Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b24421e-edaf-49c6-9098-ab3ad0bd7a76.roa
File: 5b24421e-edaf-49c6-9098-ab3ad0bd7a76.roa (raw, json)
Hash identifier: EaD3jdWOz1Jq8aISkXX7zau1B1ZcoVNbVZPnYykxmgw=
Subject key identifier: ED:F0:DD:A8:8D:37:10:8C:C9:EC:A3:D4:2E:A8:8C:91:5C:95:28:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5596C10D44761F99A7AA92F2B5DA07CEA8ED8EB5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b24421e-edaf-49c6-9098-ab3ad0bd7a76.roa
Signing time: Sun 31 May 2026 01:11:00 +0000
ROA not before: Sun 31 May 2026 01:11:00 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:96:c1:0d:44:76:1f:99:a7:aa:92:f2:b5:da:07:ce:a8:ed:8e:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:11:00 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=8e4eb16eb0f7594a72ef2c6ec704a3021f54794e360a79fcd13782f8115d8f59, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ef:b6:36:88:4d:6d:30:7e:72:3d:f7:de:67:
98:0b:75:58:3e:1a:0b:80:0d:2d:36:67:bf:b9:a6:
4a:85:fe:ee:31:e6:14:8b:fd:a9:19:81:9e:02:0d:
d2:8c:cf:95:58:25:2c:ae:a8:ac:91:f4:f1:28:76:
dd:16:30:67:1e:e4:a3:02:15:50:42:da:e3:e1:89:
a8:75:1a:7c:a1:d3:63:cf:18:67:ba:ad:d6:16:c8:
df:66:03:bd:47:cf:91:1c:a8:13:1f:58:9b:7d:3f:
df:cc:2a:dd:fd:05:85:16:8d:ac:00:45:e0:a9:e2:
ed:41:6f:b4:2c:d8:73:03:58:6a:b9:9a:de:d1:45:
a1:05:9c:a0:ff:fb:c5:2d:2c:c4:94:2f:6a:ff:c9:
6d:7d:7b:8c:e9:6c:84:8c:83:af:07:dd:88:32:30:
3f:84:9b:55:06:7c:92:6c:78:e5:d0:ed:2c:54:aa:
a9:1a:ac:f5:bc:6c:4a:76:46:58:f2:70:a4:ec:af:
03:4d:e3:ce:2d:27:84:90:98:8f:36:57:ed:1f:f0:
94:eb:72:96:b3:7e:cc:ed:64:d2:24:b8:0e:e3:24:
fd:e4:1a:fa:48:3e:93:fd:8c:e9:90:f0:62:d1:4c:
05:77:79:ac:0e:db:7e:90:40:9e:12:48:ec:86:61:
82:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F0:DD:A8:8D:37:10:8C:C9:EC:A3:D4:2E:A8:8C:91:5C:95:28:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b24421e-edaf-49c6-9098-ab3ad0bd7a76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
b0:1c:30:68:2d:80:cc:d0:6b:35:92:61:57:0e:ad:94:4d:82:
42:06:da:f3:9b:c5:5d:68:5f:56:b6:39:42:6a:cf:d7:30:26:
53:bf:46:69:cf:c6:98:f3:b0:6d:df:a1:03:40:28:e2:3b:46:
8a:8e:00:11:89:23:7d:36:24:f4:63:17:b6:84:6c:66:3a:46:
53:f5:5e:58:72:04:8e:22:a1:06:5e:1a:4a:b8:76:33:fc:b8:
a7:d4:03:11:f7:ed:cb:95:47:af:1f:53:fc:de:07:6c:19:23:
99:00:1a:66:5a:41:ea:57:b9:29:b0:72:2c:f9:f8:ac:7b:b2:
f3:4c:a0:a8:fc:f5:1e:bc:8b:a1:7e:7e:ca:df:ff:c3:da:16:
0a:16:56:b1:fe:3c:bb:c4:dd:23:50:84:fa:b0:a8:c0:5c:b9:
a5:72:82:2e:62:67:39:f9:fc:bd:3c:b7:3d:fe:51:c2:86:02:
0c:0e:79:66:1c:ba:92:6a:8a:5b:1d:7b:4c:ae:88:c4:7c:45:
9a:98:8a:c3:03:9c:5e:de:dc:3e:53:37:64:af:2e:b8:9c:c8:
0b:0a:7d:09:75:33:07:71:fa:f3:23:f9:4d:5d:7c:f4:e4:39:
b4:88:6a:58:9b:5b:54:f0:e4:fd:e7:96:98:ea:a3:a1:9b:4d:
b8:e8:90:3f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVZbBDUR2H5mnqpLytdoHzqjtjrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTExMDBaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlNGViMTZlYjBmNzU5NGE3MmVmMmM2ZWM3MDRhMzAyMWY1NDc5NGUzNjBh
NzlmY2QxMzc4MmY4MTE1ZDhmNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDvtjaITW0wfnI9995nmAt1WD4aC4ANLTZnv7mmSoX+7jHmFIv9qRmBngIN
0ozPlVglLK6orJH08Sh23RYwZx7kowIVUELa4+GJqHUafKHTY88YZ7qt1hbI32YD
vUfPkRyoEx9Ym30/38wq3f0FhRaNrABF4Kni7UFvtCzYcwNYarma3tFFoQWcoP/7
xS0sxJQvav/JbX17jOlshIyDrwfdiDIwP4SbVQZ8kmx45dDtLFSqqRqs9bxsSnZG
WPJwpOyvA03jzi0nhJCYjzZX7R/wlOtylrN+zO1k0iS4DuMk/eQa+kg+k/2M6ZDw
YtFMBXd5rA7bfpBAnhJI7IZhgucCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTt8N2o
jTcQjMnso9QuqIyRXJUowjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWIyNDQyMWUtZWRhZi00OWM2LTkwOTgtYWIzYWQwYmQ3YTc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Fog
wDANBgkqhkiG9w0BAQsFAAOCAQEAsBwwaC2AzNBrNZJhVw6tlE2CQgba85vFXWhf
VrY5QmrP1zAmU79Gac/GmPOwbd+hA0Ao4jtGio4AEYkjfTYk9GMXtoRsZjpGU/Ve
WHIEjiKhBl4aSrh2M/y4p9QDEffty5VHrx9T/N4HbBkjmQAaZlpB6le5KbByLPn4
rHuy80ygqPz1HryLoX5+yt//w9oWChZWsf48u8TdI1CE+rCowFy5pXKCLmJnOfn8
vTy3Pf5RwoYCDA55Zhy6kmqKWx17TK6IxHxFmpiKwwOcXt7cPlM3ZK8uuJzICwp9
CXUzB3H68yP5TV189OQ5tIhqWJtbVPDk/eeWmOqjoZtNuOiQPw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:32 2026 by rpki-client