Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
File: 4304a130-e9d1-47a4-8ecf-5d755740a478.roa (raw, json)
Hash identifier: xPUS/oEUjFHOj1Z4tmB4eWGVtkOXcIsO2uGktsGX9Ok=
Subject key identifier: 2D:EB:02:63:4D:91:F5:DE:10:D5:4B:30:26:98:77:32:47:62:68:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BBE4BF74A2143CF62C8E6FFCE2F5FA9715BF350
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
Signing time: Tue 19 May 2026 05:20:59 +0000
ROA not before: Tue 19 May 2026 05:20:59 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:be:4b:f7:4a:21:43:cf:62:c8:e6:ff:ce:2f:5f:a9:71:5b:f3:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:59 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=05390d294bc98d8a4e17a38d5f105a455f8f1f7287c6022322e2c73f0cfa01db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c6:50:c0:36:88:cc:7c:20:62:d5:a1:90:f3:
c6:94:3a:cf:a5:62:1c:55:84:df:57:ba:82:18:36:
a1:18:8f:ca:60:07:3b:e5:33:69:97:63:2f:e7:a5:
78:28:fb:eb:b7:ea:c3:9c:ee:c9:a3:e4:d7:0e:41:
7e:71:bc:37:f8:5c:f9:2f:e4:56:69:bf:8e:6b:45:
ce:82:f5:83:78:db:a6:6e:5c:7b:d1:b9:c7:98:3f:
f3:ce:94:fb:5f:41:bb:b4:3d:5c:36:b7:35:b6:3c:
69:79:fc:0f:e3:44:e3:f7:45:ab:f8:44:03:57:f8:
0a:e0:56:5f:c5:44:32:6d:2c:db:30:4c:eb:cd:4f:
44:34:2f:f9:20:c9:30:35:33:e1:49:b4:fc:95:dc:
82:7c:7c:61:77:80:27:21:a6:12:ca:fa:89:f4:09:
9a:a4:2d:4b:f1:02:e6:d9:a9:02:12:3e:bf:bc:ea:
ba:aa:53:75:33:68:68:7a:c5:fa:97:52:42:8f:3b:
f7:bb:f7:25:a4:24:14:d5:e4:8c:52:4f:a8:57:82:
4d:57:5b:6b:3c:19:93:eb:99:2e:46:56:7d:ce:15:
86:b8:f9:ef:85:d3:42:a0:5c:5a:ec:53:6a:9e:f3:
24:f5:7b:d0:0d:97:73:40:15:1c:21:31:98:28:4c:
ba:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:EB:02:63:4D:91:F5:DE:10:D5:4B:30:26:98:77:32:47:62:68:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
c3:58:cb:07:06:05:17:d0:85:a9:3b:40:76:8e:dc:b0:a7:79:
8a:2f:a9:7c:21:8f:41:9b:6e:49:b1:ee:d2:cb:de:af:8c:2d:
3c:c7:6d:a1:ff:3f:06:fc:cc:b1:e7:02:ce:39:b5:a1:1c:b9:
15:d3:98:79:00:5f:51:f3:41:82:40:5b:06:9e:36:6e:98:0f:
74:cc:5a:92:bc:b7:37:dd:eb:a9:6f:3f:bf:e3:80:53:5e:2a:
a6:23:c4:98:5a:1f:ff:40:87:b7:6c:bc:48:60:15:cc:6e:ba:
21:d6:ce:f4:f0:a1:9c:00:f0:7a:98:0e:ca:29:7a:65:79:06:
d3:f9:3e:ef:c2:d4:ff:3a:c7:45:f0:0a:66:c9:3d:4d:8d:2c:
41:30:c3:46:b9:72:f6:28:57:d3:83:a7:35:5c:11:b3:7f:94:
d8:d5:bf:6f:ee:5c:67:37:44:25:f6:e1:5b:1c:1b:54:d3:58:
a6:87:08:86:9c:49:b4:06:1c:a9:a5:e2:da:c3:9d:23:09:05:
21:a3:42:c2:db:d3:8d:ee:1a:27:fb:5c:7b:67:1e:72:b4:58:
62:91:c8:f1:cb:02:80:ba:fa:80:96:1d:a8:bb:b8:ac:9d:50:
93:61:45:c3:07:3f:89:17:ab:7e:93:d0:da:ad:16:c3:03:0a:
a1:2e:b0:ed
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC75L90ohQ89iyOb/zi9fqXFb81AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwNTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1MzkwZDI5NGJjOThkOGE0ZTE3YTM4ZDVmMTA1YTQ1NWY4ZjFmNzI4N2M2
MDIyMzIyZTJjNzNmMGNmYTAxZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3GUMA2iMx8IGLVoZDzxpQ6z6ViHFWE31e6ghg2oRiPymAHO+UzaZdjL+el
eCj767fqw5zuyaPk1w5BfnG8N/hc+S/kVmm/jmtFzoL1g3jbpm5ce9G5x5g/886U
+19Bu7Q9XDa3NbY8aXn8D+NE4/dFq/hEA1f4CuBWX8VEMm0s2zBM681PRDQv+SDJ
MDUz4Um0/JXcgnx8YXeAJyGmEsr6ifQJmqQtS/EC5tmpAhI+v7zquqpTdTNoaHrF
+pdSQo8797v3JaQkFNXkjFJPqFeCTVdbazwZk+uZLkZWfc4Vhrj574XTQqBcWuxT
ap7zJPV70A2Xc0AVHCExmChMunUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQt6wJj
TZH13hDVSzAmmHcyR2JoejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMwNGExMzAtZTlkMS00N2E0LThlY2YtNWQ3NTU3NDBhNDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
4DANBgkqhkiG9w0BAQsFAAOCAQEAw1jLBwYFF9CFqTtAdo7csKd5ii+pfCGPQZtu
SbHu0sver4wtPMdtof8/BvzMsecCzjm1oRy5FdOYeQBfUfNBgkBbBp42bpgPdMxa
kry3N93rqW8/v+OAU14qpiPEmFof/0CHt2y8SGAVzG66IdbO9PChnADwepgOyil6
ZXkG0/k+78LU/zrHRfAKZsk9TY0sQTDDRrly9ihX04OnNVwRs3+U2NW/b+5cZzdE
JfbhWxwbVNNYpocIhpxJtAYcqaXi2sOdIwkFIaNCwtvTje4aJ/tce2cecrRYYpHI
8csCgLr6gJYdqLu4rJ1Qk2FFwwc/iRerfpPQ2q0WwwMKoS6w7Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:53 2026 by rpki-client