Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
File: 58699fff-50fe-46a7-8e85-38dbafe34c1b.roa (raw, json)
Hash identifier: 28vKP4FF+FbLuDdM2MhYmYVN6enpzPZFiu1cPogjpQk=
Subject key identifier: 5C:18:9B:07:A6:57:02:07:53:0D:D0:E1:89:12:63:DE:37:4B:6E:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 649A8B7CD2661DC5FF367373F532C7F851A37B69
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
Signing time: Tue 19 May 2026 04:30:13 +0000
ROA not before: Tue 19 May 2026 04:30:13 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:9a:8b:7c:d2:66:1d:c5:ff:36:73:73:f5:32:c7:f8:51:a3:7b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:13 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=6661bdf2b5da6193dcf8430ec47f888abe69076d4065c91d649ce879609b9a04, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5d:21:d2:9c:03:30:2c:ce:4e:32:cb:62:50:
59:bf:b9:c1:76:25:be:76:81:20:f1:c3:d7:cd:85:
11:84:b3:ff:98:6e:19:53:80:39:ea:b7:59:e2:f3:
07:24:86:a6:18:7f:a9:61:da:b0:d9:94:9c:4d:22:
76:c1:2e:d9:4c:70:fc:4e:57:c8:da:f3:ec:c8:f3:
c0:80:c0:f6:6c:4a:84:11:ac:75:44:a9:69:c6:15:
fb:18:3a:53:8e:f2:08:ea:56:14:46:e9:9f:7b:7b:
24:dc:f2:4f:2d:c2:92:bf:b3:48:11:38:a4:ee:25:
7a:ac:5d:c2:3c:5a:68:bb:8a:30:0d:95:0a:d1:06:
76:6c:7b:b6:f6:48:76:7c:04:a7:ac:0f:46:d7:10:
e1:9a:66:42:07:d9:02:4d:da:04:84:b2:20:df:a2:
0d:5a:ed:ab:03:0e:81:84:ac:30:c6:89:e0:08:56:
30:56:59:0c:da:cf:0e:a8:97:1b:26:5c:13:6f:7d:
37:eb:26:c0:94:0b:45:38:fd:49:88:c8:83:c6:53:
18:ed:bc:f7:b0:c8:60:dd:03:b0:8f:f5:be:10:e2:
73:8b:f3:03:27:1c:16:67:a3:25:ad:df:2b:05:52:
8a:c6:3f:83:d6:05:82:b2:ca:21:d6:0a:92:c2:36:
ce:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:18:9B:07:A6:57:02:07:53:0D:D0:E1:89:12:63:DE:37:4B:6E:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:26:23:bb:7e:77:1e:9a:21:3e:d1:5c:25:22:ac:8e:a0:a6:
b6:7b:9d:5b:4a:21:e0:f2:44:75:4d:da:2a:ad:1d:e2:e2:73:
d6:11:25:12:18:67:09:30:22:93:38:4e:a5:7a:ad:a8:b6:d8:
6c:7a:90:80:25:8f:a4:45:20:c3:3a:1f:49:21:5c:81:9f:85:
03:3c:83:f6:bd:b2:55:16:0b:78:20:5e:bc:af:a7:89:70:df:
bb:95:41:f8:94:5a:1d:5d:38:50:f9:d4:41:df:46:db:93:e9:
db:ba:29:c6:cd:62:a4:70:4c:1b:0a:17:6c:00:fd:24:2d:79:
4a:67:f3:c2:2b:82:c6:80:cd:7b:65:bb:5d:29:44:db:09:6f:
23:09:ff:32:55:dd:23:5e:f2:b9:62:98:8c:97:2f:cd:52:5c:
2a:bc:ab:08:5d:0d:99:4c:ed:ad:cd:0b:6f:79:6a:a0:f9:b9:
04:6a:a4:cb:64:65:30:0b:ed:3f:b2:9e:40:b4:77:eb:28:50:
64:fc:d9:8a:43:bd:14:1e:9e:a5:74:5c:36:19:22:4f:db:74:
f0:05:e6:ac:c6:26:5b:97:85:24:28:2a:14:e7:e8:c3:71:23:
fe:98:82:bd:d6:84:e2:d0:9a:3c:ef:7e:c3:17:64:19:32:50:
2f:53:e7:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZJqLfNJmHcX/NnNz9TLH+FGje2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMTNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2NjFiZGYyYjVkYTYxOTNkY2Y4NDMwZWM0N2Y4ODhhYmU2OTA3NmQ0MDY1
YzkxZDY0OWNlODc5NjA5YjlhMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZdIdKcAzAszk4yy2JQWb+5wXYlvnaBIPHD182FEYSz/5huGVOAOeq3WeLz
BySGphh/qWHasNmUnE0idsEu2Uxw/E5XyNrz7MjzwIDA9mxKhBGsdUSpacYV+xg6
U47yCOpWFEbpn3t7JNzyTy3Ckr+zSBE4pO4leqxdwjxaaLuKMA2VCtEGdmx7tvZI
dnwEp6wPRtcQ4ZpmQgfZAk3aBISyIN+iDVrtqwMOgYSsMMaJ4AhWMFZZDNrPDqiX
GyZcE299N+smwJQLRTj9SYjIg8ZTGO2897DIYN0DsI/1vhDic4vzAyccFmejJa3f
KwVSisY/g9YFgrLKIdYKksI2zsMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcGJsH
plcCB1MN0OGJEmPeN0tuqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg2OTlmZmYtNTBmZS00NmE3LThlODUtMzhkYmFmZTM0YzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g
MA0GCSqGSIb3DQEBCwUAA4IBAQCaJiO7fncemiE+0VwlIqyOoKa2e51bSiHg8kR1
TdoqrR3i4nPWESUSGGcJMCKTOE6leq2otthsepCAJY+kRSDDOh9JIVyBn4UDPIP2
vbJVFgt4IF68r6eJcN+7lUH4lFodXThQ+dRB30bbk+nbuinGzWKkcEwbChdsAP0k
LXlKZ/PCK4LGgM17ZbtdKUTbCW8jCf8yVd0jXvK5YpiMly/NUlwqvKsIXQ2ZTO2t
zQtveWqg+bkEaqTLZGUwC+0/sp5AtHfrKFBk/NmKQ70UHp6ldFw2GSJP23TwBeas
xiZbl4UkKCoU5+jDcSP+mIK91oTi0Jo8737DF2QZMlAvU+dx
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:45:47 2026 by rpki-client