Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
File: 455182aa-6d74-4447-81a6-6be09732e55d.roa (raw, json)
Hash identifier: XqO2F9JytUQrLzaY+vNjnsdUAsvjeYGnV43oPkladUM=
Subject key identifier: AC:EC:35:A5:60:9E:7C:87:04:64:8F:EA:3D:BA:73:3A:A2:9A:92:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 128508DD6B568D77E71DE3423E376DE6E8C4715C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
Signing time: Tue 19 May 2026 04:50:26 +0000
ROA not before: Tue 19 May 2026 04:50:26 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:85:08:dd:6b:56:8d:77:e7:1d:e3:42:3e:37:6d:e6:e8:c4:71:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:26 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=afe0bd004a72f7f09f48451dcc714ffa27842ed6871918e396116f0640cde92b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:32:8d:7f:64:4a:70:77:65:3e:e4:82:9b:fc:
01:c1:9a:d7:8c:de:50:2f:96:06:2e:69:79:16:34:
16:a5:e7:cd:0f:bd:a6:8c:9e:03:4e:24:d6:86:5c:
5b:bb:a1:1f:0b:9d:a2:35:82:a8:16:3c:8a:59:62:
1d:75:4a:c5:73:10:da:db:8d:bc:f9:dc:9c:6b:0c:
87:70:09:a8:63:8a:04:2c:61:9c:d4:56:04:5f:ad:
3c:bd:40:13:f9:49:da:0a:2b:43:41:3e:ab:56:a2:
1e:7f:a9:a3:03:18:77:3a:35:62:29:9c:b2:00:7b:
8b:88:28:a7:70:f2:7e:d4:49:66:bc:0b:37:70:83:
ea:7d:16:84:1f:fd:53:07:86:8d:f1:5f:86:a3:9e:
5d:9a:f0:bc:38:9e:f0:96:61:26:d9:5e:02:a2:ac:
f0:07:30:3b:4c:89:cc:b1:38:af:3e:63:40:2d:49:
86:0d:b6:8f:31:1a:e5:14:50:3a:e5:a4:89:87:e9:
57:82:5e:dd:11:96:7a:8b:5c:80:f4:96:28:3d:5b:
15:f8:a8:db:3b:4b:c1:40:fe:2f:7f:43:0f:f2:d7:
f1:ab:a9:fa:c5:a6:6c:0f:4e:a4:af:e7:30:83:6b:
07:54:ae:96:90:c7:4f:43:7c:08:c0:96:03:a6:e3:
03:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:EC:35:A5:60:9E:7C:87:04:64:8F:EA:3D:BA:73:3A:A2:9A:92:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:c00::/38
Signature Algorithm: sha256WithRSAEncryption
5b:a1:7e:5d:c8:3f:4f:f2:1c:cf:44:92:1e:8f:c7:05:18:fa:
7b:c8:99:0b:6e:58:90:b0:a4:a6:e0:ef:36:05:9a:7f:eb:62:
ea:f5:a0:a7:3f:a6:dc:31:2a:c3:8c:be:9e:8c:e4:21:0f:36:
96:fa:2e:5a:f5:e5:6a:99:37:a6:95:3e:a4:c0:69:21:2c:8f:
84:67:3c:5b:0c:23:74:d4:65:c2:48:95:b2:69:d4:3b:24:50:
bd:2c:68:8d:7e:d3:19:cd:e4:37:d7:3b:85:a3:4b:79:73:50:
c8:92:8c:14:ff:f1:15:02:f8:8d:0d:88:41:d1:f8:4a:a5:fc:
2f:6d:5f:d7:24:f6:18:74:e8:19:c8:b3:08:8a:73:5c:d0:5a:
89:86:ec:77:e9:36:1f:49:bb:cb:a5:4c:a3:60:6d:b6:66:7b:
9a:56:aa:c1:85:e8:1f:5c:81:dd:ef:c0:79:85:bc:57:b3:aa:
ed:5f:7a:7f:4b:8a:f1:95:9a:87:ea:23:67:c6:4a:3d:70:6c:
a5:8e:60:8e:de:59:6c:8b:95:c4:8e:ae:42:33:6d:98:9d:dc:
60:3d:15:ee:39:cd:ee:5c:05:b1:46:e4:ed:88:e0:2a:3b:4b:
a2:64:1d:1f:e1:99:2f:b3:98:2e:61:c9:21:c3:6b:09:81:a0:
cf:51:7f:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEoUI3WtWjXfnHeNCPjdt5ujEcVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMjZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmZTBiZDAwNGE3MmY3ZjA5ZjQ4NDUxZGNjNzE0ZmZhMjc4NDJlZDY4NzE5
MThlMzk2MTE2ZjA2NDBjZGU5MmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0yjX9kSnB3ZT7kgpv8AcGa14zeUC+WBi5peRY0FqXnzQ+9poyeA04k1oZc
W7uhHwudojWCqBY8illiHXVKxXMQ2tuNvPncnGsMh3AJqGOKBCxhnNRWBF+tPL1A
E/lJ2gorQ0E+q1aiHn+powMYdzo1YimcsgB7i4gop3DyftRJZrwLN3CD6n0WhB/9
UweGjfFfhqOeXZrwvDie8JZhJtleAqKs8AcwO0yJzLE4rz5jQC1Jhg22jzEa5RRQ
OuWkiYfpV4Je3RGWeotcgPSWKD1bFfio2ztLwUD+L39DD/LX8aup+sWmbA9OpK/n
MINrB1SulpDHT0N8CMCWA6bjA/kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSs7DWl
YJ58hwRkj+o9unM6opqSrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1MTgyYWEtNmQ3NC00NDQ3LTgxYTYtNmJlMDk3MzJlNTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4M
MA0GCSqGSIb3DQEBCwUAA4IBAQBboX5dyD9P8hzPRJIej8cFGPp7yJkLbliQsKSm
4O82BZp/62Lq9aCnP6bcMSrDjL6ejOQhDzaW+i5a9eVqmTemlT6kwGkhLI+EZzxb
DCN01GXCSJWyadQ7JFC9LGiNftMZzeQ31zuFo0t5c1DIkowU//EVAviNDYhB0fhK
pfwvbV/XJPYYdOgZyLMIinNc0FqJhux36TYfSbvLpUyjYG22ZnuaVqrBhegfXIHd
78B5hbxXs6rtX3p/S4rxlZqH6iNnxko9cGyljmCO3llsi5XEjq5CM22YndxgPRXu
Oc3uXAWxRuTtiOAqO0uiZB0f4Zkvs5guYckhw2sJgaDPUX/D
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:26 2026 by rpki-client