Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
File: 301d1d15-dd00-41e7-9f44-49159e46a51a.roa (raw, json)
Hash identifier: kwW9wBw4Aro68ocvl1RQJXwglzYEmOzZrSc20RP3qbA=
Subject key identifier: B6:98:04:DF:A6:06:93:AE:74:9D:35:A1:6E:AF:96:AE:F7:60:43:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41D1651FEA71A3CA88A5BFFB6A33B30FCC52ED32
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
Signing time: Tue 19 May 2026 05:00:40 +0000
ROA not before: Tue 19 May 2026 05:00:40 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:d1:65:1f:ea:71:a3:ca:88:a5:bf:fb:6a:33:b3:0f:cc:52:ed:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:40 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=91bbd4e5c27b1ebc5d7d300291f692d90c11d19471f3d2e3c9a042689ba43b8d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8e:be:1a:9b:8e:01:74:f1:3b:6f:56:43:6a:
d4:23:74:73:0a:fc:e5:e5:51:f1:e8:c7:72:28:34:
34:76:19:c1:49:ea:54:54:1d:f2:6d:da:3e:37:d1:
ef:64:0b:4a:e6:42:f9:73:5f:d1:63:4f:6d:0b:7c:
b4:48:b9:0b:f5:03:76:1b:d1:d8:d9:fe:60:54:0d:
9f:b7:6b:80:cc:ca:e6:6d:28:dc:59:b6:0f:d4:51:
cd:06:aa:2f:c9:ab:59:5c:cc:f6:70:5e:98:5a:a8:
93:60:c2:88:de:76:81:5c:90:22:2f:5d:59:56:5d:
74:c8:da:66:30:30:d2:10:00:cc:be:6c:92:b0:de:
7b:f0:ec:2b:fc:91:2b:68:d5:2a:43:ab:26:e6:bb:
b3:7f:62:fa:12:d1:fd:b6:7f:34:39:d8:37:70:c4:
5a:b5:ba:72:ee:e0:ef:c2:75:02:80:0f:00:3d:ae:
35:01:9a:1e:ef:04:0e:b2:d6:e6:12:8d:a7:ff:27:
1f:d2:27:80:d8:78:74:d6:d3:14:4a:99:a6:3d:44:
86:8a:9e:e8:9d:b8:fc:b8:7b:dd:71:0b:f2:8c:ef:
67:e4:3d:d4:13:69:46:16:92:de:5d:b5:e4:74:e0:
99:cf:28:0c:c7:9f:0c:38:83:68:d0:2d:a3:9c:ff:
dd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:98:04:DF:A6:06:93:AE:74:9D:35:A1:6E:AF:96:AE:F7:60:43:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8040::/48
Signature Algorithm: sha256WithRSAEncryption
8b:ee:6d:ab:ec:63:64:f3:43:98:32:cf:16:3e:57:2d:0e:3c:
5e:96:04:82:3d:82:db:c7:24:cc:9c:08:2e:77:0d:5c:3a:e6:
40:50:ee:64:80:71:29:a0:0c:34:2e:ff:c6:20:80:af:83:58:
79:b2:81:90:be:92:f1:c2:98:ae:e6:de:90:4e:1a:04:1c:d7:
e8:91:fe:38:8a:65:ff:42:b0:d7:91:8c:b8:b9:56:03:78:26:
38:9b:79:c5:c7:7d:c0:99:a2:3b:00:de:ad:09:b3:1d:c6:ea:
6c:c2:f0:84:fd:55:e9:68:01:d2:75:90:85:dd:8c:23:00:f2:
86:cf:73:71:88:cb:77:3b:0d:07:de:fb:7a:08:42:13:36:b6:
d1:f2:03:e3:9e:3a:71:95:5b:7a:3b:86:7f:12:55:81:ef:6d:
18:e3:4d:bd:ea:9b:0f:4f:c1:0d:5e:6b:1d:74:9b:3c:c6:09:
80:8c:94:17:dc:9d:10:cc:63:d9:7b:8a:ee:e2:be:4f:91:63:
d4:43:2d:4a:c3:8f:23:95:c3:da:45:3b:17:13:40:ea:02:ed:
3d:cd:e5:5c:f9:1e:a6:4d:ea:cd:70:d2:92:ba:1b:02:86:0f:
9f:fa:a3:e7:53:28:ea:21:dd:42:8c:b1:bc:a6:97:7a:98:bc:
20:d9:50:07
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQdFlH+pxo8qIpb/7ajOzD8xS7TIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxYmJkNGU1YzI3YjFlYmM1ZDdkMzAwMjkxZjY5MmQ5MGMxMWQxOTQ3MWYz
ZDJlM2M5YTA0MjY4OWJhNDNiOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2OvhqbjgF08TtvVkNq1CN0cwr85eVR8ejHcig0NHYZwUnqVFQd8m3aPjfR
72QLSuZC+XNf0WNPbQt8tEi5C/UDdhvR2Nn+YFQNn7drgMzK5m0o3Fm2D9RRzQaq
L8mrWVzM9nBemFqok2DCiN52gVyQIi9dWVZddMjaZjAw0hAAzL5skrDee/DsK/yR
K2jVKkOrJua7s39i+hLR/bZ/NDnYN3DEWrW6cu7g78J1AoAPAD2uNQGaHu8EDrLW
5hKNp/8nH9IngNh4dNbTFEqZpj1Ehoqe6J24/Lh73XEL8ozvZ+Q91BNpRhaS3l21
5HTgmc8oDMefDDiDaNAto5z/3cUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS2mATf
pgaTrnSdNaFur5au92BD7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzAxZDFkMTUtZGQwMC00MWU3LTlmNDQtNDkxNTllNDZhNTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
QDANBgkqhkiG9w0BAQsFAAOCAQEAi+5tq+xjZPNDmDLPFj5XLQ48XpYEgj2C28ck
zJwILncNXDrmQFDuZIBxKaAMNC7/xiCAr4NYebKBkL6S8cKYrubekE4aBBzX6JH+
OIpl/0Kw15GMuLlWA3gmOJt5xcd9wJmiOwDerQmzHcbqbMLwhP1V6WgB0nWQhd2M
IwDyhs9zcYjLdzsNB977eghCEza20fID4546cZVbejuGfxJVge9tGONNveqbD0/B
DV5rHXSbPMYJgIyUF9ydEMxj2XuK7uK+T5Fj1EMtSsOPI5XD2kU7FxNA6gLtPc3l
XPkepk3qzXDSkrobAoYPn/qj51Mo6iHdQoyxvKaXepi8INlQBw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:56 2026 by rpki-client