Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
File: 33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa (raw, json)
Hash identifier: aMEKNb17TtZ60puspgtzbxiSHl1PeIqNxgKJtoNQgPU=
Subject key identifier: 0B:5E:58:43:17:96:EE:3A:F7:4D:68:CC:8A:23:83:92:0F:D9:17:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F05FDC9D29D2C2A019C5CEE5E35CB919A747106
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
Signing time: Tue 19 May 2026 05:10:39 +0000
ROA not before: Tue 19 May 2026 05:10:39 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:05:fd:c9:d2:9d:2c:2a:01:9c:5c:ee:5e:35:cb:91:9a:74:71:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:39 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=0e0d72cd6fabc78e5e2762a83025f813100e1a48c1d9c9af1df3a7fc43e99332, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:00:cd:18:12:ef:2c:bd:e7:34:2e:8b:02:07:
18:71:9a:fa:02:2d:9e:38:9c:5f:b9:96:65:08:8c:
5a:17:06:89:fb:33:fb:b3:b6:21:ed:d3:c6:26:60:
41:55:41:94:d8:dd:4d:87:33:80:4f:be:a9:af:0e:
29:6c:f3:b3:66:cb:be:e5:7b:65:33:7e:37:a4:de:
74:1c:bc:53:32:04:60:26:4f:31:bc:2c:12:7b:8a:
6b:1f:ff:97:99:0d:ca:c7:cc:16:23:54:6f:a1:04:
fa:7f:e1:56:4e:69:90:7c:81:95:8d:79:ce:90:99:
9f:d8:3a:02:85:d5:c8:69:fe:6a:e1:7e:d4:f5:36:
50:ad:60:ed:a7:d3:bc:9d:c0:4b:90:af:1b:2e:d0:
62:9a:a0:ce:97:53:4e:68:b5:4f:f1:b0:96:52:ef:
d3:33:52:69:b6:68:34:b6:bf:92:c3:8a:58:8a:8a:
dd:52:ef:1e:b5:4f:fa:6e:c3:61:7f:0a:9e:58:39:
9f:52:97:b5:bc:95:02:5a:d0:b9:16:a8:af:f1:78:
ea:9c:66:5f:f6:b8:f5:c0:c8:00:ec:f0:69:04:31:
fd:87:cd:68:66:f6:9f:64:9c:af:cb:f9:6e:57:af:
c8:30:a0:46:29:2b:3e:bc:ed:01:1f:20:29:22:8d:
cc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:5E:58:43:17:96:EE:3A:F7:4D:68:CC:8A:23:83:92:0F:D9:17:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:6000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:8d:d4:ad:71:c4:44:bf:80:04:68:e8:4f:a8:7d:cc:c7:90:
3e:4f:b8:51:1f:9a:62:fa:42:7f:14:a4:27:1a:51:d1:99:fc:
0f:09:c6:be:5d:e7:48:35:95:bd:9a:27:28:b2:17:17:8f:85:
2c:39:dd:46:e1:ef:07:55:6f:3f:8e:c0:71:13:a0:89:68:f1:
6f:68:9c:37:1b:bd:53:b7:33:88:6c:a6:49:c2:4c:32:db:8c:
fc:c4:8f:03:ef:80:34:fc:70:e5:38:7c:98:51:87:21:f0:77:
36:e6:75:bd:35:78:8c:3e:f4:ba:e7:3b:5f:ac:58:7c:ea:d5:
4b:7b:f4:62:cf:a8:fb:38:82:97:50:21:1c:6d:6b:c2:77:fc:
43:2c:e1:cb:c2:1c:23:cf:f0:a7:f5:70:03:0c:17:41:f1:07:
f8:ec:d9:91:e4:1f:46:d9:d7:e2:72:e6:16:e6:a3:97:3c:e6:
4e:93:ef:19:c2:9a:cc:fc:8e:c8:75:8a:bc:95:1d:61:d1:b2:
d0:42:46:b1:1d:50:70:69:98:84:3b:24:c0:dd:67:81:b4:15:
31:38:40:01:b0:42:5d:86:e9:7f:c0:b5:0a:bb:3e:6e:75:81:
ef:4c:bc:e2:53:de:38:13:42:ca:52:48:a4:b3:6a:e4:15:d1:
c9:a4:cc:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHwX9ydKdLCoBnFzuXjXLkZp0cQYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMzlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlMGQ3MmNkNmZhYmM3OGU1ZTI3NjJhODMwMjVmODEzMTAwZTFhNDhjMWQ5
YzlhZjFkZjNhN2ZjNDNlOTkzMzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYAzRgS7yy95zQuiwIHGHGa+gItnjicX7mWZQiMWhcGifsz+7O2Ie3TxiZg
QVVBlNjdTYczgE++qa8OKWzzs2bLvuV7ZTN+N6TedBy8UzIEYCZPMbwsEnuKax//
l5kNysfMFiNUb6EE+n/hVk5pkHyBlY15zpCZn9g6AoXVyGn+auF+1PU2UK1g7afT
vJ3AS5CvGy7QYpqgzpdTTmi1T/GwllLv0zNSabZoNLa/ksOKWIqK3VLvHrVP+m7D
YX8Knlg5n1KXtbyVAlrQuRaor/F46pxmX/a49cDIAOzwaQQx/YfNaGb2n2Scr8v5
blevyDCgRikrPrztAR8gKSKNzPkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLXlhD
F5buOvdNaMyKI4OSD9kXkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzNmNDQyZTEtNzY2ZS00NjFkLWEzYjktMmIwZmQwMWIwOGNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hhg
MA0GCSqGSIb3DQEBCwUAA4IBAQAKjdStccREv4AEaOhPqH3Mx5A+T7hRH5pi+kJ/
FKQnGlHRmfwPCca+XedINZW9micoshcXj4UsOd1G4e8HVW8/jsBxE6CJaPFvaJw3
G71TtzOIbKZJwkwy24z8xI8D74A0/HDlOHyYUYch8Hc25nW9NXiMPvS65ztfrFh8
6tVLe/Riz6j7OIKXUCEcbWvCd/xDLOHLwhwjz/Cn9XADDBdB8Qf47NmR5B9G2dfi
cuYW5qOXPOZOk+8ZwprM/I7IdYq8lR1h0bLQQkaxHVBwaZiEOyTA3WeBtBUxOEAB
sEJdhul/wLUKuz5udYHvTLziU944E0LKUkiks2rkFdHJpMzV
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:07 2026 by rpki-client