Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23a17b0b-260d-4cf8-b258-4e17adae4eed.roa
File: 23a17b0b-260d-4cf8-b258-4e17adae4eed.roa (raw, json)
Hash identifier: 287AjEnb0KrPdd3ilvdef551PWMXQUFzH42zh8SG1u4=
Subject key identifier: C2:5E:CA:02:40:97:11:D3:38:7D:73:D9:01:B7:B3:AA:65:E6:F0:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F6A31ACA3B3A011177E7BE0A531E2C3EB6E4323
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23a17b0b-260d-4cf8-b258-4e17adae4eed.roa
Signing time: Fri 22 May 2026 16:01:53 +0000
ROA not before: Fri 22 May 2026 16:01:53 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:6a:31:ac:a3:b3:a0:11:17:7e:7b:e0:a5:31:e2:c3:eb:6e:43:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:01:53 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=a235c3bbea5bf05baff39796c12a4783f3b48733e750ac4cd1598033d7ef0b3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:32:f9:1b:43:86:98:1d:71:69:25:6b:e0:4e:
6c:00:9c:97:68:0d:64:12:c8:0b:5e:c0:7b:f0:3c:
0a:63:60:4c:1a:c9:65:b0:42:fb:57:3c:22:ff:5b:
8e:98:75:21:98:a7:61:a3:c4:04:ed:aa:14:07:76:
a7:11:13:8d:98:e0:e8:13:65:ee:89:a4:37:73:4e:
f7:dc:64:9e:46:ae:0f:97:43:06:ef:79:2b:60:0a:
c4:b7:8f:da:ce:51:a8:e3:c9:05:cc:61:2c:4a:c7:
a8:c8:ec:31:e7:d0:c3:78:c7:2f:fb:69:6d:58:62:
d6:ea:46:33:91:40:04:bd:17:a7:19:e0:ec:e7:18:
51:d4:97:ba:2d:0c:35:5e:5c:cd:54:b4:f2:75:d5:
a6:70:6a:f1:f4:d0:74:63:bf:bf:1e:57:c4:6b:03:
2f:e7:ea:50:92:80:42:ba:d3:fb:5b:9b:06:af:ef:
d6:c5:7b:86:09:8a:c1:27:4e:94:02:73:12:6d:bc:
7e:20:55:e7:5d:24:1e:ab:6e:14:e4:b7:3d:c6:71:
0f:9d:53:4a:85:64:a1:93:62:4d:3f:26:47:0a:34:
fb:98:1d:a0:fb:44:0d:fd:03:a8:9e:ee:ec:ff:b6:
22:30:f7:d2:b9:bd:ce:74:b8:f6:ff:09:72:75:7a:
0c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:5E:CA:02:40:97:11:D3:38:7D:73:D9:01:B7:B3:AA:65:E6:F0:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23a17b0b-260d-4cf8-b258-4e17adae4eed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a000::/40
Signature Algorithm: sha256WithRSAEncryption
92:ba:34:be:be:1f:71:75:ff:f5:2d:82:c6:76:ad:10:a1:31:
87:12:07:b9:14:c0:49:2f:15:e5:e4:a9:fe:d5:71:b1:8d:a5:
d0:7c:87:af:d0:5d:21:63:77:c7:94:a4:f2:16:74:fd:b1:89:
a1:5e:bd:24:62:b3:09:ca:4f:7a:b6:ca:c8:f5:d3:4d:88:44:
ae:a3:85:3d:7b:b0:36:47:23:ed:e7:56:6a:85:33:0b:6d:5d:
18:c6:11:d2:7b:7b:fe:65:11:aa:a3:2d:49:cd:b9:eb:4c:34:
85:cb:85:9e:45:04:7d:2a:1c:a7:81:f9:da:80:cb:f6:46:0e:
ac:9d:67:2c:99:12:2c:7a:5a:20:c2:d9:52:58:b1:0b:31:fd:
5c:1f:4d:1c:66:15:07:bd:bd:5d:0d:0b:8a:13:d3:9e:58:eb:
18:13:93:26:a9:a1:59:b1:f9:7b:cc:16:7b:5c:23:b7:bb:dd:
31:0e:64:5e:93:d7:ae:82:8c:66:95:a1:bb:16:d7:3f:8d:c7:
8a:d4:3b:22:96:30:ef:79:d6:cb:5f:0a:39:7d:b0:a9:9f:3e:
32:55:5d:48:d6:f6:e2:cf:6f:ad:50:a2:53:b5:d0:1d:5b:ea:
28:a7:19:b7:21:c8:7a:2e:c1:57:a1:4c:97:2e:e9:a1:d5:83:
af:73:25:78
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP2oxrKOzoBEXfnvgpTHiw+tuQyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAxNTNaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyMzVjM2JiZWE1YmYwNWJhZmYzOTc5NmMxMmE0NzgzZjNiNDg3MzNlNzUw
YWM0Y2QxNTk4MDMzZDdlZjBiM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOgy+RtDhpgdcWkla+BObACcl2gNZBLIC17Ae/A8CmNgTBrJZbBC+1c8Iv9b
jph1IZinYaPEBO2qFAd2pxETjZjg6BNl7omkN3NO99xknkauD5dDBu95K2AKxLeP
2s5RqOPJBcxhLErHqMjsMefQw3jHL/tpbVhi1upGM5FABL0Xpxng7OcYUdSXui0M
NV5czVS08nXVpnBq8fTQdGO/vx5XxGsDL+fqUJKAQrrT+1ubBq/v1sV7hgmKwSdO
lAJzEm28fiBV510kHqtuFOS3PcZxD51TSoVkoZNiTT8mRwo0+5gdoPtEDf0DqJ7u
7P+2IjD30rm9znS49v8JcnV6DO8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTCXsoC
QJcR0zh9c9kBt7OqZebwOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjNhMTdiMGItMjYwZC00Y2Y4LWIyNTgtNGUxN2FkYWU0ZWVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGg
MA0GCSqGSIb3DQEBCwUAA4IBAQCSujS+vh9xdf/1LYLGdq0QoTGHEge5FMBJLxXl
5Kn+1XGxjaXQfIev0F0hY3fHlKTyFnT9sYmhXr0kYrMJyk96tsrI9dNNiESuo4U9
e7A2RyPt51ZqhTMLbV0YxhHSe3v+ZRGqoy1JzbnrTDSFy4WeRQR9KhyngfnagMv2
Rg6snWcsmRIselogwtlSWLELMf1cH00cZhUHvb1dDQuKE9OeWOsYE5MmqaFZsfl7
zBZ7XCO3u90xDmRek9eugoxmlaG7Ftc/jceK1DsiljDvedbLXwo5fbCpnz4yVV1I
1vbiz2+tUKJTtdAdW+oopxm3Ich6LsFXoUyXLumh1YOvcyV4
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:03:17 2026 by rpki-client