Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f229298-1bc0-48dd-b452-54befd4b0a99.roa
File: 4f229298-1bc0-48dd-b452-54befd4b0a99.roa (raw, json)
Hash identifier: qtoFF4B9IkZCDqQUi8TU9P9X68vRfJdZgJ0aRdXXHoo=
Subject key identifier: 50:7E:9B:B0:CE:34:D1:5C:5A:1A:42:A1:4C:AB:B3:EC:27:3B:F6:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F13D8CC2B0281018DBEDD73FB5FCD6AD78DAA21
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f229298-1bc0-48dd-b452-54befd4b0a99.roa
Signing time: Fri 22 May 2026 16:03:34 +0000
ROA not before: Fri 22 May 2026 16:03:34 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:13:d8:cc:2b:02:81:01:8d:be:dd:73:fb:5f:cd:6a:d7:8d:aa:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:03:34 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=317fbe3862c4779986c4d7c41b19c0b2c7fcc6431ab4acd2811900b22bc2964d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:29:62:17:ff:47:2b:04:43:91:3b:c7:5d:39:
5a:cb:42:5e:d4:80:be:5f:49:b7:66:68:9f:30:97:
e1:12:b4:79:04:c4:c8:78:6f:26:9a:14:cb:8f:31:
70:3e:e6:05:b7:ac:73:03:fa:86:84:33:bc:5f:a6:
3f:5d:e9:f8:8a:f0:f5:2c:9d:8e:e9:af:07:f2:e9:
e6:a1:09:29:41:3b:91:ce:69:0b:89:d6:ed:ba:76:
85:44:e9:92:11:f4:13:90:19:94:fc:b3:fd:94:18:
d0:6e:7f:f2:ca:cb:e6:8f:75:04:3a:28:21:4a:99:
53:3f:db:b9:c8:cb:ea:c2:58:9f:3b:2b:16:96:c1:
a5:d3:59:47:93:6f:d2:28:3a:06:0e:08:b7:51:87:
e4:49:84:ec:50:ae:79:cf:36:88:fb:d7:c6:79:50:
69:d8:bc:2d:bd:c8:7f:b2:47:7c:f5:99:cf:b6:07:
4a:ac:ef:1c:58:d7:15:d1:14:b1:10:b2:56:01:47:
30:cb:3c:cc:89:a3:aa:d4:ee:d8:bd:44:0c:73:20:
bf:62:04:f4:0e:0d:28:05:ea:e4:d8:31:52:4b:18:
12:43:48:16:22:21:e6:29:35:e5:94:e3:8a:9d:05:
69:f9:d2:3b:5a:77:46:df:c4:52:22:60:fb:d3:7c:
3a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:7E:9B:B0:CE:34:D1:5C:5A:1A:42:A1:4C:AB:B3:EC:27:3B:F6:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f229298-1bc0-48dd-b452-54befd4b0a99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:880::/48
Signature Algorithm: sha256WithRSAEncryption
1e:d8:06:fe:ec:57:42:0a:fc:47:80:e6:ed:b2:87:e3:5c:62:
8c:f2:25:04:15:60:34:d2:5e:73:cc:0a:07:9d:b7:a4:69:4a:
91:ee:cb:85:0f:8b:59:b2:f8:fe:d0:b4:84:2b:57:eb:c5:13:
6d:e7:d9:e1:fc:b5:fc:b0:66:0b:9d:ab:90:87:22:7d:44:b0:
e1:91:ba:11:2b:6f:ac:02:b6:1a:65:8e:58:c8:98:5e:a8:ed:
45:5e:8a:a0:4a:ec:95:4c:38:7b:9e:12:69:83:e7:2c:83:db:
70:3d:17:b0:a7:69:8c:2e:ab:1b:0d:87:72:49:6c:5e:fb:45:
58:75:b0:88:5a:b0:76:dd:4b:3e:55:b4:a4:a7:0f:7a:54:5f:
a7:d2:a2:10:32:df:da:69:25:07:ff:31:0a:60:a9:eb:42:96:
fa:d1:ff:e4:2b:66:c7:a1:ff:51:17:12:dc:cb:f0:83:c0:c2:
df:80:98:79:f1:8a:91:33:ce:79:a5:e4:39:60:ae:c8:8c:21:
17:df:e2:d9:93:b8:d7:6a:9f:ad:85:4d:99:03:35:e6:d8:e8:
ec:fc:59:70:02:a7:99:c0:c2:19:ff:66:06:35:69:04:15:63:
de:35:a1:b3:34:27:8c:6b:9c:46:d3:4f:50:ad:20:01:52:9a:
da:61:0a:42
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXxPYzCsCgQGNvt1z+1/NateNqiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAzMzRaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxN2ZiZTM4NjJjNDc3OTk4NmM0ZDdjNDFiMTljMGIyYzdmY2M2NDMxYWI0
YWNkMjgxMTkwMGIyMmJjMjk2NGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4pYhf/RysEQ5E7x105WstCXtSAvl9Jt2ZonzCX4RK0eQTEyHhvJpoUy48x
cD7mBbescwP6hoQzvF+mP13p+Irw9SydjumvB/Lp5qEJKUE7kc5pC4nW7bp2hUTp
khH0E5AZlPyz/ZQY0G5/8srL5o91BDooIUqZUz/bucjL6sJYnzsrFpbBpdNZR5Nv
0ig6Bg4It1GH5EmE7FCuec82iPvXxnlQadi8Lb3If7JHfPWZz7YHSqzvHFjXFdEU
sRCyVgFHMMs8zImjqtTu2L1EDHMgv2IE9A4NKAXq5NgxUksYEkNIFiIh5ik15ZTj
ip0FafnSO1p3Rt/EUiJg+9N8Os0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRQfpuw
zjTRXFoaQqFMq7PsJzv2sTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGYyMjkyOTgtMWJjMC00OGRkLWI0NTItNTRiZWZkNGIwYTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GgI
gDANBgkqhkiG9w0BAQsFAAOCAQEAHtgG/uxXQgr8R4Dm7bKH41xijPIlBBVgNNJe
c8wKB523pGlKke7LhQ+LWbL4/tC0hCtX68UTbefZ4fy1/LBmC52rkIcifUSw4ZG6
EStvrAK2GmWOWMiYXqjtRV6KoErslUw4e54SaYPnLIPbcD0XsKdpjC6rGw2Hckls
XvtFWHWwiFqwdt1LPlW0pKcPelRfp9KiEDLf2mklB/8xCmCp60KW+tH/5Ctmx6H/
URcS3Mvwg8DC34CYefGKkTPOeaXkOWCuyIwhF9/i2ZO412qfrYVNmQM15tjo7PxZ
cAKnmcDCGf9mBjVpBBVj3jWhszQnjGucRtNPUK0gAVKa2mEKQg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:16:54 2026 by rpki-client