Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
File: 58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa (raw, json)
Hash identifier: 8YfSGMtujWDsY/uibs54YSpw7K3bhTN3SjYcX2Dopbg=
Subject key identifier: AC:3E:46:94:1D:E9:7E:BB:18:06:E7:D3:A6:04:58:3D:01:EF:91:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46E07B596D27361A95398800EB9BB0843C618B7B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
Signing time: Tue 19 May 2026 05:40:05 +0000
ROA not before: Tue 19 May 2026 05:40:05 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:e0:7b:59:6d:27:36:1a:95:39:88:00:eb:9b:b0:84:3c:61:8b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:05 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=449f221cbcdd13964361d07588ce75da53048cbfa333ac00d40cf41e2b0f2bfb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ce:82:4e:94:b4:2d:65:a5:6e:6b:08:67:a9:
27:09:7f:00:3e:eb:8a:4a:ac:1e:9b:94:eb:dd:fb:
cc:e3:76:19:63:80:87:33:a3:90:3c:67:b9:05:af:
fd:29:88:02:3d:e6:a5:f0:ba:1f:3f:7a:64:d4:f3:
62:d2:c0:8b:97:0b:92:23:38:33:96:ff:46:5a:0e:
46:a2:82:c7:e2:2f:85:bb:66:17:d6:67:97:41:78:
24:d1:00:8e:ed:81:56:17:0f:01:f1:73:a2:5c:df:
4a:44:5b:b9:b4:d0:ea:7a:52:0f:5a:a9:f0:dd:15:
52:a8:b3:19:a2:6f:fb:92:3f:a5:2a:d1:60:3a:bb:
e5:1e:cf:c4:85:79:5a:69:3e:61:9f:91:b1:13:d7:
f9:85:e0:bf:6c:a5:4c:f7:c0:5c:40:e8:8d:e2:d8:
d9:f6:e5:bc:2d:34:eb:7b:28:64:55:c6:a2:6f:c4:
fc:b7:c1:57:ea:14:6d:b1:b2:7a:7a:c3:52:28:f1:
c4:69:58:cd:5e:03:b6:1c:e5:7a:e2:fb:f8:86:3c:
76:b5:f8:08:64:02:84:c4:46:73:29:e1:db:03:7b:
10:0e:22:e8:2d:03:29:90:c1:08:37:a8:0f:82:2f:
64:50:d8:c1:b4:09:7d:14:d6:22:c1:0d:eb:d5:4c:
1e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3E:46:94:1D:E9:7E:BB:18:06:E7:D3:A6:04:58:3D:01:EF:91:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2040::/48
Signature Algorithm: sha256WithRSAEncryption
05:69:e0:6a:0a:7e:c0:9a:0b:3e:3e:88:a5:a2:f6:e0:a4:52:
9d:73:9c:e1:24:83:e5:a6:84:12:ac:2b:07:ca:7f:f5:18:65:
30:90:30:22:b8:39:c2:5d:2f:4f:77:ad:6c:6b:cf:65:1a:2d:
dc:e0:b4:55:f5:4e:d0:b1:38:c3:a5:bf:73:2d:b2:27:4b:da:
8d:89:ed:11:7f:33:34:cb:1f:5e:8b:4b:bc:5a:4f:6c:59:e9:
d3:fc:ab:22:8b:5a:bd:da:72:93:24:e4:b3:df:02:39:9a:eb:
17:ca:dd:09:58:04:dd:c0:5e:38:d7:d5:3b:ea:68:d7:e6:90:
53:26:55:8f:ee:64:4f:7d:cf:bd:d8:61:1b:af:0d:67:e2:10:
f9:68:9e:85:77:c2:6c:64:16:fe:e5:0b:53:8a:2f:42:49:b4:
a8:47:93:15:81:a0:d6:9b:a3:35:61:08:e1:e9:fc:1a:08:de:
ce:77:ca:a3:84:7b:78:01:81:af:d0:95:9b:68:25:0a:47:5a:
ae:0f:e4:9c:3e:51:13:4e:c3:de:1e:f1:f9:ce:06:53:01:5e:
95:47:ac:85:ac:4f:59:2f:95:06:5a:b3:60:d2:7e:19:fd:3c:
89:a5:43:58:66:c6:ae:50:df:18:48:58:29:de:ef:29:06:e2:
9e:9f:17:1d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURuB7WW0nNhqVOYgA65uwhDxhi3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwMDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0OWYyMjFjYmNkZDEzOTY0MzYxZDA3NTg4Y2U3NWRhNTMwNDhjYmZhMzMz
YWMwMGQ0MGNmNDFlMmIwZjJiZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbOgk6UtC1lpW5rCGepJwl/AD7rikqsHpuU6937zON2GWOAhzOjkDxnuQWv
/SmIAj3mpfC6Hz96ZNTzYtLAi5cLkiM4M5b/RloORqKCx+IvhbtmF9Znl0F4JNEA
ju2BVhcPAfFzolzfSkRbubTQ6npSD1qp8N0VUqizGaJv+5I/pSrRYDq75R7PxIV5
Wmk+YZ+RsRPX+YXgv2ylTPfAXEDojeLY2fblvC0063soZFXGom/E/LfBV+oUbbGy
enrDUijxxGlYzV4DthzleuL7+IY8drX4CGQChMRGcynh2wN7EA4i6C0DKZDBCDeo
D4IvZFDYwbQJfRTWIsEN69VMHnECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSsPkaU
Hel+uxgG59OmBFg9Ae+RhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NTdhODktYjQzMS00OWMzLWJjMGUtZDQ5ZTJkNGM3OWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
QDANBgkqhkiG9w0BAQsFAAOCAQEABWngagp+wJoLPj6IpaL24KRSnXOc4SSD5aaE
EqwrB8p/9RhlMJAwIrg5wl0vT3etbGvPZRot3OC0VfVO0LE4w6W/cy2yJ0vajYnt
EX8zNMsfXotLvFpPbFnp0/yrIotavdpykyTks98COZrrF8rdCVgE3cBeONfVO+po
1+aQUyZVj+5kT33PvdhhG68NZ+IQ+WiehXfCbGQW/uULU4ovQkm0qEeTFYGg1puj
NWEI4en8GgjeznfKo4R7eAGBr9CVm2glCkdarg/knD5RE07D3h7x+c4GUwFelUes
haxPWS+VBlqzYNJ+Gf08iaVDWGbGrlDfGEhYKd7vKQbinp8XHQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:00 2026 by rpki-client