Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/485b9f1f-6944-4fc0-a4e8-fcb2db669780.roa
File: 485b9f1f-6944-4fc0-a4e8-fcb2db669780.roa (raw, json)
Hash identifier: 1uqfVWKqLPArZsOA1gO8fNK/xpoVQeNdFZjFDxYCE1k=
Subject key identifier: C1:48:DF:A5:7A:30:58:D2:25:C0:C7:4E:C0:C2:E8:55:33:6E:C2:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59D635BF7FB0F2BAA578F8C00C076924999FBAFC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/485b9f1f-6944-4fc0-a4e8-fcb2db669780.roa
Signing time: Sun 31 May 2026 01:10:46 +0000
ROA not before: Sun 31 May 2026 01:10:46 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d6:35:bf:7f:b0:f2:ba:a5:78:f8:c0:0c:07:69:24:99:9f:ba:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:10:46 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=427c7ccc3688f1541dd72a14efa1452beaed6f3932a68fb22cbfa4d5b261a335, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:40:40:0d:31:8d:23:1e:45:93:69:30:30:e9:
45:24:5f:0d:ea:5c:a9:aa:64:41:c8:55:95:b6:b9:
d4:80:81:e7:42:fb:ae:9b:55:f5:0c:2e:78:75:5a:
fc:1d:62:81:bd:a6:81:19:57:06:48:78:13:38:68:
7f:3b:7d:42:5d:2e:a2:ea:8c:38:f8:18:ba:0f:af:
cc:19:fa:53:75:df:1e:06:2b:ae:c9:57:de:be:a6:
ca:31:3b:a9:fd:fe:7b:44:2b:f9:99:96:80:f5:7d:
e2:b1:3f:06:ae:80:8b:1a:68:b7:c0:bb:88:ad:c0:
e4:8d:ed:8e:51:d2:95:ec:cd:40:33:b6:ac:3c:ec:
8b:ad:83:ca:ba:cc:f1:3e:de:f4:fb:d7:99:e7:a3:
62:c8:5c:b8:70:86:86:e5:f0:26:45:82:f2:df:a8:
91:28:48:56:6f:b1:6f:ac:4e:e1:24:d8:51:ef:95:
09:5d:25:04:f3:e4:d9:b2:fc:7f:d6:c9:93:fa:81:
90:3f:3d:05:15:f6:a7:84:8d:5d:13:e3:21:89:1f:
dd:7c:dd:d6:2f:40:a1:4f:d4:69:fa:7c:5c:d8:7e:
0c:b2:ff:33:4c:59:24:75:af:50:ca:17:ac:88:08:
47:60:28:37:1c:9b:98:70:e9:af:71:0e:a1:a2:b8:
a1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:48:DF:A5:7A:30:58:D2:25:C0:C7:4E:C0:C2:E8:55:33:6E:C2:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/485b9f1f-6944-4fc0-a4e8-fcb2db669780.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
05:bf:b1:06:d6:0f:cc:c3:b7:45:9b:d7:93:1d:2e:75:8c:94:
8d:82:be:60:0f:50:a1:3b:a4:c4:59:2f:ad:0a:6c:41:b7:76:
e5:73:38:cf:0d:48:a5:e6:27:3e:4f:a4:df:5d:49:fc:f5:9d:
c1:44:dc:50:fa:ad:4a:12:fd:17:5b:55:9c:45:cd:66:04:38:
83:ee:b5:b2:e8:f3:3e:19:8d:52:48:05:27:bd:81:ad:9c:da:
53:29:62:77:44:c9:cc:0c:32:3a:aa:87:a7:0a:bc:1a:5c:fe:
6d:79:81:d9:fa:69:58:de:11:d0:4c:06:b3:13:4b:79:40:64:
a3:43:fb:3e:1e:1d:8c:4e:0c:7c:ad:5f:50:55:65:07:8f:f5:
2a:18:25:b2:83:cf:16:40:c9:ab:de:78:e6:6a:57:04:8e:b9:
ae:ff:bc:a3:84:58:b5:52:49:a9:57:88:64:2c:5f:d9:e4:d0:
be:7d:29:2f:1a:4e:75:0e:e4:15:a1:47:e3:89:b2:da:72:e8:
5b:9c:0d:3b:77:54:56:c5:41:2d:a2:d3:46:56:e3:93:66:b1:
94:ba:1d:39:71:7c:ae:05:d8:99:f0:20:2f:30:a0:96:b0:47:
27:e0:13:17:54:91:a9:ed:b6:92:c8:15:90:12:1f:78:03:52:
d0:de:d2:24
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWdY1v3+w8rqlePjADAdpJJmfuvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTEwNDZaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyN2M3Y2NjMzY4OGYxNTQxZGQ3MmExNGVmYTE0NTJiZWFlZDZmMzkzMmE2
OGZiMjJjYmZhNGQ1YjI2MWEzMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9AQA0xjSMeRZNpMDDpRSRfDepcqapkQchVlba51ICB50L7rptV9QwueHVa
/B1igb2mgRlXBkh4Ezhofzt9Ql0uouqMOPgYug+vzBn6U3XfHgYrrslX3r6myjE7
qf3+e0Qr+ZmWgPV94rE/Bq6Aixpot8C7iK3A5I3tjlHSlezNQDO2rDzsi62DyrrM
8T7e9PvXmeejYshcuHCGhuXwJkWC8t+okShIVm+xb6xO4STYUe+VCV0lBPPk2bL8
f9bJk/qBkD89BRX2p4SNXRPjIYkf3Xzd1i9AoU/Uafp8XNh+DLL/M0xZJHWvUMoX
rIgIR2AoNxybmHDpr3EOoaK4oeECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTBSN+l
ejBY0iXAx07AwuhVM27CbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDg1YjlmMWYtNjk0NC00ZmMwLWE0ZTgtZmNiMmRiNjY5NzgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3A
wDANBgkqhkiG9w0BAQsFAAOCAQEABb+xBtYPzMO3RZvXkx0udYyUjYK+YA9QoTuk
xFkvrQpsQbd25XM4zw1IpeYnPk+k311J/PWdwUTcUPqtShL9F1tVnEXNZgQ4g+61
sujzPhmNUkgFJ72BrZzaUylid0TJzAwyOqqHpwq8Glz+bXmB2fppWN4R0EwGsxNL
eUBko0P7Ph4djE4MfK1fUFVlB4/1KhglsoPPFkDJq9545mpXBI65rv+8o4RYtVJJ
qVeIZCxf2eTQvn0pLxpOdQ7kFaFH44my2nLoW5wNO3dUVsVBLaLTRlbjk2axlLod
OXF8rgXYmfAgLzCglrBHJ+ATF1SRqe22ksgVkBIfeANS0N7SJA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:28 2026 by rpki-client