Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa
File: 375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa (raw, json)
Hash identifier: I3cGpAwr/1nKjDfpZjiWrASW0VIzWaOMUZypW7C4+x8=
Subject key identifier: 7F:43:8A:A3:89:9A:21:51:9E:91:A1:8A:37:7B:48:00:3B:89:FC:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FBF61E1AE6456EA916C2F2B220EFFF3C0B6F810
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa
Signing time: Tue 19 May 2026 05:00:38 +0000
ROA not before: Tue 19 May 2026 05:00:38 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:bf:61:e1:ae:64:56:ea:91:6c:2f:2b:22:0e:ff:f3:c0:b6:f8:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:38 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=021003be25f2066d8aca7af608556dac30fa428c431889e4e93f0fc4c46847b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:43:c6:fb:1b:32:da:ec:6c:88:1e:30:fd:31:
32:37:04:9a:00:4d:1e:de:8c:59:b8:76:70:4e:77:
e9:50:cf:80:81:ec:2e:40:67:70:78:fc:2d:1c:97:
f9:c9:5f:57:6a:36:ad:67:8a:1d:f6:03:29:ab:c4:
2b:3c:1a:cc:7f:01:40:a3:7e:f3:f1:14:67:ad:3e:
54:df:aa:e5:37:b4:16:54:d6:22:fa:b0:0e:eb:10:
5a:1a:d1:95:75:19:68:da:03:c0:35:44:51:a4:b6:
bb:40:9e:6b:e7:8f:94:b6:4e:5b:54:6e:f7:03:6a:
f2:41:5b:1f:4d:40:03:12:9e:77:30:dc:6f:9d:c0:
69:b3:d7:ac:45:45:36:88:21:9c:0c:ce:31:1c:99:
0b:55:28:ae:ac:68:0e:a4:6c:db:f8:47:6f:11:8e:
81:7c:8b:18:b3:ff:a3:40:73:dd:65:9f:87:72:81:
f4:ff:fe:ef:5f:05:2d:88:0e:2d:f3:52:cd:bc:53:
a4:ec:a9:fc:50:53:a4:5e:0c:98:fe:9e:85:f6:c2:
bf:86:9e:53:da:b3:88:43:88:3c:4e:e6:24:51:bc:
1e:35:97:79:6c:06:95:b8:91:e9:31:c8:be:99:82:
09:39:84:e4:60:4e:0c:9f:40:ce:e3:3c:81:f9:e9:
cc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:43:8A:A3:89:9A:21:51:9E:91:A1:8A:37:7B:48:00:3B:89:FC:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
43:36:90:e9:aa:41:17:6d:fc:fe:01:56:08:98:e9:6b:63:bb:
d7:14:f4:f5:f4:d6:32:e6:66:0c:4d:62:da:07:17:6a:61:3b:
58:cb:01:9d:ef:d6:c1:1f:03:38:2b:96:0c:75:20:9a:e8:d5:
2e:d9:42:a7:38:19:16:7e:57:79:13:3a:4e:fe:a8:c4:be:42:
d5:84:d6:0a:2e:78:80:6f:bb:37:98:de:40:70:a0:cb:38:db:
89:a8:8d:e2:f6:87:08:49:ec:6a:b8:d6:a8:da:d3:e6:55:11:
e3:08:cc:a3:32:45:0e:9f:7a:50:bf:a5:e8:c1:c5:db:d8:61:
0d:fc:72:fc:2c:b2:2e:3f:51:ac:d3:ac:92:af:85:bd:d6:df:
aa:83:54:d6:fb:52:4a:34:37:6f:53:81:34:91:59:f2:1a:7c:
f6:cd:8a:53:30:75:14:53:25:9f:3c:88:bf:d8:34:d3:ed:65:
7c:11:03:27:63:54:7a:50:01:84:a7:7f:a4:55:39:07:93:0c:
db:a1:e8:df:84:f3:de:a2:f0:11:cb:03:75:b4:98:a4:a7:83:
23:b8:8d:50:bd:f9:d2:57:3a:88:a9:e9:06:fe:a9:75:76:e3:
5a:45:da:90:a6:22:49:c5:ff:46:4e:d6:b5:eb:12:a8:de:7e:
25:01:a9:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH79h4a5kVuqRbC8rIg7/88C2+BAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMzhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyMTAwM2JlMjVmMjA2NmQ4YWNhN2FmNjA4NTU2ZGFjMzBmYTQyOGM0MzE4
ODllNGU5M2YwZmM0YzQ2ODQ3YjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFDxvsbMtrsbIgeMP0xMjcEmgBNHt6MWbh2cE536VDPgIHsLkBncHj8LRyX
+clfV2o2rWeKHfYDKavEKzwazH8BQKN+8/EUZ60+VN+q5Te0FlTWIvqwDusQWhrR
lXUZaNoDwDVEUaS2u0Cea+ePlLZOW1Ru9wNq8kFbH01AAxKedzDcb53AabPXrEVF
NoghnAzOMRyZC1UorqxoDqRs2/hHbxGOgXyLGLP/o0Bz3WWfh3KB9P/+718FLYgO
LfNSzbxTpOyp/FBTpF4MmP6ehfbCv4aeU9qziEOIPE7mJFG8HjWXeWwGlbiR6THI
vpmCCTmE5GBODJ9AzuM8gfnpzIECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR/Q4qj
iZohUZ6RoYo3e0gAO4n8PTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzc1YjJhMzEtMmJmNS00OWFlLTg3M2YtNjExY2IzZWZkNmU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dog
MA0GCSqGSIb3DQEBCwUAA4IBAQBDNpDpqkEXbfz+AVYImOlrY7vXFPT19NYy5mYM
TWLaBxdqYTtYywGd79bBHwM4K5YMdSCa6NUu2UKnOBkWfld5EzpO/qjEvkLVhNYK
LniAb7s3mN5AcKDLONuJqI3i9ocISexquNao2tPmVRHjCMyjMkUOn3pQv6XowcXb
2GEN/HL8LLIuP1Gs06ySr4W91t+qg1TW+1JKNDdvU4E0kVnyGnz2zYpTMHUUUyWf
PIi/2DTT7WV8EQMnY1R6UAGEp3+kVTkHkwzboejfhPPeovARywN1tJikp4MjuI1Q
vfnSVzqIqekG/ql1duNaRdqQpiJJxf9GTta16xKo3n4lAal0
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:50 2026 by rpki-client