Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
File: 1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa (raw, json)
Hash identifier: 1HI3PzScq9aJbMHE0+PRcMACxkPCxTL4NoZjLl/3pVg=
Subject key identifier: 4D:97:C8:7B:97:AF:2B:38:3F:AA:61:9B:C2:9F:75:90:07:63:B1:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 579CA6DBCDB8C2EB95EB8A4CA9546C4C3119F1D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
Signing time: Tue 19 May 2026 05:40:04 +0000
ROA not before: Tue 19 May 2026 05:40:04 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:9c:a6:db:cd:b8:c2:eb:95:eb:8a:4c:a9:54:6c:4c:31:19:f1:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:04 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f4004d9e377117bb47f027412ff6ee28aea7fae0e91497a796603d5f6d7f562b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a7:34:44:31:45:ef:ad:a2:69:9a:f3:16:75:
e1:ed:06:4b:44:06:10:1b:8c:45:a8:82:89:62:47:
7f:ff:28:93:51:79:eb:f5:ff:c3:ed:5e:f2:99:01:
2e:20:67:70:a3:3d:ce:45:57:e9:17:d2:7f:23:db:
86:2a:0a:f4:0a:b8:bb:28:61:c3:d8:1e:a0:fb:ff:
a9:b0:4a:58:8d:5e:6d:17:44:b7:26:d4:12:c7:9c:
7f:bb:ac:27:40:11:64:cb:c8:bb:f4:fd:4b:ac:b7:
4b:94:24:e4:c9:77:d4:a0:e0:54:ac:25:00:ba:dc:
35:bc:9a:9b:b0:31:bc:6a:3e:06:fe:05:f0:f3:0c:
c5:a5:7e:3e:a1:e7:4d:69:84:e3:22:30:7d:73:74:
c2:e2:62:2c:eb:46:27:42:2f:48:95:01:ec:87:3f:
ba:7b:cb:99:39:c6:f5:3c:a3:93:e5:6b:9c:f9:74:
04:1d:c6:89:34:e2:22:63:63:8d:34:31:9d:72:57:
87:a1:62:03:22:35:6f:e8:b0:a6:28:30:f6:06:5d:
f9:0b:ca:c7:f4:5c:e7:f9:62:db:6e:b0:b8:b8:61:
15:c3:57:92:50:e3:13:80:b2:b3:a9:6d:78:66:d9:
86:9e:2a:73:05:e7:f3:ca:8c:31:5a:0d:53:35:37:
22:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:97:C8:7B:97:AF:2B:38:3F:AA:61:9B:C2:9F:75:90:07:63:B1:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d:800::/37
Signature Algorithm: sha256WithRSAEncryption
a5:a7:40:94:ee:15:05:f8:2f:43:c1:3a:41:0e:32:6f:be:d1:
e1:95:79:85:00:86:e5:3a:c2:36:7d:7d:f3:b4:ed:00:81:c9:
21:4c:80:6d:74:37:ab:0f:84:22:0b:c5:32:1d:3e:2c:20:c8:
9d:6b:7a:be:18:90:15:a4:49:4e:20:23:4b:e5:4d:eb:6d:28:
28:71:8c:a1:b0:8a:a3:80:22:73:38:a1:77:c7:84:e7:ec:b5:
5c:a1:4c:1f:5a:58:d6:11:00:db:47:c0:ca:6f:e5:dc:94:81:
51:f5:64:21:44:c6:ad:10:f5:a3:83:a0:67:f6:64:91:f2:72:
c6:52:50:85:3b:5f:50:09:52:dc:82:e0:70:1f:15:f1:5a:8e:
45:e8:3f:90:dd:02:bc:f0:70:56:b2:33:de:0b:ac:16:49:22:
af:c2:cc:1f:9a:76:5a:9c:c9:17:1e:a2:57:0b:b6:65:51:f3:
85:c6:59:b7:d1:eb:74:1e:7a:e9:55:92:3f:ee:ba:4a:20:f7:
8a:34:0a:ef:00:ee:5b:9e:bd:8e:d3:1d:dd:78:0b:35:65:f6:
dd:2b:c0:3f:a0:83:5d:91:2c:77:ae:c5:48:c9:5c:3a:59:9f:
84:4b:c4:64:64:33:b5:c7:6d:08:3e:67:0a:f6:4a:c4:9c:61:
59:af:a0:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV5ym2824wuuV64pMqVRsTDEZ8dMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwMDRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0MDA0ZDllMzc3MTE3YmI0N2YwMjc0MTJmZjZlZTI4YWVhN2ZhZTBlOTE0
OTdhNzk2NjAzZDVmNmQ3ZjU2MmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMunNEQxRe+tomma8xZ14e0GS0QGEBuMRaiCiWJHf/8ok1F56/X/w+1e8pkB
LiBncKM9zkVX6RfSfyPbhioK9Aq4uyhhw9geoPv/qbBKWI1ebRdEtybUEsecf7us
J0ARZMvIu/T9S6y3S5Qk5Ml31KDgVKwlALrcNbyam7AxvGo+Bv4F8PMMxaV+PqHn
TWmE4yIwfXN0wuJiLOtGJ0IvSJUB7Ic/unvLmTnG9Tyjk+VrnPl0BB3GiTTiImNj
jTQxnXJXh6FiAyI1b+iwpigw9gZd+QvKx/Rc5/li226wuLhhFcNXklDjE4Cys6lt
eGbZhp4qcwXn88qMMVoNUzU3IlsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNl8h7
l68rOD+qYZvCn3WQB2Ox9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ0ODBiNmQtMjVmYy00ZjM3LWIxMjUtZjQ1Y2UyMzZmNGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0I
MA0GCSqGSIb3DQEBCwUAA4IBAQClp0CU7hUF+C9DwTpBDjJvvtHhlXmFAIblOsI2
fX3ztO0AgckhTIBtdDerD4QiC8UyHT4sIMida3q+GJAVpElOICNL5U3rbSgocYyh
sIqjgCJzOKF3x4Tn7LVcoUwfWljWEQDbR8DKb+XclIFR9WQhRMatEPWjg6Bn9mSR
8nLGUlCFO19QCVLcguBwHxXxWo5F6D+Q3QK88HBWsjPeC6wWSSKvwswfmnZanMkX
HqJXC7ZlUfOFxlm30et0HnrpVZI/7rpKIPeKNArvAO5bnr2O0x3deAs1ZfbdK8A/
oINdkSx3rsVIyVw6WZ+ES8RkZDO1x20IPmcK9krEnGFZr6CM
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:50 2026 by rpki-client