luy2WhvBge9kbipmUeG0tXtaCez5nX1mIxp5TDOpBaPieO
mDKwBcOmWjdZfwZ8zGUy1IrKAYUK/lp5GR81fCq49ljtJ27d
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:48:06 2026 by rpki-client