Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
File: 35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa (raw, json)
Hash identifier: +6aUes6ntm2enRQu7WR8JiT0W1XIhTgNHgpRNxJONiY=
Subject key identifier: 47:E5:14:46:59:FE:E1:83:17:D0:30:42:19:13:D5:C9:C8:6F:3D:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 195A19E1B92541D424B9A074F139A9F6E817477D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
Signing time: Tue 19 May 2026 05:10:57 +0000
ROA not before: Tue 19 May 2026 05:10:57 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:5a:19:e1:b9:25:41:d4:24:b9:a0:74:f1:39:a9:f6:e8:17:47:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:57 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=ee48a739d8eaa3a51b059adb55b5895a7af245a2342c5abc75d03bf70a6ddbf0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f3:40:37:41:4e:f9:02:e3:27:ec:fc:e2:b3:
0a:a2:90:f0:0e:f7:b6:a9:25:ba:a7:5f:7c:ab:d2:
7e:70:2e:38:6e:14:f1:73:06:fe:4e:cd:4c:bb:f6:
dc:b1:b4:c7:71:c9:19:68:e4:cd:b3:83:d1:ea:ef:
86:dd:38:d2:c1:da:8f:f5:85:a9:d9:b7:12:ce:eb:
e6:f7:7d:4f:14:59:81:b3:4a:8b:51:48:ee:79:1b:
56:90:e7:ef:97:5b:46:dc:8c:59:d7:5b:06:22:1a:
9b:b5:35:27:c1:1f:9a:e0:57:44:f3:f9:d9:aa:3e:
d8:43:b0:f5:af:7b:44:d7:75:10:b5:6c:8c:71:ec:
8e:d1:73:22:05:da:48:ba:4c:43:59:52:e0:da:9c:
50:bb:39:a2:3b:f5:b7:56:e5:45:c7:7a:b1:92:84:
40:85:8e:99:57:33:08:9c:ce:36:65:56:bd:07:54:
63:53:4f:19:31:b0:3e:56:1a:d7:2a:ec:a1:2b:8e:
99:cd:d9:9a:64:03:90:bc:77:f5:6d:69:3a:7b:e0:
31:59:7f:9f:58:46:4a:11:8a:94:18:7e:ee:bd:ac:
7b:a8:f9:01:81:2a:81:85:0d:fa:06:83:d4:72:29:
65:0d:60:eb:12:1a:00:c3:14:f8:8c:90:b4:45:0d:
f8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E5:14:46:59:FE:E1:83:17:D0:30:42:19:13:D5:C9:C8:6F:3D:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/38
Signature Algorithm: sha256WithRSAEncryption
87:bd:a4:71:b2:44:eb:d5:bc:98:f9:43:58:ba:bd:9d:f0:6d:
02:7c:ed:cd:f0:df:f4:51:27:c7:6d:b3:b3:7f:3f:4d:73:a6:
b7:3a:09:cc:d8:b3:d9:66:cd:34:60:aa:fa:87:f8:19:e7:bf:
d3:bd:90:8d:44:7e:dc:9e:4d:3c:f8:24:be:06:b4:aa:99:22:
22:1a:2f:b0:d4:3d:fd:00:5a:07:b6:5f:4d:74:11:9b:b8:11:
22:8b:5b:98:65:a3:02:4b:fd:28:42:93:c2:69:4e:dc:a7:78:
ab:0c:ce:be:a2:f7:8f:fa:bd:ac:c9:ce:4f:a6:b8:65:02:ae:
62:d6:ef:38:f3:7a:11:ee:95:94:2b:b8:81:f2:f5:da:fd:c6:
bd:62:bc:d9:15:3d:f5:b6:d3:ba:b2:48:07:d7:b7:37:8d:55:
c3:c6:86:3a:d2:d8:69:bc:ad:13:4f:e1:53:c8:98:1d:02:3b:
61:fc:c0:db:43:9b:0f:bc:9f:2a:d6:f3:11:a9:fe:f3:f6:3c:
da:ef:b5:cd:b9:65:37:8c:1c:ed:aa:d2:fe:a7:e2:2e:27:68:
c1:7f:cb:7c:8a:fc:e6:d4:b0:f1:56:55:18:42:f9:b6:34:aa:
57:31:57:66:54:6f:07:82:e6:27:61:04:72:ad:4a:66:7d:01:
e1:d9:9c:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGVoZ4bklQdQkuaB08Tmp9ugXR30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwNTdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlNDhhNzM5ZDhlYWEzYTUxYjA1OWFkYjU1YjU4OTVhN2FmMjQ1YTIzNDJj
NWFiYzc1ZDAzYmY3MGE2ZGRiZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjzQDdBTvkC4yfs/OKzCqKQ8A73tqkluqdffKvSfnAuOG4U8XMG/k7NTLv2
3LG0x3HJGWjkzbOD0ervht040sHaj/WFqdm3Es7r5vd9TxRZgbNKi1FI7nkbVpDn
75dbRtyMWddbBiIam7U1J8EfmuBXRPP52ao+2EOw9a97RNd1ELVsjHHsjtFzIgXa
SLpMQ1lS4NqcULs5ojv1t1blRcd6sZKEQIWOmVczCJzONmVWvQdUY1NPGTGwPlYa
1yrsoSuOmc3ZmmQDkLx39W1pOnvgMVl/n1hGShGKlBh+7r2se6j5AYEqgYUN+gaD
1HIpZQ1g6xIaAMMU+IyQtEUN+EMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRH5RRG
Wf7hgxfQMEIZE9XJyG89sDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzViYjBkYTUtMGEyZC00YjgwLWFhZmUtYWY3ZTc0Y2Y1ODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCHvaRxskTr1byY+UNYur2d8G0CfO3N8N/0USfH
bbOzfz9Nc6a3OgnM2LPZZs00YKr6h/gZ57/TvZCNRH7cnk08+CS+BrSqmSIiGi+w
1D39AFoHtl9NdBGbuBEii1uYZaMCS/0oQpPCaU7cp3irDM6+oveP+r2syc5Pprhl
Aq5i1u8483oR7pWUK7iB8vXa/ca9YrzZFT31ttO6skgH17c3jVXDxoY60thpvK0T
T+FTyJgdAjth/MDbQ5sPvJ8q1vMRqf7z9jza77XNuWU3jBztqtL+p+IuJ2jBf8t8
ivzm1LDxVlUYQvm2NKpXMVdmVG8HguYnYQRyrUpmfQHh2Zzw
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:11 2026 by rpki-client