Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json)
Hash identifier: tasPU4fHXxT/5wHEDZNOZ3PAG8udXnrWglnm/CSrkYo=
Subject key identifier: 00:2E:E0:15:64:59:33:71:6C:29:3B:84:B9:1E:5A:A5:FD:DE:73:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DA9B07D329AA39750AE6DD8E6C4F04348571D81
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
Signing time: Tue 19 May 2026 05:40:53 +0000
ROA not before: Tue 19 May 2026 05:40:53 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:a9:b0:7d:32:9a:a3:97:50:ae:6d:d8:e6:c4:f0:43:48:57:1d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:53 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=dd9d909ec1fe321330b0987b3b8af95c6b84b7bbd96b7a79454fa13ae0e9a47c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9b:67:73:75:14:91:f7:2c:ae:0b:7f:56:85:
49:6c:ec:7f:7f:14:f7:87:66:37:a9:9a:44:8e:96:
03:a2:f0:f7:22:d3:bb:af:71:80:ac:38:c2:3d:d0:
10:13:27:6c:cb:28:3a:d2:45:dc:8d:0f:ea:03:06:
0a:9f:d0:82:cc:81:a5:02:c9:67:2e:4b:33:58:ef:
a8:2e:9e:99:be:c7:fd:77:70:e3:dc:c1:9f:8f:aa:
c1:62:59:75:12:68:d2:f1:a2:9a:08:da:b9:90:01:
92:cf:35:95:44:aa:3a:fa:a9:5c:e1:09:dd:80:cc:
05:c1:b5:81:7e:f8:fc:c2:cc:a8:34:06:7d:37:ee:
2c:90:c2:89:e0:bb:21:b5:67:8f:91:27:ef:41:99:
31:0e:ea:a2:b6:c6:29:89:db:c9:f6:96:a2:d1:65:
cd:29:0c:ad:f0:be:ea:22:9a:07:b9:14:7b:da:26:
36:d3:62:ce:56:56:c3:b8:31:15:c0:81:25:fb:2f:
a6:69:46:16:07:08:36:2f:db:45:00:bd:01:17:a8:
61:cf:db:cc:e8:e9:67:3f:b7:19:b5:7e:6e:d3:22:
a8:34:5a:bd:20:0c:c3:b0:9b:88:00:16:1b:d5:21:
47:e7:bc:46:f1:2d:7e:a0:4e:dc:84:95:b9:2b:19:
80:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:2E:E0:15:64:59:33:71:6C:29:3B:84:B9:1E:5A:A5:FD:DE:73:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:c000::/40
Signature Algorithm: sha256WithRSAEncryption
38:88:b8:b4:a6:ab:c5:a9:26:0d:f4:db:71:5d:38:10:02:9d:
0c:7f:33:15:2c:bd:40:5a:8c:6d:e9:57:5b:d8:d2:b7:c6:30:
30:4e:d9:64:b2:dc:1d:d6:73:7a:b3:94:43:c5:15:35:59:11:
73:e6:70:af:97:af:b0:79:44:11:d0:85:72:01:e1:ec:49:65:
98:e6:89:ab:d1:97:c4:5f:58:da:b8:4f:30:fc:16:b7:6c:ff:
44:ee:91:c9:e8:da:ce:85:a0:bf:85:81:65:65:c6:fe:22:d1:
38:3d:1b:00:2e:61:8c:be:00:cb:cc:61:32:34:34:0e:b2:23:
35:2a:07:50:2a:b0:0c:6f:49:90:57:e8:9a:5a:63:e7:26:4b:
ba:b3:16:9a:53:e4:2a:f5:05:19:ae:1e:fe:30:67:89:a0:e3:
99:46:7f:a2:ec:a0:5c:0d:e2:ec:68:c1:9d:24:81:db:9a:a4:
b6:c6:03:88:5f:aa:23:61:87:e3:16:fe:ea:a2:d5:b6:f4:17:
de:c6:0f:0d:6b:83:73:2b:5e:0a:93:6a:64:c4:8b:ed:9c:97:
d8:78:78:bb:49:32:54:14:96:c9:04:ba:59:6d:07:34:3d:00:
a5:12:db:1a:f5:79:15:de:31:bd:2c:b8:a2:65:86:0f:9b:1d:
44:16:7b:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXamwfTKao5dQrm3Y5sTwQ0hXHYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNTNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkOWQ5MDllYzFmZTMyMTMzMGIwOTg3YjNiOGFmOTVjNmI4NGI3YmJkOTZi
N2E3OTQ1NGZhMTNhZTBlOWE0N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCbZ3N1FJH3LK4Lf1aFSWzsf38U94dmN6maRI6WA6Lw9yLTu69xgKw4wj3Q
EBMnbMsoOtJF3I0P6gMGCp/QgsyBpQLJZy5LM1jvqC6emb7H/Xdw49zBn4+qwWJZ
dRJo0vGimgjauZABks81lUSqOvqpXOEJ3YDMBcG1gX74/MLMqDQGfTfuLJDCieC7
IbVnj5En70GZMQ7qorbGKYnbyfaWotFlzSkMrfC+6iKaB7kUe9omNtNizlZWw7gx
FcCBJfsvpmlGFgcINi/bRQC9AReoYc/bzOjpZz+3GbV+btMiqDRavSAMw7CbiAAW
G9UhR+e8RvEtfqBO3ISVuSsZgMECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQALuAV
ZFkzcWwpO4S5Hlql/d5zuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4iLi0pqvFqSYN9NtxXTgQAp0MfzMVLL1AWoxt
6Vdb2NK3xjAwTtlkstwd1nN6s5RDxRU1WRFz5nCvl6+weUQR0IVyAeHsSWWY5omr
0ZfEX1jauE8w/Ba3bP9E7pHJ6NrOhaC/hYFlZcb+ItE4PRsALmGMvgDLzGEyNDQO
siM1KgdQKrAMb0mQV+iaWmPnJku6sxaaU+Qq9QUZrh7+MGeJoOOZRn+i7KBcDeLs
aMGdJIHbmqS2xgOIX6ojYYfjFv7qotW29Bfexg8Na4NzK14Kk2pkxIvtnJfYeHi7
STJUFJbJBLpZbQc0PQClEtsa9XkV3jG9LLiiZYYPmx1EFntW
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:28 2026 by rpki-client