Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
File: 2f449809-abd8-4202-adc3-ce8dd1767b62.roa (raw, json)
Hash identifier: Nyly5PZqZZ5iwGc2czJjc7ojmypek/sP2HceQQ+cWSY=
Subject key identifier: 8A:35:E5:6A:D6:38:A2:28:53:F9:95:56:B6:5D:BF:ED:DD:47:7B:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4238C5809379E6E75834B24F2964EBB776FCD923
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
Signing time: Tue 19 May 2026 04:30:29 +0000
ROA not before: Tue 19 May 2026 04:30:29 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:38:c5:80:93:79:e6:e7:58:34:b2:4f:29:64:eb:b7:76:fc:d9:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:29 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=100bc51ef3d740835a75dfe2a4bcda0779acda1d8801b9f7df5c8f46c53e446a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:07:63:56:af:33:84:fd:fd:57:a8:00:dd:4e:
45:6b:1f:ac:c0:a8:b0:08:7b:2d:29:de:26:2a:54:
67:1d:37:bd:56:e9:84:90:09:48:35:57:ac:0b:f8:
43:1d:5b:fb:f7:76:3f:df:97:35:83:93:6b:bb:f2:
39:6f:72:2c:4b:98:37:df:62:1d:2c:9f:d8:0a:0d:
81:29:29:05:d4:fd:4a:22:9c:63:a7:51:02:79:cc:
a9:83:3e:ba:08:c8:55:cf:47:6c:a3:ad:03:01:80:
11:23:02:83:4c:2a:18:01:80:23:49:c9:f3:cf:cd:
bd:0b:9a:3a:f9:95:7a:cf:dc:79:ee:02:d6:93:7d:
4e:9e:a4:4d:71:e0:cc:9a:82:58:3c:0f:f3:55:35:
d2:d9:3c:8c:b0:c0:58:d5:9a:34:2e:dc:0a:09:ed:
7f:6a:c9:74:4e:cd:d2:3e:57:e5:1d:9e:48:18:e1:
76:d6:9e:28:f0:71:2f:b3:09:dd:99:29:fd:d5:98:
0a:6b:b9:7b:3e:0c:0d:55:df:49:bd:32:a3:96:4f:
a3:b9:94:21:6c:df:59:52:b7:51:83:df:9f:0b:f5:
d3:71:da:73:4e:aa:c4:48:94:b7:b2:93:e2:37:ab:
6b:9c:8b:a3:21:49:7f:bb:00:50:2c:99:e1:3a:ba:
10:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:35:E5:6A:D6:38:A2:28:53:F9:95:56:B6:5D:BF:ED:DD:47:7B:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:5000::/40
Signature Algorithm: sha256WithRSAEncryption
19:42:0c:d9:32:2f:21:5e:8e:32:f7:4b:11:23:79:95:9f:f6:
72:dd:b2:5c:cf:49:a3:69:b7:23:5d:9e:fd:58:8d:20:48:50:
ab:fd:fe:a5:19:55:ed:33:ce:cf:84:6a:66:68:2e:da:15:0b:
3c:dd:8e:79:ed:44:6f:ed:c9:35:4c:8a:a7:9e:f5:92:9b:91:
57:3e:1b:1e:5e:60:8f:76:71:c3:eb:68:64:fc:cf:7e:b5:e2:
33:94:58:c9:9e:8b:da:ea:ec:7b:d8:66:5f:51:51:a2:64:53:
73:77:2b:cb:57:74:75:56:a3:a2:4f:de:36:80:d0:a2:27:c8:
aa:63:df:86:8e:61:93:70:88:4b:ed:91:b6:38:93:ef:7c:ad:
ae:97:40:cb:c4:32:90:d5:f6:fc:87:6e:c9:8a:f5:be:2d:70:
3a:33:f7:a3:81:4e:6e:77:fc:48:28:44:73:68:ac:31:81:81:
87:73:c9:6f:16:9a:1e:90:e0:32:e3:e7:cd:61:e5:14:68:38:
fe:72:e7:df:64:7e:62:f9:be:0a:c6:90:b6:40:73:5d:04:6e:
bc:e5:47:b1:1b:86:e7:d6:a2:cb:b4:28:6a:d5:ac:cd:9a:47:
1c:c7:91:af:03:f5:18:5a:b2:3d:06:1e:1c:bd:c9:c4:c9:cf:
b3:a5:3c:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQjjFgJN55udYNLJPKWTrt3b82SMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMjlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwMGJjNTFlZjNkNzQwODM1YTc1ZGZlMmE0YmNkYTA3NzlhY2RhMWQ4ODAx
YjlmN2RmNWM4ZjQ2YzUzZTQ0NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcHY1avM4T9/VeoAN1ORWsfrMCosAh7LSneJipUZx03vVbphJAJSDVXrAv4
Qx1b+/d2P9+XNYOTa7vyOW9yLEuYN99iHSyf2AoNgSkpBdT9SiKcY6dRAnnMqYM+
ugjIVc9HbKOtAwGAESMCg0wqGAGAI0nJ88/NvQuaOvmVes/cee4C1pN9Tp6kTXHg
zJqCWDwP81U10tk8jLDAWNWaNC7cCgntf2rJdE7N0j5X5R2eSBjhdtaeKPBxL7MJ
3Zkp/dWYCmu5ez4MDVXfSb0yo5ZPo7mUIWzfWVK3UYPfnwv103Hac06qxEiUt7KT
4jera5yLoyFJf7sAUCyZ4Tq6EJkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSKNeVq
1jiiKFP5lVa2Xb/t3Ud7qTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmY0NDk4MDktYWJkOC00MjAyLWFkYzMtY2U4ZGQxNzY3YjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAZQgzZMi8hXo4y90sRI3mVn/Zy3bJcz0mjabcj
XZ79WI0gSFCr/f6lGVXtM87PhGpmaC7aFQs83Y557URv7ck1TIqnnvWSm5FXPhse
XmCPdnHD62hk/M9+teIzlFjJnova6ux72GZfUVGiZFNzdyvLV3R1VqOiT942gNCi
J8iqY9+GjmGTcIhL7ZG2OJPvfK2ul0DLxDKQ1fb8h27JivW+LXA6M/ejgU5ud/xI
KERzaKwxgYGHc8lvFpoekOAy4+fNYeUUaDj+cuffZH5i+b4KxpC2QHNdBG685Uex
G4bn1qLLtChq1azNmkccx5GvA/UYWrI9Bh4cvcnEyc+zpTxU
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:43:00 2026 by rpki-client