Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
File: 288fb7c1-6c49-475a-9dd0-2637b4e09492.roa (raw, json)
Hash identifier: E5EMx7oIkNs4AaRYrgZsUhlNYxXecXQp8KuAUd6T7Wk=
Subject key identifier: A6:C0:10:B8:81:A5:16:0D:F2:E2:3C:E1:28:EB:38:5C:1A:8A:F1:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B4604E30F305CC56F32DF0A19B6ACF55172ED63
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
Signing time: Tue 19 May 2026 05:00:38 +0000
ROA not before: Tue 19 May 2026 05:00:38 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:46:04:e3:0f:30:5c:c5:6f:32:df:0a:19:b6:ac:f5:51:72:ed:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:38 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=1b3eab0250bbe547f10461b5a84899d22243d7b1bdfa9d5245849d200c98b7fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:33:b1:d5:39:a8:92:55:0c:3a:35:c4:1a:02:
ba:24:7b:e8:04:ae:24:09:10:13:86:fb:f9:58:e3:
6b:03:20:d2:fd:df:61:1c:c2:d0:e2:d1:82:84:5e:
9d:9f:99:c8:31:69:cf:e2:88:4e:25:29:82:78:2b:
a7:2e:10:f8:31:72:61:eb:3e:ff:d0:7a:f0:6d:03:
3e:8e:c5:97:9e:26:ac:34:22:8c:d8:27:eb:3b:ca:
d1:03:2c:18:25:17:b4:cb:5a:3a:1a:78:58:ca:6b:
7c:19:1b:0e:5f:b2:49:b8:20:c1:08:32:36:8b:bc:
b9:d1:10:9c:2c:7c:be:fd:f5:7f:a6:75:db:c9:6b:
a0:ca:06:1f:0c:ea:2f:9c:bb:39:a9:f4:ad:11:51:
5b:8d:26:e9:3f:6f:fb:ca:bd:14:29:0d:19:0f:25:
17:75:3a:6f:3f:92:37:6c:6e:dd:7b:eb:6d:e6:59:
6b:75:60:5d:10:5a:d3:b7:77:da:e7:09:ab:76:1c:
eb:62:be:83:b4:ed:e9:c3:e9:19:4a:c4:91:20:00:
5f:6f:88:2e:5c:2c:36:7b:1e:1f:15:c3:ce:4f:42:
e3:0e:4d:ca:5e:ce:9c:2d:c1:b5:a3:56:95:07:e3:
ae:9c:68:0c:a2:a6:95:57:cb:f6:d3:ad:20:4b:63:
f3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C0:10:B8:81:A5:16:0D:F2:E2:3C:E1:28:EB:38:5C:1A:8A:F1:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:400::/38
Signature Algorithm: sha256WithRSAEncryption
87:ff:a8:77:c8:4d:1d:63:96:23:49:e2:d7:b2:31:83:48:e4:
9e:8c:b0:f8:e0:5a:aa:77:79:1f:19:11:c1:f1:f9:09:c5:b5:
88:b5:ec:79:e6:f3:55:77:b9:5f:06:37:77:65:2d:ff:33:60:
ca:d3:e5:55:cd:9d:9e:43:74:6d:67:0e:13:6a:60:8f:06:df:
36:e0:fd:44:23:d5:24:ba:f2:ed:5f:af:df:b5:ce:54:25:f4:
f0:7b:26:eb:b0:71:9d:d4:d5:8d:32:74:9b:bf:f8:73:d7:8a:
49:2b:cf:9b:7f:c5:2e:91:6d:5b:ea:6f:73:2f:e5:b0:85:45:
6f:ea:64:a2:8e:03:b4:04:f2:0d:12:5d:48:c9:51:cc:e1:8c:
53:67:27:bc:d8:9c:bb:0f:02:33:be:50:8e:75:e1:a2:02:c7:
7d:71:24:32:31:fb:2e:23:14:48:f3:e7:55:9f:54:e0:0b:23:
88:17:0a:36:d1:eb:b2:a6:12:19:e5:19:f3:0e:ce:4a:b7:3e:
4c:22:55:9f:0c:cb:32:e0:c3:98:9c:66:87:12:6a:48:ef:73:
79:d1:d5:df:61:a0:40:0e:88:9b:b1:9f:92:46:11:6a:2a:a2:
c6:43:c1:91:34:a8:12:12:06:82:85:8a:0e:6c:2b:0c:15:2f:
76:76:aa:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK0YE4w8wXMVvMt8KGbas9VFy7WMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMzhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiM2VhYjAyNTBiYmU1NDdmMTA0NjFiNWE4NDg5OWQyMjI0M2Q3YjFiZGZh
OWQ1MjQ1ODQ5ZDIwMGM5OGI3ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOMzsdU5qJJVDDo1xBoCuiR76ASuJAkQE4b7+VjjawMg0v3fYRzC0OLRgoRe
nZ+ZyDFpz+KITiUpgngrpy4Q+DFyYes+/9B68G0DPo7Fl54mrDQijNgn6zvK0QMs
GCUXtMtaOhp4WMprfBkbDl+ySbggwQgyNou8udEQnCx8vv31f6Z128lroMoGHwzq
L5y7Oan0rRFRW40m6T9v+8q9FCkNGQ8lF3U6bz+SN2xu3XvrbeZZa3VgXRBa07d3
2ucJq3Yc62K+g7Tt6cPpGUrEkSAAX2+ILlwsNnseHxXDzk9C4w5Nyl7OnC3BtaNW
lQfjrpxoDKKmlVfL9tOtIEtj828CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSmwBC4
gaUWDfLiPOEo6zhcGorxOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjg4ZmI3YzEtNmM0OS00NzVhLTlkZDAtMjYzN2I0ZTA5NDkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4E
MA0GCSqGSIb3DQEBCwUAA4IBAQCH/6h3yE0dY5YjSeLXsjGDSOSejLD44Fqqd3kf
GRHB8fkJxbWItex55vNVd7lfBjd3ZS3/M2DK0+VVzZ2eQ3RtZw4TamCPBt824P1E
I9UkuvLtX6/ftc5UJfTweybrsHGd1NWNMnSbv/hz14pJK8+bf8UukW1b6m9zL+Ww
hUVv6mSijgO0BPINEl1IyVHM4YxTZye82Jy7DwIzvlCOdeGiAsd9cSQyMfsuIxRI
8+dVn1TgCyOIFwo20euyphIZ5RnzDs5Ktz5MIlWfDMsy4MOYnGaHEmpI73N50dXf
YaBADoibsZ+SRhFqKqLGQ8GRNKgSEgaChYoObCsMFS92dqqW
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:46 2026 by rpki-client