Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
File: 24b496aa-161c-4d5d-a9ca-3ba09772390a.roa (raw, json)
Hash identifier: uYVsXevnoTlQ4x2guS2sqabFUKWnuQr/Hoko9aW0FEo=
Subject key identifier: F9:10:69:0A:26:F0:45:58:E1:D3:81:79:36:AE:1C:51:FE:2C:0E:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 574FCE84770499753BC2BDB4C3B6101DCD57845D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
Signing time: Tue 19 May 2026 05:31:00 +0000
ROA not before: Tue 19 May 2026 05:31:00 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:4f:ce:84:77:04:99:75:3b:c2:bd:b4:c3:b6:10:1d:cd:57:84:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:00 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=cdd44760a7e8126b9b95e380b4b397686d207f298ed60dfdfabb6ee75a434cc8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:08:e8:70:d7:14:05:b4:c2:ca:1b:b1:6d:3c:
3b:49:66:7c:be:2f:d6:3e:c4:58:ab:c1:b2:71:5d:
03:b1:67:33:9c:96:0b:1a:26:aa:88:74:de:07:dc:
44:eb:4c:10:54:64:48:75:e2:8d:d0:ee:3d:65:fc:
91:80:3e:25:aa:7f:93:a3:41:42:78:d4:da:3e:38:
91:06:c5:c8:cf:2e:77:6e:56:e1:57:a8:f6:fc:e9:
fa:27:ea:6f:f4:46:59:4d:f1:a1:37:e9:45:c0:e6:
1c:3f:86:08:0e:dd:ab:58:df:55:d9:a7:a0:8b:f6:
34:7f:39:64:ed:04:c3:59:c1:a7:ee:2e:98:7b:97:
77:3d:cd:5e:ce:77:a4:f6:c5:9b:a5:9b:d4:96:0f:
bf:95:4c:49:f9:95:80:07:64:6a:3e:a6:99:a0:de:
35:d3:c1:9c:60:b3:52:fa:66:45:06:23:2d:53:f1:
5f:d3:38:ff:46:86:f8:50:ab:57:4e:ea:cc:38:3f:
51:80:a7:5c:76:ca:15:0d:45:80:7e:b3:43:8f:42:
bf:73:e7:69:7c:ff:ae:a7:88:61:03:c0:98:35:ec:
99:20:51:23:36:cf:02:8c:de:3f:ba:76:e6:4f:d4:
45:92:92:a4:ac:8d:cb:22:55:bc:f6:e1:ae:f7:a2:
81:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:10:69:0A:26:F0:45:58:E1:D3:81:79:36:AE:1C:51:FE:2C:0E:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:6000::/40
Signature Algorithm: sha256WithRSAEncryption
4c:76:5d:4c:78:57:8c:8d:1d:fc:62:2a:0a:19:0a:7e:c7:bd:
73:2d:f5:bc:09:2f:3b:dc:15:95:0d:c7:8b:e0:59:d5:a2:fd:
b1:36:52:1b:c5:82:bb:c3:ea:ec:cc:d3:77:36:2f:4f:43:8b:
96:85:dc:d2:8e:e8:47:67:d9:42:92:3f:b3:c1:aa:a7:42:fe:
c0:aa:b5:d8:ef:05:ff:1b:7b:ef:21:71:fe:f0:2c:94:2c:fb:
39:17:fd:7d:6d:69:1a:7e:bf:16:d0:47:05:dc:91:20:e3:e8:
ac:b6:12:69:6b:f6:8f:b9:d4:b5:18:a2:8e:7c:77:fa:47:fd:
e7:a7:5a:30:1a:37:37:29:6c:d0:60:1f:11:97:46:69:75:df:
17:6b:f6:45:43:46:79:98:35:72:ca:fb:8d:5b:28:d6:55:15:
f4:3a:6b:8a:64:81:9a:41:f0:fd:5c:5f:c1:a4:e5:d9:80:ac:
98:b1:01:78:83:d0:97:1e:03:aa:20:00:23:cf:e5:b8:95:6f:
16:52:29:a5:59:b3:0a:b2:9c:8f:cd:78:95:9c:dc:d9:94:68:
d1:7d:80:db:c8:64:b1:e4:51:43:40:cc:82:b3:49:16:c8:07:
9b:eb:96:4e:41:04:ae:47:c5:46:63:e4:80:fa:71:57:67:14:
80:66:7b:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV0/OhHcEmXU7wr20w7YQHc1XhF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkZDQ0NzYwYTdlODEyNmI5Yjk1ZTM4MGI0YjM5NzY4NmQyMDdmMjk4ZWQ2
MGRmZGZhYmI2ZWU3NWE0MzRjYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYI6HDXFAW0wsobsW08O0lmfL4v1j7EWKvBsnFdA7FnM5yWCxomqoh03gfc
ROtMEFRkSHXijdDuPWX8kYA+Jap/k6NBQnjU2j44kQbFyM8ud25W4Veo9vzp+ifq
b/RGWU3xoTfpRcDmHD+GCA7dq1jfVdmnoIv2NH85ZO0Ew1nBp+4umHuXdz3NXs53
pPbFm6Wb1JYPv5VMSfmVgAdkaj6mmaDeNdPBnGCzUvpmRQYjLVPxX9M4/0aG+FCr
V07qzDg/UYCnXHbKFQ1FgH6zQ49Cv3PnaXz/rqeIYQPAmDXsmSBRIzbPAozeP7p2
5k/URZKSpKyNyyJVvPbhrveige8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5EGkK
JvBFWOHTgXk2rhxR/iwO0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjRiNDk2YWEtMTYxYy00ZDVkLWE5Y2EtM2JhMDk3NzIzOTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZg
MA0GCSqGSIb3DQEBCwUAA4IBAQBMdl1MeFeMjR38YioKGQp+x71zLfW8CS873BWV
DceL4FnVov2xNlIbxYK7w+rszNN3Ni9PQ4uWhdzSjuhHZ9lCkj+zwaqnQv7AqrXY
7wX/G3vvIXH+8CyULPs5F/19bWkafr8W0EcF3JEg4+isthJpa/aPudS1GKKOfHf6
R/3np1owGjc3KWzQYB8Rl0Zpdd8Xa/ZFQ0Z5mDVyyvuNWyjWVRX0OmuKZIGaQfD9
XF/BpOXZgKyYsQF4g9CXHgOqIAAjz+W4lW8WUimlWbMKspyPzXiVnNzZlGjRfYDb
yGSx5FFDQMyCs0kWyAeb65ZOQQSuR8VGY+SA+nFXZxSAZntC
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:42:54 2026 by rpki-client