Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
File: 3bde61a2-7506-48c2-8365-3447411d858e.roa (raw, json)
Hash identifier: 6ToRicNy/r9Cvf88eGcL+u3xL50bTmfCdwkmN+s6G8Q=
Subject key identifier: 9F:11:BB:0F:24:1A:81:54:41:55:2D:04:6E:0E:19:61:B9:57:E5:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3036BF118337173BA73DE0CCD7B8CDC887FA5A3A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
Signing time: Tue 19 May 2026 05:31:21 +0000
ROA not before: Tue 19 May 2026 05:31:21 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:36:bf:11:83:37:17:3b:a7:3d:e0:cc:d7:b8:cd:c8:87:fa:5a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:21 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2ea93cd416717d5f662f53b4a388b57a289c2ab35d2ab644ee7aed33e9b40b2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:af:5d:bb:ef:ce:3a:bd:c2:ce:10:66:1c:48:
e1:62:c7:58:9c:da:ad:7b:e5:6d:69:ef:4f:10:6c:
1e:5c:d7:85:48:93:c1:bf:a6:aa:b1:96:c2:97:65:
e6:39:76:02:aa:0e:8a:05:a6:f4:80:65:5c:fb:e9:
ab:f2:d3:9b:ff:b4:c8:02:d1:5f:b4:fa:80:26:d2:
91:76:56:6d:e7:51:b7:5e:8e:b0:8f:ba:8d:ec:3e:
fa:f7:50:a6:5f:78:fb:02:54:5d:77:8e:3c:73:ec:
6f:b8:8d:99:b8:1e:18:ac:c4:ba:3c:46:b6:cf:3d:
15:69:e5:e5:20:2f:84:86:27:f5:49:af:9f:c2:ab:
2d:14:33:79:ba:f8:5b:7b:fa:16:f9:14:71:58:e0:
1b:cc:1f:56:e9:c3:e9:65:e5:ce:cc:a5:c9:dc:7f:
08:b6:8e:48:67:5c:c8:89:87:59:9d:f4:64:2f:df:
a3:59:2a:7d:db:63:02:f1:e8:55:81:6b:ab:6d:8d:
b4:b7:18:b8:a2:a4:fa:51:7b:78:4d:eb:4f:5b:48:
63:e0:be:b6:bb:12:bd:ce:ab:c5:c5:f4:4f:dd:39:
b9:fc:d9:41:1a:2f:70:8f:54:b4:7a:53:45:ae:70:
92:10:ae:2d:05:a7:34:62:32:46:e8:eb:b8:df:37:
ed:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:11:BB:0F:24:1A:81:54:41:55:2D:04:6E:0E:19:61:B9:57:E5:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:5000::/40
Signature Algorithm: sha256WithRSAEncryption
77:01:0f:f4:bc:2c:eb:e1:04:b9:7b:2f:29:50:b0:1a:50:4d:
0a:8e:18:9e:14:fa:95:d8:09:f7:9e:68:51:43:52:00:06:af:
3b:14:7c:dc:9d:33:a2:a9:a0:8c:80:1e:84:4a:23:f2:6a:ea:
c9:ea:f7:dc:36:39:e8:3d:68:b1:91:a0:e3:32:a6:0e:8a:be:
4b:bd:5f:64:a2:12:5b:d0:e9:a9:ee:d5:bf:f7:56:5d:70:df:
c8:93:00:1d:17:fc:d7:f3:dc:2d:e7:f2:f8:62:b0:e9:8a:ed:
87:78:2c:31:fc:e0:8f:6c:da:ed:cb:c6:56:3a:d4:8a:4f:5c:
7f:91:38:2f:34:74:6e:81:13:8a:24:4c:cd:dc:14:6d:2f:97:
58:65:ac:e0:f3:65:bc:e8:30:85:a4:5e:4f:2b:26:20:f2:35:
69:3c:b9:9a:7c:98:ee:e6:f3:09:77:80:7a:32:3c:93:a1:2f:
fc:52:66:35:99:08:b8:59:34:f9:f6:66:d4:35:2a:43:fb:e8:
bd:ee:c8:8e:fe:34:01:e8:58:1b:9d:18:65:93:58:e9:f5:98:
6b:61:87:e0:30:ad:80:90:14:76:3e:a3:9b:5b:18:30:a9:0f:
2a:af:eb:4b:a8:40:df:4a:c5:f6:57:b7:c6:81:6d:26:46:f7:
8c:59:f2:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMDa/EYM3FzunPeDM17jNyIf6WjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMjFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlYTkzY2Q0MTY3MTdkNWY2NjJmNTNiNGEzODhiNTdhMjg5YzJhYjM1ZDJh
YjY0NGVlN2FlZDMzZTliNDBiMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+vXbvvzjq9ws4QZhxI4WLHWJzarXvlbWnvTxBsHlzXhUiTwb+mqrGWwpdl
5jl2AqoOigWm9IBlXPvpq/LTm/+0yALRX7T6gCbSkXZWbedRt16OsI+6jew++vdQ
pl94+wJUXXeOPHPsb7iNmbgeGKzEujxGts89FWnl5SAvhIYn9Umvn8KrLRQzebr4
W3v6FvkUcVjgG8wfVunD6WXlzsylydx/CLaOSGdcyImHWZ30ZC/fo1kqfdtjAvHo
VYFrq22NtLcYuKKk+lF7eE3rT1tIY+C+trsSvc6rxcX0T905ufzZQRovcI9UtHpT
Ra5wkhCuLQWnNGIyRujruN837S8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSfEbsP
JBqBVEFVLQRuDhlhuVfleTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JkZTYxYTItNzUwNi00OGMyLTgzNjUtMzQ0NzQxMWQ4NThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB3AQ/0vCzr4QS5ey8pULAaUE0KjhieFPqV2An3
nmhRQ1IABq87FHzcnTOiqaCMgB6ESiPyaurJ6vfcNjnoPWixkaDjMqYOir5LvV9k
ohJb0Omp7tW/91ZdcN/IkwAdF/zX89wt5/L4YrDpiu2HeCwx/OCPbNrty8ZWOtSK
T1x/kTgvNHRugROKJEzN3BRtL5dYZazg82W86DCFpF5PKyYg8jVpPLmafJju5vMJ
d4B6MjyToS/8UmY1mQi4WTT59mbUNSpD++i97siO/jQB6FgbnRhlk1jp9ZhrYYfg
MK2AkBR2PqObWxgwqQ8qr+tLqEDfSsX2V7fGgW0mRveMWfIj
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:54 2026 by rpki-client