Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
File: 50253a85-74b2-4a74-ab18-15a98f3496b2.roa (raw, json)
Hash identifier: I2wlK46eG7Vk+KIx5guh61BjJUa3qv1zCDvIo1tmiSA=
Subject key identifier: 15:B2:A9:05:A9:09:0A:D8:60:A0:7C:DD:6D:DA:AB:19:50:34:FA:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7060BF8FFBE7DFDA6713DCD05BA5F72E254BB278
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
Signing time: Tue 19 May 2026 05:00:54 +0000
ROA not before: Tue 19 May 2026 05:00:54 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:60:bf:8f:fb:e7:df:da:67:13:dc:d0:5b:a5:f7:2e:25:4b:b2:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:54 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=72718ccb41249fe5254808e0e4f4551b06d2fbef0734fef6b4fabfcfb6c02c44, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:68:fd:38:a2:ac:90:47:80:5c:9c:f1:c9:3c:
42:8b:0b:3c:8e:de:09:5a:75:c1:5d:be:a3:cb:f1:
6a:99:e2:1a:c8:08:e4:84:1d:e8:aa:d2:2b:4c:dc:
bb:75:cd:cc:94:68:10:f1:f3:29:10:c1:95:38:be:
37:bd:5a:dc:35:ce:28:fe:6e:70:94:24:08:4d:7e:
e9:df:8f:c7:c1:61:08:74:b9:af:20:ce:45:eb:83:
02:ee:90:a3:f7:92:44:e5:54:7a:0e:1c:36:31:d4:
63:75:18:f3:99:d7:96:62:e6:0d:f8:11:8a:e1:83:
15:91:d4:60:27:41:e2:77:e0:ef:6b:73:1e:f8:45:
77:1b:80:4b:b2:c6:a9:de:69:1d:12:54:4b:2d:3b:
24:69:bc:9d:b3:a0:97:7b:ef:31:09:9a:9d:5a:4d:
ce:39:3c:a5:5c:bf:e1:d0:bd:d2:62:27:9e:63:67:
73:00:12:f0:0c:4f:a5:30:fb:d1:37:94:06:f1:d3:
a7:34:3a:09:73:c5:ba:fd:ea:08:03:08:d9:9a:e4:
6b:2a:ac:4f:11:d5:db:05:66:1f:41:90:cf:c7:18:
3a:3f:51:d4:d4:c8:9b:a5:da:e8:32:47:fe:6e:14:
86:0a:98:5d:9e:c3:e3:56:e3:13:37:b6:a9:e9:48:
c6:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B2:A9:05:A9:09:0A:D8:60:A0:7C:DD:6D:DA:AB:19:50:34:FA:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:8000::/40
Signature Algorithm: sha256WithRSAEncryption
15:d5:a5:69:ad:69:bb:7e:b1:e9:8a:30:58:8a:ac:44:c9:39:
b3:4c:2e:e9:5f:c6:1c:36:a2:d6:64:74:7d:b5:38:5a:a6:bc:
01:c5:f4:e6:03:12:9f:6b:27:81:c0:ec:19:33:3b:45:25:35:
56:19:44:3b:ac:1d:76:67:99:04:ca:b2:5b:43:3e:be:f3:18:
e6:36:c5:bb:01:f1:d4:f1:28:81:22:9e:57:43:58:aa:27:25:
77:3a:c6:fc:4e:5e:f6:3b:e8:ef:d9:f8:fa:81:25:77:db:c9:
f1:1d:45:97:21:32:a9:0f:c1:39:26:e0:54:71:6a:f2:7f:4a:
65:02:68:ce:e5:3d:63:63:95:bd:72:87:38:87:ad:6d:79:b5:
36:01:80:ed:b0:c7:76:75:51:3d:c4:0f:ed:b7:c0:f6:42:43:
49:0d:b0:e7:58:27:c3:d5:cd:af:7a:73:e2:75:1c:cd:60:9d:
ac:e3:2f:1d:32:53:da:f4:22:f0:4b:5b:dd:dd:f6:87:05:f0:
c9:f0:e3:c7:b7:86:56:25:02:1a:a7:db:62:96:c2:ef:be:85:
78:36:98:e2:35:e6:e1:11:53:a9:24:c7:13:33:82:91:4f:1d:
34:cf:68:b6:20:a6:f8:5d:9f:e0:df:f7:4a:18:c0:e4:19:d9:
27:20:f4:ea
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcGC/j/vn39pnE9zQW6X3LiVLsngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNTRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyNzE4Y2NiNDEyNDlmZTUyNTQ4MDhlMGU0ZjQ1NTFiMDZkMmZiZWYwNzM0
ZmVmNmI0ZmFiZmNmYjZjMDJjNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANho/TiirJBHgFyc8ck8QosLPI7eCVp1wV2+o8vxapniGsgI5IQd6KrSK0zc
u3XNzJRoEPHzKRDBlTi+N71a3DXOKP5ucJQkCE1+6d+Px8FhCHS5ryDOReuDAu6Q
o/eSROVUeg4cNjHUY3UY85nXlmLmDfgRiuGDFZHUYCdB4nfg72tzHvhFdxuAS7LG
qd5pHRJUSy07JGm8nbOgl3vvMQmanVpNzjk8pVy/4dC90mInnmNncwAS8AxPpTD7
0TeUBvHTpzQ6CXPFuv3qCAMI2ZrkayqsTxHV2wVmH0GQz8cYOj9R1NTIm6Xa6DJH
/m4UhgqYXZ7D41bjEze2qelIxpkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQVsqkF
qQkK2GCgfN1t2qsZUDT68TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTAyNTNhODUtNzRiMi00YTc0LWFiMTgtMTVhOThmMzQ5NmIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWA
MA0GCSqGSIb3DQEBCwUAA4IBAQAV1aVprWm7frHpijBYiqxEyTmzTC7pX8YcNqLW
ZHR9tThaprwBxfTmAxKfayeBwOwZMztFJTVWGUQ7rB12Z5kEyrJbQz6+8xjmNsW7
AfHU8SiBIp5XQ1iqJyV3Osb8Tl72O+jv2fj6gSV328nxHUWXITKpD8E5JuBUcWry
f0plAmjO5T1jY5W9coc4h61tebU2AYDtsMd2dVE9xA/tt8D2QkNJDbDnWCfD1c2v
enPidRzNYJ2s4y8dMlPa9CLwS1vd3faHBfDJ8OPHt4ZWJQIap9tilsLvvoV4Npji
NebhEVOpJMcTM4KRTx00z2i2IKb4XZ/g3/dKGMDkGdknIPTq
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:09 2026 by rpki-client