Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: Wz2fvBiJlNINpMmCPYpkgpi225Bnf7h5W+o037f5iuM=
Subject key identifier: 3D:A4:DC:CD:03:EF:E4:A8:35:22:A0:7A:BC:12:0F:72:9D:4E:20:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73F449DC1DC47A94B0BDF1BD131C5F423C8A434A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Tue 19 May 2026 04:30:31 +0000
ROA not before: Tue 19 May 2026 04:30:31 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:f4:49:dc:1d:c4:7a:94:b0:bd:f1:bd:13:1c:5f:42:3c:8a:43:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:31 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=96800143922e3c6e6f559063ff0d3da49fee3a01b6f8d81c4604009702a78000, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d4:ab:c5:bb:e1:c2:e7:75:e9:61:19:32:99:
4e:a4:bf:c2:9a:26:0f:eb:1c:34:d7:5b:41:2f:d5:
c3:9a:ba:90:55:a0:22:4d:4c:42:54:9a:2d:72:1d:
64:ac:db:58:3e:59:9f:b6:1e:f0:f6:aa:3c:fa:6d:
ca:89:eb:1b:a4:60:a5:1a:70:a5:26:95:be:ab:9b:
2c:1e:62:50:ab:00:72:3f:f3:9a:ff:89:12:df:fa:
69:14:52:9e:c0:1a:5b:45:6f:f3:e0:3d:ad:a6:67:
8d:5b:b2:72:4a:bc:33:e2:82:7c:37:7c:35:65:da:
d7:13:2e:9b:1f:9b:fe:50:18:34:57:97:8b:49:96:
a2:14:4f:ea:ce:81:8a:c0:0a:1c:92:ae:5d:77:55:
f5:c9:b4:5e:ac:9b:b3:88:84:3f:24:b1:2e:7a:23:
c7:ea:04:31:b8:3e:77:e3:b8:62:72:e3:e1:d0:4b:
a7:b4:96:a2:bd:54:dd:c9:7c:7b:a5:06:82:c9:cf:
1c:34:05:f5:ec:57:51:0a:da:9e:b5:3a:4c:7b:c7:
dc:ec:56:e6:cb:9a:0f:32:87:ec:8e:d6:b3:8b:f0:
dc:7d:c0:e9:dd:d9:97:4e:e3:5e:37:06:1e:0b:16:
96:4a:64:f2:7c:8c:ef:a4:5d:f8:4d:c3:ce:5e:52:
1f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A4:DC:CD:03:EF:E4:A8:35:22:A0:7A:BC:12:0F:72:9D:4E:20:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
47:d2:15:00:a8:c8:98:a0:5f:2d:b3:aa:34:4a:7d:72:d4:1b:
09:d0:13:0f:91:00:a9:f8:d3:b8:94:40:69:db:e7:50:4c:81:
af:9e:96:37:4d:1f:2a:d1:85:fa:57:88:d6:f7:23:05:05:f2:
71:bf:9e:4d:be:d1:e6:0c:b9:75:8c:d0:08:4e:40:12:06:ea:
cd:04:6c:1f:4e:62:98:93:35:8e:9e:82:26:cc:4f:52:a7:95:
c8:82:00:4f:5c:4f:b6:c2:7e:a9:d7:b9:96:1b:19:da:b5:c4:
1c:63:b8:9e:86:f2:6e:55:7c:b0:ca:69:3c:38:1e:a8:53:2c:
57:d6:b6:24:d4:43:8b:a7:1f:49:f0:93:28:25:5b:79:bf:ab:
c3:8a:bb:a2:29:83:d4:b8:ea:d2:5f:de:8a:0f:be:69:d6:28:
40:f7:1e:c8:14:90:90:af:7d:f0:47:01:da:69:7f:f5:8b:aa:
55:a1:dd:d9:58:a3:c1:fa:ce:d9:4e:6e:d1:8b:fb:20:7a:db:
39:67:2c:36:31:e0:a1:88:8e:09:30:95:ed:6d:67:83:11:76:
6e:aa:51:33:89:0b:86:a6:48:46:0b:f9:bf:4d:cc:1b:5e:b4:
ed:e1:a0:0d:87:4e:fd:4c:63:39:02:b0:08:8e:ef:8c:c3:d5:
22:15:1b:f6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc/RJ3B3EepSwvfG9ExxfQjyKQ0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMzFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2ODAwMTQzOTIyZTNjNmU2ZjU1OTA2M2ZmMGQzZGE0OWZlZTNhMDFiNmY4
ZDgxYzQ2MDQwMDk3MDJhNzgwMDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXUq8W74cLndelhGTKZTqS/wpomD+scNNdbQS/Vw5q6kFWgIk1MQlSaLXId
ZKzbWD5Zn7Ye8PaqPPptyonrG6RgpRpwpSaVvqubLB5iUKsAcj/zmv+JEt/6aRRS
nsAaW0Vv8+A9raZnjVuyckq8M+KCfDd8NWXa1xMumx+b/lAYNFeXi0mWohRP6s6B
isAKHJKuXXdV9cm0Xqybs4iEPySxLnojx+oEMbg+d+O4YnLj4dBLp7SWor1U3cl8
e6UGgsnPHDQF9exXUQranrU6THvH3OxW5suaDzKH7I7Ws4vw3H3A6d3Zl07jXjcG
HgsWlkpk8nyM76Rd+E3Dzl5SH40CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9pNzN
A+/kqDUioHq8Eg9ynU4g+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA
MA0GCSqGSIb3DQEBCwUAA4IBAQBH0hUAqMiYoF8ts6o0Sn1y1BsJ0BMPkQCp+NO4
lEBp2+dQTIGvnpY3TR8q0YX6V4jW9yMFBfJxv55NvtHmDLl1jNAITkASBurNBGwf
TmKYkzWOnoImzE9Sp5XIggBPXE+2wn6p17mWGxnatcQcY7iehvJuVXywymk8OB6o
UyxX1rYk1EOLpx9J8JMoJVt5v6vDiruiKYPUuOrSX96KD75p1ihA9x7IFJCQr33w
RwHaaX/1i6pVod3ZWKPB+s7ZTm7Ri/sgets5Zyw2MeChiI4JMJXtbWeDEXZuqlEz
iQuGpkhGC/m/TcwbXrTt4aANh079TGM5ArAIju+Mw9UiFRv2
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:28 2026 by rpki-client