Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/317c0616-b89e-4a04-85d0-e35bf74803ae.roa
File: 317c0616-b89e-4a04-85d0-e35bf74803ae.roa (raw, json)
Hash identifier: Bk0x813OPrHzy2GXjAa3UUtjq9c44X6HN/v9mHQr+hU=
Subject key identifier: 29:B5:2D:72:55:34:71:D3:EF:C0:88:90:A8:82:31:67:39:CB:53:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D8A3A03276CE58E537F53E795F8CE7B634506F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/317c0616-b89e-4a04-85d0-e35bf74803ae.roa
Signing time: Fri 22 May 2026 16:03:27 +0000
ROA not before: Fri 22 May 2026 16:03:27 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:8a:3a:03:27:6c:e5:8e:53:7f:53:e7:95:f8:ce:7b:63:45:06:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:03:27 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=671ccab5c3d5d7126ab2ecac987bc3079dcbd2790d13968c88d1a2a48dbf54b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b7:f9:b5:c5:79:89:6c:aa:da:36:ab:fb:b0:
8a:a6:92:5c:29:ce:b0:6f:47:fc:8c:82:fe:b7:32:
03:28:02:d0:b7:64:2f:f8:c4:a7:ff:43:ad:4c:3c:
42:c0:ca:e2:98:b2:80:3f:d5:82:46:11:b9:ca:f6:
bd:6c:17:93:ea:8d:28:ff:80:a9:24:91:f2:39:44:
04:8d:85:ad:3a:bb:19:92:d7:d2:8b:d3:0d:fa:cf:
9b:01:82:10:4f:f6:ab:d2:2e:7c:af:cd:15:69:c1:
82:87:58:69:34:96:98:59:97:af:8a:89:ba:b0:16:
4c:9e:d8:a0:4a:54:16:9f:ee:71:47:cd:a4:57:e6:
a6:ef:1b:56:a4:ec:30:2f:72:0f:c7:c8:6b:1b:36:
d3:b5:38:9d:b8:af:89:aa:36:cd:d4:2b:63:44:e1:
28:d9:17:3f:35:06:40:27:56:f2:21:2f:c2:2e:ad:
11:1e:39:a7:7c:aa:ee:a6:b3:b0:1a:62:a1:15:ea:
1a:82:30:4f:f5:f3:cc:e4:da:10:ec:ea:5b:bb:a3:
c6:d1:9b:ff:0f:3b:f5:d3:6b:53:b7:66:c1:fe:b8:
4a:66:86:bb:cc:b5:e2:92:be:0a:e2:d9:4e:fb:e3:
fa:43:9f:b4:08:ab:f9:b4:42:bc:78:db:c0:35:5b:
a2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B5:2D:72:55:34:71:D3:EF:C0:88:90:A8:82:31:67:39:CB:53:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/317c0616-b89e-4a04-85d0-e35bf74803ae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:2040::/48
Signature Algorithm: sha256WithRSAEncryption
b4:45:5f:e6:f8:2f:76:f3:70:18:83:c5:ca:e6:da:81:a3:63:
3b:e6:61:ee:54:0b:75:e1:49:57:14:b4:16:d5:2f:57:9f:72:
4c:03:9f:36:9e:dd:c9:f4:40:04:42:99:42:69:2a:22:2a:9f:
2d:c9:50:d4:5c:e7:d1:07:7e:59:11:70:0e:46:58:53:58:fc:
7d:57:eb:52:62:5a:a9:88:6a:b2:2e:d8:76:99:b3:ed:75:18:
3a:b8:0f:85:13:9f:00:8e:aa:fb:56:11:49:eb:4a:c9:d0:59:
c1:72:b9:1a:d8:94:50:2b:9e:b7:fb:fa:0b:2e:7a:16:1d:cb:
00:8e:50:a7:e9:69:6a:d4:a0:d0:28:e5:33:1e:d5:6f:ee:20:
bb:dc:93:ba:46:1f:b9:bb:b2:4c:f5:77:8f:14:da:63:2c:5c:
ac:49:75:78:83:31:68:54:06:ad:f2:0c:e3:64:20:96:7c:04:
01:39:b5:32:89:31:b9:d7:da:5b:34:7a:77:95:fd:79:14:21:
ac:a9:fd:06:a8:f9:c3:c0:75:42:69:ca:5e:54:66:a5:e7:1a:
25:83:26:37:34:84:ab:d6:e5:c1:40:f5:e6:f5:18:89:dd:8a:
bb:85:18:1d:df:56:7f:f0:f5:88:dc:a3:57:68:2a:ec:33:65:
85:6d:01:e3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTYo6Ayds5Y5Tf1PnlfjOe2NFBvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAzMjdaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3MWNjYWI1YzNkNWQ3MTI2YWIyZWNhYzk4N2JjMzA3OWRjYmQyNzkwZDEz
OTY4Yzg4ZDFhMmE0OGRiZjU0YjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIi3+bXFeYlsqto2q/uwiqaSXCnOsG9H/IyC/rcyAygC0LdkL/jEp/9DrUw8
QsDK4piygD/VgkYRucr2vWwXk+qNKP+AqSSR8jlEBI2FrTq7GZLX0ovTDfrPmwGC
EE/2q9IufK/NFWnBgodYaTSWmFmXr4qJurAWTJ7YoEpUFp/ucUfNpFfmpu8bVqTs
MC9yD8fIaxs207U4nbiviao2zdQrY0ThKNkXPzUGQCdW8iEvwi6tER45p3yq7qaz
sBpioRXqGoIwT/XzzOTaEOzqW7ujxtGb/w879dNrU7dmwf64SmaGu8y14pK+CuLZ
Tvvj+kOftAir+bRCvHjbwDVbogsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQptS1y
VTRx0+/AiJCogjFnOctTBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzE3YzA2MTYtYjg5ZS00YTA0LTg1ZDAtZTM1YmY3NDgwM2FlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Ggg
QDANBgkqhkiG9w0BAQsFAAOCAQEAtEVf5vgvdvNwGIPFyubagaNjO+Zh7lQLdeFJ
VxS0FtUvV59yTAOfNp7dyfRABEKZQmkqIiqfLclQ1Fzn0Qd+WRFwDkZYU1j8fVfr
UmJaqYhqsi7Ydpmz7XUYOrgPhROfAI6q+1YRSetKydBZwXK5GtiUUCuet/v6Cy56
Fh3LAI5Qp+lpatSg0CjlMx7Vb+4gu9yTukYfubuyTPV3jxTaYyxcrEl1eIMxaFQG
rfIM42QglnwEATm1MokxudfaWzR6d5X9eRQhrKn9Bqj5w8B1QmnKXlRmpecaJYMm
NzSEq9blwUD15vUYid2Ku4UYHd9Wf/D1iNyjV2gq7DNlhW0B4w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:03:23 2026 by rpki-client