Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
File: 5767e356-231b-4b87-98ab-c496dcc2d53f.roa (raw, json)
Hash identifier: +KtjV86/7VYflGmj2qVSQQBguJqG30kcaMpCKJHCKu0=
Subject key identifier: 42:92:9E:32:BA:4D:F1:B0:E7:B4:69:21:FF:EB:5B:86:16:A6:38:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BA1DBA985235B1C95D4AEC66A25BFA0A99DE584
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
Signing time: Tue 19 May 2026 05:01:10 +0000
ROA not before: Tue 19 May 2026 05:01:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:a1:db:a9:85:23:5b:1c:95:d4:ae:c6:6a:25:bf:a0:a9:9d:e5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:01:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=0ba270870a9c36c5e28577833f4ec4502bdd4c6bd7c101642c71c40c504d329e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e8:6f:2d:de:8f:2a:6b:9e:35:10:8d:c1:60:
47:bf:ec:a0:3e:36:a6:ff:b3:05:ed:28:a0:c4:13:
1d:cf:82:33:7c:24:95:31:b0:c4:36:96:6b:42:17:
26:07:85:52:60:ba:ad:fe:57:03:c8:48:0f:e1:01:
d2:3a:f9:d4:90:61:7c:66:31:77:66:a3:07:eb:ce:
c0:51:ff:f4:65:22:df:a2:b1:b7:58:17:ab:da:a5:
43:ee:62:c5:a2:47:4b:89:aa:80:6a:4c:35:a9:13:
02:de:47:ee:34:84:1c:c8:74:7e:6d:2f:46:68:ad:
3a:d2:8a:d6:f2:a6:b5:08:c4:9c:75:0b:b6:70:72:
09:29:48:41:72:09:b9:f0:33:8b:3d:a4:30:d9:0a:
15:cd:cf:bd:ab:8b:ea:aa:7f:b7:08:7e:f3:84:e4:
a1:84:1d:63:ca:50:34:3e:a3:91:33:e5:a6:4c:ec:
50:3b:f0:4b:2c:fe:6e:1a:c7:c6:2c:e4:4d:8b:d0:
c8:96:87:7e:d5:8f:a4:5a:90:28:f1:63:eb:5d:de:
29:ac:95:9f:23:b9:09:ad:69:58:23:2c:75:4f:53:
75:10:ae:ec:b2:0f:80:ae:30:c8:08:95:8e:a3:9a:
44:b7:f7:16:6a:ef:5a:f8:95:f0:81:c6:cd:be:29:
13:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:92:9E:32:BA:4D:F1:B0:E7:B4:69:21:FF:EB:5B:86:16:A6:38:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:c1:03:2d:37:fa:ac:dc:f3:87:b7:e6:e3:0d:15:92:c0:ae:
92:5d:c1:f2:41:68:70:0c:b6:45:f4:bf:4a:72:fd:e0:3a:02:
97:f3:fa:b3:ca:e7:e7:be:ac:11:ad:93:9e:4e:c2:f7:25:18:
5d:29:e6:7c:2e:53:77:9f:ae:bc:7c:08:a0:01:38:a8:b7:9d:
f6:a7:93:43:7e:fb:f3:04:26:67:5c:09:50:23:6f:92:e4:67:
33:60:48:1b:a9:73:00:fe:0e:6c:91:17:53:db:8f:71:ac:fe:
6a:43:a7:2c:6c:a1:69:0a:e8:61:d9:ed:fb:17:f0:8e:6e:05:
25:b2:53:c5:c0:81:80:c9:b6:b7:ad:c9:99:c9:72:f8:79:26:
d8:85:cf:ec:c8:b9:6f:f3:1e:d8:e8:cd:4a:e0:e8:f7:d2:71:
b5:bc:b7:fb:e9:d1:7e:84:86:38:ee:da:c3:7c:37:0c:f0:30:
93:42:e4:b9:de:cd:2d:28:98:fb:88:b8:4b:43:ca:ae:e9:27:
13:fc:b5:b0:48:03:50:77:36:bd:1a:d4:fd:f5:2d:8b:13:fb:
d5:c1:2b:52:e2:3f:96:f5:18:b7:51:1d:7e:c1:47:c5:20:69:
d5:1a:af:d8:12:dd:47:cb:d9:6e:a2:22:9c:9a:85:ec:02:7c:
74:67:17:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO6HbqYUjWxyV1K7GaiW/oKmd5YQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAxMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiYTI3MDg3MGE5YzM2YzVlMjg1Nzc4MzNmNGVjNDUwMmJkZDRjNmJkN2Mx
MDE2NDJjNzFjNDBjNTA0ZDMyOWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI3oby3ejyprnjUQjcFgR7/soD42pv+zBe0ooMQTHc+CM3wklTGwxDaWa0IX
JgeFUmC6rf5XA8hID+EB0jr51JBhfGYxd2ajB+vOwFH/9GUi36Kxt1gXq9qlQ+5i
xaJHS4mqgGpMNakTAt5H7jSEHMh0fm0vRmitOtKK1vKmtQjEnHULtnByCSlIQXIJ
ufAziz2kMNkKFc3PvauL6qp/twh+84TkoYQdY8pQND6jkTPlpkzsUDvwSyz+bhrH
xizkTYvQyJaHftWPpFqQKPFj613eKayVnyO5Ca1pWCMsdU9TdRCu7LIPgK4wyAiV
jqOaRLf3FmrvWviV8IHGzb4pE8UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCkp4y
uk3xsOe0aSH/61uGFqY4CjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc2N2UzNTYtMjMxYi00Yjg3LTk4YWItYzQ5NmRjYzJkNTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCgwQMtN/qs3POHt+bjDRWSwK6SXcHyQWhwDLZF
9L9Kcv3gOgKX8/qzyufnvqwRrZOeTsL3JRhdKeZ8LlN3n668fAigATiot532p5ND
fvvzBCZnXAlQI2+S5GczYEgbqXMA/g5skRdT249xrP5qQ6csbKFpCuhh2e37F/CO
bgUlslPFwIGAyba3rcmZyXL4eSbYhc/syLlv8x7Y6M1K4Oj30nG1vLf76dF+hIY4
7trDfDcM8DCTQuS53s0tKJj7iLhLQ8qu6ScT/LWwSANQdza9GtT99S2LE/vVwStS
4j+W9Ri3UR1+wUfFIGnVGq/YEt1Hy9luoiKcmoXsAnx0Zxec
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:10 2026 by rpki-client