Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
File: 52b24640-f60c-42e4-9476-345e951e2387.roa (raw, json)
Hash identifier: GFzBiQopODgdGFtg9E/Nl5YeTCwvWJUQm5fT7q62los=
Subject key identifier: A2:50:56:B1:A5:41:0B:FF:7E:9B:F3:DF:4F:D5:3D:8A:B3:3D:C2:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DAD783AC06893E5C966D2268B50E068640D446A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
Signing time: Tue 19 May 2026 04:50:07 +0000
ROA not before: Tue 19 May 2026 04:50:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:ad:78:3a:c0:68:93:e5:c9:66:d2:26:8b:50:e0:68:64:0d:44:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=a27e8ffc5249bb2bf630c1ef47c1a6f27b9c4a7a0ef227053a74ecdc0ee87e45, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d9:c6:48:03:a3:72:e0:43:9a:d3:51:9d:f0:
bb:45:53:3e:cb:bb:c3:b6:f7:0b:72:66:29:84:29:
55:b1:a2:21:fb:80:d2:97:96:12:ff:78:14:4e:69:
b2:a7:f7:ed:00:ce:12:9d:d7:c3:19:5a:07:d7:d6:
5b:de:15:75:41:12:f3:d4:0c:0b:fc:7f:71:30:9e:
e7:99:3d:08:ad:21:75:7b:c2:4d:54:fa:68:57:48:
82:ce:7c:e0:0e:ce:1e:a3:19:22:43:4c:98:a7:8c:
7e:1a:ec:31:32:1b:f5:53:de:f8:db:b2:d2:f9:6c:
b1:93:30:67:25:02:1b:99:f8:46:81:22:6c:c0:3e:
b2:63:f5:c4:81:4b:2d:b3:2e:89:49:f5:03:d1:b0:
08:70:07:ce:df:47:c3:24:64:50:78:f0:9e:af:9e:
ff:63:7d:42:17:27:36:ef:68:06:5a:8b:70:ab:b9:
eb:43:39:70:ca:65:af:04:8b:21:6d:22:2e:e6:a2:
19:d2:03:20:9d:49:ec:50:72:8e:11:36:07:66:c9:
34:51:8c:21:49:85:d1:2e:2a:33:b9:c5:5d:ea:c4:
de:7c:8d:be:77:8c:4c:80:ed:75:8b:51:a6:a3:95:
89:18:17:e3:bb:06:53:a9:5f:59:78:54:e5:99:83:
03:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:50:56:B1:A5:41:0B:FF:7E:9B:F3:DF:4F:D5:3D:8A:B3:3D:C2:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5040::/48
Signature Algorithm: sha256WithRSAEncryption
73:6d:d9:57:53:8a:1d:a9:1b:7d:63:8b:76:a6:44:73:de:85:
4c:36:86:36:a8:e5:7f:7d:cf:1f:71:fa:59:db:1c:8c:90:70:
3f:8c:e3:51:39:4b:ca:01:ee:af:cf:c0:e4:a0:f3:ab:43:b6:
77:b3:be:f8:aa:0e:5f:3a:1f:55:9c:44:36:e1:eb:a9:1e:36:
33:92:7b:18:9f:3e:df:0b:c4:a5:1f:08:21:73:80:96:3e:43:
39:af:7a:9a:9c:33:49:45:99:c2:e1:45:c0:89:4a:a1:dc:7c:
d4:b5:16:91:ef:48:88:fa:cc:79:e4:c2:52:e3:1d:80:2e:7c:
d8:39:f1:89:bb:72:8a:1e:e8:7e:23:58:bd:59:2c:ef:d2:58:
31:bb:be:6b:6d:18:ed:69:a1:1d:79:46:3f:f8:48:d8:62:61:
c0:6f:31:e3:68:b1:c7:14:39:2f:27:bf:0a:0b:f8:68:ea:a7:
10:36:e4:02:fa:78:62:07:69:59:66:a0:2e:95:c8:f0:d1:2b:
5c:f6:31:a0:fb:79:ed:ba:95:f0:11:7b:d2:aa:f4:df:fe:41:
81:6a:c9:c7:1d:13:7b:f6:fc:45:9b:22:00:7c:03:6f:85:de:
b8:96:65:a9:67:7a:aa:5a:41:67:8d:87:f2:bf:c9:65:9d:fa:
49:a7:52:d8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTa14OsBok+XJZtImi1DgaGQNRGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyN2U4ZmZjNTI0OWJiMmJmNjMwYzFlZjQ3YzFhNmYyN2I5YzRhN2EwZWYy
MjcwNTNhNzRlY2RjMGVlODdlNDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPZxkgDo3LgQ5rTUZ3wu0VTPsu7w7b3C3JmKYQpVbGiIfuA0peWEv94FE5p
sqf37QDOEp3XwxlaB9fWW94VdUES89QMC/x/cTCe55k9CK0hdXvCTVT6aFdIgs58
4A7OHqMZIkNMmKeMfhrsMTIb9VPe+Nuy0vlssZMwZyUCG5n4RoEibMA+smP1xIFL
LbMuiUn1A9GwCHAHzt9HwyRkUHjwnq+e/2N9QhcnNu9oBlqLcKu560M5cMplrwSL
IW0iLuaiGdIDIJ1J7FByjhE2B2bJNFGMIUmF0S4qM7nFXerE3nyNvneMTIDtdYtR
pqOViRgX47sGU6lfWXhU5ZmDA8MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSiUFax
pUEL/36b899P1T2Ksz3CyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTJiMjQ2NDAtZjYwYy00MmU0LTk0NzYtMzQ1ZTk1MWUyMzg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAc23ZV1OKHakbfWOLdqZEc96FTDaGNqjlf33P
H3H6WdscjJBwP4zjUTlLygHur8/A5KDzq0O2d7O++KoOXzofVZxENuHrqR42M5J7
GJ8+3wvEpR8IIXOAlj5DOa96mpwzSUWZwuFFwIlKodx81LUWke9IiPrMeeTCUuMd
gC582Dnxibtyih7ofiNYvVks79JYMbu+a20Y7WmhHXlGP/hI2GJhwG8x42ixxxQ5
Lye/Cgv4aOqnEDbkAvp4YgdpWWagLpXI8NErXPYxoPt57bqV8BF70qr03/5BgWrJ
xx0Te/b8RZsiAHwDb4XeuJZlqWd6qlpBZ42H8r/JZZ36SadS2A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:46 2026 by rpki-client