Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/505b5380-4fa1-409a-8880-8291d1b8b936.roa
File: 505b5380-4fa1-409a-8880-8291d1b8b936.roa (raw, json)
Hash identifier: DDQkTg6jFRQOBpn26XU5oIUW/bMpQBx1xYO1BFssMqY=
Subject key identifier: 93:FC:6D:BA:99:D2:51:21:6C:F9:22:D9:1A:70:CE:48:D1:FF:2B:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B74C4918C811391A93A3ED83F9CF5C1D869C671
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/505b5380-4fa1-409a-8880-8291d1b8b936.roa
Signing time: Sun 31 May 2026 01:00:49 +0000
ROA not before: Sun 31 May 2026 01:00:49 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:74:c4:91:8c:81:13:91:a9:3a:3e:d8:3f:9c:f5:c1:d8:69:c6:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:49 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=90f762a35446281c73b81adc94c0338114e8f937844041f56818419db199aeb3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:28:00:e1:23:ba:7d:bf:02:5d:99:51:90:
cb:4d:83:da:96:1b:f3:0a:68:0d:ee:dc:9e:e5:33:
c2:64:8a:6d:2c:01:65:ea:03:8d:d1:61:b6:c9:4f:
91:55:b8:04:a6:a1:fb:79:20:e2:16:42:0f:f9:bc:
c2:ed:8f:a3:f1:07:e2:54:dd:94:f8:ad:94:a0:86:
7c:8c:36:b0:b3:5c:1c:cf:26:b4:92:da:13:2e:d3:
96:b4:fe:92:66:67:3c:84:0d:30:e1:d7:f7:b3:fb:
88:de:b3:1f:07:4e:8a:e8:89:b3:43:7e:9b:3a:d3:
01:f7:6d:6a:3a:28:0f:f3:49:4a:bd:18:58:bb:5b:
87:f2:5d:8f:a0:40:d4:3a:60:7f:2f:9c:bc:4e:fa:
89:62:4d:dc:67:a7:53:61:a3:a0:fc:03:bb:4a:d7:
bb:08:fb:2e:d3:4a:2f:eb:e6:29:20:85:52:ae:9a:
08:2d:18:66:8f:56:33:40:33:a9:5c:0a:9a:3f:91:
fd:e0:42:54:01:be:f7:15:aa:6e:dd:25:99:15:b6:
1f:ce:06:8d:ba:e9:bf:03:b8:db:75:56:be:5f:2a:
c0:63:9c:f9:6c:e5:30:80:f4:22:d9:da:f4:71:bf:
6e:b7:fc:56:f8:4a:ca:8f:81:96:12:0e:ff:27:51:
a2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:FC:6D:BA:99:D2:51:21:6C:F9:22:D9:1A:70:CE:48:D1:FF:2B:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/505b5380-4fa1-409a-8880-8291d1b8b936.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
63:21:80:26:8b:d0:35:66:6a:5b:0b:50:f0:45:f3:cf:c0:52:
a9:b3:f6:56:4c:1f:64:a6:d4:c1:21:fd:d3:43:1b:fa:eb:74:
51:a5:68:e3:42:ad:1c:56:80:4f:20:9d:36:14:b8:3e:e0:5e:
c0:0a:db:5f:4e:af:46:f1:8e:19:e0:d5:ae:a6:07:11:d8:e5:
d9:98:d7:b4:72:76:61:88:05:cb:88:76:d0:00:bb:d1:e8:4d:
e5:8b:25:b5:f9:1c:81:f9:24:7c:2f:f7:9e:30:d4:74:52:6c:
03:4f:46:47:a3:22:2e:ac:7c:fa:ab:75:20:ab:53:22:f3:1d:
ff:50:0d:27:1d:cf:f3:2f:38:0b:5c:32:b1:92:f3:bb:5f:72:
4d:ac:ac:1b:db:30:fd:be:29:12:6e:d3:f2:9b:56:6e:72:da:
99:3e:61:f8:49:98:72:bd:a1:27:30:d4:03:e1:60:f6:a7:d9:
00:93:90:39:2b:44:0b:2f:1d:72:83:55:f5:41:28:b4:76:36:
f3:db:7c:ed:64:39:39:b8:a8:9d:a4:43:6a:6e:dd:18:bf:84:
4e:6b:84:db:5d:a3:b5:1b:29:ce:71:ec:3e:18:fb:4b:9e:d9:
94:07:5f:ae:9a:39:90:48:80:93:3a:c2:7a:c0:6d:fc:90:d3:
fa:3d:b7:7b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUa3TEkYyBE5GpOj7YP5z1wdhpxnEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwNDlaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwZjc2MmEzNTQ0NjI4MWM3M2I4MWFkYzk0YzAzMzgxMTRlOGY5Mzc4NDQw
NDFmNTY4MTg0MTlkYjE5OWFlYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKksKADhI7p9vwJdmVGQy02D2pYb8wpoDe7cnuUzwmSKbSwBZeoDjdFhtslP
kVW4BKah+3kg4hZCD/m8wu2Po/EH4lTdlPitlKCGfIw2sLNcHM8mtJLaEy7TlrT+
kmZnPIQNMOHX97P7iN6zHwdOiuiJs0N+mzrTAfdtajooD/NJSr0YWLtbh/Jdj6BA
1Dpgfy+cvE76iWJN3GenU2GjoPwDu0rXuwj7LtNKL+vmKSCFUq6aCC0YZo9WM0Az
qVwKmj+R/eBCVAG+9xWqbt0lmRW2H84GjbrpvwO423VWvl8qwGOc+WzlMID0Itna
9HG/brf8VvhKyo+BlhIO/ydRolUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBST/G26
mdJRIWz5ItkacM5I0f8rqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTA1YjUzODAtNGZhMS00MDlhLTg4ODAtODI5MWQxYjhiOTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Fqg
wDANBgkqhkiG9w0BAQsFAAOCAQEAYyGAJovQNWZqWwtQ8EXzz8BSqbP2VkwfZKbU
wSH900Mb+ut0UaVo40KtHFaATyCdNhS4PuBewArbX06vRvGOGeDVrqYHEdjl2ZjX
tHJ2YYgFy4h20AC70ehN5YsltfkcgfkkfC/3njDUdFJsA09GR6MiLqx8+qt1IKtT
IvMd/1ANJx3P8y84C1wysZLzu19yTaysG9sw/b4pEm7T8ptWbnLamT5h+EmYcr2h
JzDUA+Fg9qfZAJOQOStECy8dcoNV9UEotHY289t87WQ5ObionaRDam7dGL+ETmuE
212jtRspznHsPhj7S57ZlAdfrpo5kEiAkzrCesBt/JDT+j23ew==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:23 2026 by rpki-client