Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa
File: 4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa (raw, json)
Hash identifier: FLVJ9RyJXVaPmxotSjUiuPmn19kbO1L/kpNF6VtBdTI=
Subject key identifier: FC:86:F9:24:FC:4B:D3:89:8A:74:24:F2:AC:3F:4E:FE:FA:97:AF:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03978E8B6C524460CF6E617C8FE0577BA8D22FA5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa
Signing time: Fri 15 May 2026 02:20:10 +0000
ROA not before: Fri 15 May 2026 02:20:10 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:97:8e:8b:6c:52:44:60:cf:6e:61:7c:8f:e0:57:7b:a8:d2:2f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:20:10 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=a3055b474caa947ece122efc3ffea53f893cea085663c420be26030407d5ed1f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3d:92:a2:f8:e3:9f:c6:a5:be:e5:48:75:de:
1e:96:9f:16:84:45:7f:db:c6:68:b9:1b:6b:0a:68:
4e:7d:fc:4e:57:ca:19:15:1c:a5:7e:f9:76:18:8d:
08:26:81:38:70:c5:32:9e:bf:99:95:37:46:59:f2:
76:06:e0:71:f3:43:10:b1:65:68:c5:ff:af:7f:97:
19:a5:e5:f0:50:db:1e:2b:2d:5e:5a:38:c7:7f:e4:
72:fb:ab:8c:4c:6f:68:56:ca:f7:9a:bf:47:93:b1:
53:ce:95:0c:f9:81:8a:3c:85:71:0a:f6:a4:ff:66:
8a:d4:81:2b:db:bf:74:0a:16:63:74:48:59:fd:82:
20:89:f4:c9:13:94:e2:ca:07:e9:4b:33:47:68:0b:
4f:5d:2c:65:31:01:95:08:b8:1c:0f:8f:3e:c6:af:
b3:a4:3c:a1:35:28:b0:45:c4:23:c8:cd:13:c3:e9:
30:ea:0c:a6:91:27:72:d0:0b:87:c3:62:c0:db:cf:
2b:f9:62:79:92:38:b2:d4:89:72:e0:f5:52:43:6e:
67:28:bb:1f:b2:6a:de:36:1d:5c:41:c8:27:00:29:
01:71:95:83:35:0f:f8:ef:e1:df:d2:68:fe:95:19:
89:14:99:37:c9:54:48:6d:0c:c0:db:7e:e6:26:70:
ed:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:86:F9:24:FC:4B:D3:89:8A:74:24:F2:AC:3F:4E:FE:FA:97:AF:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:800::/40
Signature Algorithm: sha256WithRSAEncryption
60:40:b8:76:11:71:89:a7:f3:cd:e4:17:90:2e:4b:c0:a0:aa:
3d:90:4e:ad:15:17:bf:55:ad:3a:a5:25:57:8a:93:2c:43:d5:
01:6c:2d:4f:4c:48:e1:d3:fd:29:c3:47:2e:15:c7:ad:3a:26:
07:ae:bf:d9:ff:54:2b:7f:10:1b:f7:f4:da:00:f0:1e:db:5e:
ec:ff:53:8b:05:d1:be:ff:9c:1b:e8:2d:aa:9e:b8:40:ca:3f:
09:ac:dd:ee:43:5c:35:49:39:e5:6b:7c:99:2c:90:b1:66:dc:
16:c3:5d:d3:ef:cc:bf:80:8c:9e:fd:3c:32:68:bf:79:f8:fc:
1e:1c:7b:12:71:90:55:03:17:02:fc:e8:e7:34:cb:ce:85:81:
9d:23:89:40:fb:73:9f:a2:48:31:73:00:2b:5e:27:e1:1d:7e:
24:31:89:be:91:bf:fc:af:7b:1d:27:13:3c:a8:71:03:8f:a7:
c1:f3:a4:c0:e3:bf:cb:79:f2:52:49:cd:67:18:85:e3:3b:f6:
1c:0b:93:2d:bd:a1:4f:90:a1:42:83:62:5e:a4:d6:c2:ed:34:
12:99:12:dd:bc:23:f9:68:a7:26:25:f8:b0:9c:b0:6a:9d:bf:
e7:8d:84:03:41:52:d7:0f:c8:34:04:3d:5e:bb:cc:35:36:bf:
79:cd:91:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA5eOi2xSRGDPbmF8j+BXe6jSL6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjIwMTBaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMDU1YjQ3NGNhYTk0N2VjZTEyMmVmYzNmZmVhNTNmODkzY2VhMDg1NjYz
YzQyMGJlMjYwMzA0MDdkNWVkMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOE9kqL445/Gpb7lSHXeHpafFoRFf9vGaLkbawpoTn38TlfKGRUcpX75dhiN
CCaBOHDFMp6/mZU3RlnydgbgcfNDELFlaMX/r3+XGaXl8FDbHistXlo4x3/kcvur
jExvaFbK95q/R5OxU86VDPmBijyFcQr2pP9mitSBK9u/dAoWY3RIWf2CIIn0yROU
4soH6UszR2gLT10sZTEBlQi4HA+PPsavs6Q8oTUosEXEI8jNE8PpMOoMppEnctAL
h8NiwNvPK/lieZI4stSJcuD1UkNuZyi7H7Jq3jYdXEHIJwApAXGVgzUP+O/h39Jo
/pUZiRSZN8lUSG0MwNt+5iZw7Y0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT8hvkk
/EvTiYp0JPKsP07++pevITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGY1YmVlZWItOWQ5Mi00ZjA2LWJkMjAtM2U5MDI3MjdlNDRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HsI
MA0GCSqGSIb3DQEBCwUAA4IBAQBgQLh2EXGJp/PN5BeQLkvAoKo9kE6tFRe/Va06
pSVXipMsQ9UBbC1PTEjh0/0pw0cuFcetOiYHrr/Z/1QrfxAb9/TaAPAe217s/1OL
BdG+/5wb6C2qnrhAyj8JrN3uQ1w1STnla3yZLJCxZtwWw13T78y/gIye/TwyaL95
+PweHHsScZBVAxcC/OjnNMvOhYGdI4lA+3OfokgxcwArXifhHX4kMYm+kb/8r3sd
JxM8qHEDj6fB86TA47/LefJSSc1nGIXjO/YcC5MtvaFPkKFCg2JepNbC7TQSmRLd
vCP5aKcmJfiwnLBqnb/njYQDQVLXD8g0BD1eu8w1Nr95zZG8
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:42 2026 by rpki-client