Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1819917f-a269-4c31-9874-b8f5473ba80a.roa
File: 1819917f-a269-4c31-9874-b8f5473ba80a.roa (raw, json)
Hash identifier: MK8tqnfr0sXlVMerU5h1M0Q1o0qqkgk/QRoxqdqLaeg=
Subject key identifier: C0:76:A4:0F:90:4F:4B:D1:3F:D7:C3:80:5B:3C:DD:5C:43:C6:3C:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 705D07FA108D8AB9A704F51ED2790C51F465491A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1819917f-a269-4c31-9874-b8f5473ba80a.roa
Signing time: Sun 31 May 2026 00:30:18 +0000
ROA not before: Sun 31 May 2026 00:30:18 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d033:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:5d:07:fa:10:8d:8a:b9:a7:04:f5:1e:d2:79:0c:51:f4:65:49:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 00:30:18 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=7675f9d1a246791c60ad75d2ee3109cda972ae00cb7be058e94456be3d7c5ad9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ee:9c:86:54:a4:4e:d3:f8:c4:23:3a:c7:11:
7e:77:ce:f3:3d:e6:b8:86:44:2b:53:fc:0b:85:c9:
8b:59:ca:80:44:9f:e3:43:ba:de:a9:e0:1a:4f:0d:
c1:76:d5:c8:08:a3:07:f8:ba:56:46:45:f5:32:14:
d6:4d:f4:e2:20:09:f0:9d:48:96:7d:ee:bb:4d:39:
aa:28:d9:c1:1b:c5:47:c9:be:0f:ae:8f:e8:f0:7f:
38:56:b0:1d:1a:e1:c0:50:2f:56:79:62:db:5d:a1:
a1:6b:5c:a3:f6:38:8f:a8:0e:16:fb:ad:2b:b0:82:
ed:31:77:1d:c1:4b:bd:87:8a:c3:70:bc:8a:83:18:
04:9b:42:48:29:d8:e4:82:a5:13:7e:00:a7:6c:16:
86:a4:6d:36:14:ef:31:ca:0d:17:a1:03:bd:73:7b:
14:09:7b:18:bd:2d:68:20:a3:8a:3d:76:fe:3a:25:
92:ea:29:dc:7e:1d:bd:fc:eb:aa:a5:cc:a0:85:bd:
f5:de:3d:66:37:7a:a0:76:2c:9a:6a:bc:83:64:29:
eb:63:fd:eb:3f:04:20:ff:a4:b7:1e:47:9b:f2:90:
5a:80:95:88:2c:dc:21:2e:66:5e:65:d6:a3:7e:f6:
37:53:44:1c:87:5c:34:8a:af:82:96:d7:a7:04:8e:
8d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:76:A4:0F:90:4F:4B:D1:3F:D7:C3:80:5B:3C:DD:5C:43:C6:3C:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1819917f-a269-4c31-9874-b8f5473ba80a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d033:6000::/40
Signature Algorithm: sha256WithRSAEncryption
83:b7:4d:bf:6f:41:ba:78:b3:5f:b8:6b:5f:4d:09:6c:01:cd:
d9:3c:49:47:f6:c0:00:55:cf:5b:06:18:5c:97:ae:87:82:a2:
35:cc:5e:a2:ee:5b:2e:db:3a:ba:7f:49:8d:5d:80:f4:a1:47:
54:82:28:21:18:83:1f:29:59:3a:4d:91:ba:65:16:2d:bf:ce:
51:02:c8:3e:b2:3a:d7:76:98:47:b9:c6:99:ac:be:f7:21:3d:
b2:c8:a3:d3:4e:50:26:eb:72:52:fe:b1:87:51:f0:c5:d5:38:
62:13:63:7b:36:16:af:63:f6:71:cb:2d:9d:eb:5f:4a:cd:2d:
41:68:7b:b9:a2:20:8c:c1:41:9e:d9:12:cd:11:34:2e:54:29:
e5:b9:68:91:0b:e3:c1:f1:57:f9:fd:48:59:34:c4:c6:09:d0:
b6:31:90:53:f5:6f:94:77:2a:d1:c7:1a:34:74:b6:66:f2:57:
a3:b8:fa:11:05:f5:d7:38:fc:87:27:d9:20:c5:22:a6:a4:56:
83:d5:08:03:a8:78:ce:84:c4:af:dc:6d:95:35:39:8b:b9:01:
7c:60:bf:13:76:60:a2:a2:56:37:72:27:4c:a8:c1:8a:94:1d:
fe:60:e4:cf:0b:d6:3e:27:46:87:88:34:47:51:86:ac:d9:67:
a4:b9:89:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcF0H+hCNirmnBPUe0nkMUfRlSRowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMDMwMThaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NzVmOWQxYTI0Njc5MWM2MGFkNzVkMmVlMzEwOWNkYTk3MmFlMDBjYjdi
ZTA1OGU5NDQ1NmJlM2Q3YzVhZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTunIZUpE7T+MQjOscRfnfO8z3muIZEK1P8C4XJi1nKgESf40O63qngGk8N
wXbVyAijB/i6VkZF9TIU1k304iAJ8J1Iln3uu005qijZwRvFR8m+D66P6PB/OFaw
HRrhwFAvVnli212hoWtco/Y4j6gOFvutK7CC7TF3HcFLvYeKw3C8ioMYBJtCSCnY
5IKlE34Ap2wWhqRtNhTvMcoNF6EDvXN7FAl7GL0taCCjij12/jolkuop3H4dvfzr
qqXMoIW99d49Zjd6oHYsmmq8g2Qp62P96z8EIP+ktx5Hm/KQWoCViCzcIS5mXmXW
o372N1NEHIdcNIqvgpbXpwSOjasCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTAdqQP
kE9L0T/Xw4BbPN1cQ8Y8nTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgxOTkxN2YtYTI2OS00YzMxLTk4NzQtYjhmNTQ3M2JhODBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DNg
MA0GCSqGSIb3DQEBCwUAA4IBAQCDt02/b0G6eLNfuGtfTQlsAc3ZPElH9sAAVc9b
Bhhcl66HgqI1zF6i7lsu2zq6f0mNXYD0oUdUgighGIMfKVk6TZG6ZRYtv85RAsg+
sjrXdphHucaZrL73IT2yyKPTTlAm63JS/rGHUfDF1ThiE2N7NhavY/Zxyy2d619K
zS1BaHu5oiCMwUGe2RLNETQuVCnluWiRC+PB8Vf5/UhZNMTGCdC2MZBT9W+UdyrR
xxo0dLZm8lejuPoRBfXXOPyHJ9kgxSKmpFaD1QgDqHjOhMSv3G2VNTmLuQF8YL8T
dmCiolY3cidMqMGKlB3+YOTPC9Y+J0aHiDRHUYas2WekuYmu
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:14:09 2026 by rpki-client