Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
File: 515f7e85-9223-47e5-be2b-42ec6a12a88b.roa (raw, json)
Hash identifier: TCpXqg+N8HRWWRttQZAHLfRCu0P0ZWRSjwjNWwP4NJ0=
Subject key identifier: E5:1B:68:57:19:D1:58:03:D4:EF:87:FB:1A:73:0C:AF:8D:73:10:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08A22491BE1223A0E70443EC6FF64C647633AE2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
Signing time: Tue 19 May 2026 05:00:57 +0000
ROA not before: Tue 19 May 2026 05:00:57 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:a2:24:91:be:12:23:a0:e7:04:43:ec:6f:f6:4c:64:76:33:ae:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:57 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=4d54e547d06b544532e54082fa9d32db75d028a8c4f10a59ad395440462e1ecc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:59:3c:58:98:7a:e0:8c:19:04:52:8a:db:01:
dd:15:37:c5:1d:ac:47:ee:ba:fe:a2:1c:03:53:32:
24:40:8e:bf:72:19:ea:13:0a:b4:17:e8:17:c2:67:
0a:ba:38:d8:fb:59:54:7b:c2:fc:bf:49:d1:f8:60:
5c:77:20:a0:14:2f:43:9c:32:d8:98:04:9b:2e:bc:
bb:78:d7:1b:d7:56:6f:f6:a3:d6:c7:fa:9f:d1:f7:
95:a6:b4:53:f6:52:bd:8f:33:da:b2:dd:7d:20:43:
5a:53:1d:cd:25:90:69:74:9a:64:86:24:16:38:ae:
02:74:d1:c9:36:74:9c:12:28:ac:14:4b:49:c9:87:
1b:06:53:e6:63:cf:91:1d:9f:ee:a2:4f:05:6b:7c:
f9:18:42:87:5d:99:5a:14:17:04:82:73:d8:41:99:
1a:59:03:b4:ba:52:6d:bf:5b:cc:86:11:6b:f9:b3:
9c:36:ac:1f:41:77:d9:b7:77:8b:e7:29:9c:09:e0:
b0:ae:41:04:df:fa:9e:1d:08:cd:69:7d:48:71:aa:
25:6d:4a:eb:60:e3:d3:a8:72:a0:b9:34:c2:8a:1f:
7e:31:06:94:78:d8:f1:a3:0e:da:9f:28:d0:a8:2a:
7d:be:2e:f0:3a:e0:83:49:ff:bc:a5:6b:87:a3:71:
fb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1B:68:57:19:D1:58:03:D4:EF:87:FB:1A:73:0C:AF:8D:73:10:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:9000::/40
Signature Algorithm: sha256WithRSAEncryption
51:00:af:c9:9c:52:6b:67:8e:1a:50:9f:d3:f0:99:37:d5:21:
22:ea:38:71:d4:35:bf:99:fa:45:bf:9a:9f:7d:91:27:c5:27:
c7:3c:e5:33:bb:36:c0:50:b5:38:4c:80:f7:00:85:4c:b0:43:
e0:2b:36:73:3a:ce:78:53:39:2a:68:dd:b8:73:31:34:26:28:
aa:cb:d8:98:3d:a2:01:c1:d7:29:68:2f:eb:7b:29:11:7b:b1:
54:54:5f:cf:81:fc:2f:3e:60:7a:72:c2:cd:42:24:16:57:65:
aa:01:4a:99:9a:48:56:53:24:38:85:fa:f4:54:5c:17:56:ae:
f0:41:e3:ed:5a:f5:14:f1:f1:f8:e5:b2:23:8f:4e:2b:87:72:
be:61:c6:02:5d:c0:64:58:25:b5:f1:08:44:63:9f:5d:e4:af:
49:7c:96:1f:c3:16:94:89:08:17:09:81:a3:99:f1:6e:9b:de:
21:79:9c:9d:0a:62:f7:fd:a3:e3:2a:5d:64:dd:fe:4d:9e:80:
f4:dd:6e:42:38:81:e1:10:43:e5:15:5e:a8:8e:59:18:4e:46:
86:37:a4:c1:6e:cc:61:3a:62:01:78:5f:87:d3:a4:9a:f8:d5:
f0:7b:be:b0:f1:39:fa:39:d7:37:2e:68:7f:4a:9a:e1:4c:bd:
b4:0f:7e:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCKIkkb4SI6DnBEPsb/ZMZHYzri4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNTdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkNTRlNTQ3ZDA2YjU0NDUzMmU1NDA4MmZhOWQzMmRiNzVkMDI4YThjNGYx
MGE1OWFkMzk1NDQwNDYyZTFlY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1ZPFiYeuCMGQRSitsB3RU3xR2sR+66/qIcA1MyJECOv3IZ6hMKtBfoF8Jn
Cro42PtZVHvC/L9J0fhgXHcgoBQvQ5wy2JgEmy68u3jXG9dWb/aj1sf6n9H3laa0
U/ZSvY8z2rLdfSBDWlMdzSWQaXSaZIYkFjiuAnTRyTZ0nBIorBRLScmHGwZT5mPP
kR2f7qJPBWt8+RhCh12ZWhQXBIJz2EGZGlkDtLpSbb9bzIYRa/mznDasH0F32bd3
i+cpnAngsK5BBN/6nh0IzWl9SHGqJW1K62Dj06hyoLk0wooffjEGlHjY8aMO2p8o
0Kgqfb4u8Drgg0n/vKVrh6Nx+3kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTlG2hX
GdFYA9Tvh/sacwyvjXMQezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTE1ZjdlODUtOTIyMy00N2U1LWJlMmItNDJlYzZhMTJhODhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBRAK/JnFJrZ44aUJ/T8Jk31SEi6jhx1DW/mfpF
v5qffZEnxSfHPOUzuzbAULU4TID3AIVMsEPgKzZzOs54UzkqaN24czE0Jiiqy9iY
PaIBwdcpaC/reykRe7FUVF/PgfwvPmB6csLNQiQWV2WqAUqZmkhWUyQ4hfr0VFwX
Vq7wQePtWvUU8fH45bIjj04rh3K+YcYCXcBkWCW18QhEY59d5K9JfJYfwxaUiQgX
CYGjmfFum94heZydCmL3/aPjKl1k3f5NnoD03W5COIHhEEPlFV6ojlkYTkaGN6TB
bsxhOmIBeF+H06Sa+NXwe76w8Tn6Odc3Lmh/SprhTL20D35E
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:42 2026 by rpki-client