Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
File: 5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa (raw, json)
Hash identifier: 8yCmTBcYPdmGBpanMlKcacl+bqEUnYo5/gPL5ABFg8Y=
Subject key identifier: 86:03:7E:C4:CA:3F:F3:2A:01:6A:C2:A7:FF:82:D9:CE:03:6B:DC:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D48EBE1F8E8CE45BD99F22C4FEFE768A97FEB82
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
Signing time: Tue 19 May 2026 05:20:19 +0000
ROA not before: Tue 19 May 2026 05:20:19 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:48:eb:e1:f8:e8:ce:45:bd:99:f2:2c:4f:ef:e7:68:a9:7f:eb:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:19 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=6fb237d8c79ed5f8610ceeafe1de7c113d7e9c0d34a0f3dc286bb78a2866ef88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:da:be:f8:f8:79:4a:19:c9:70:97:5e:32:d5:
1b:0b:6e:0a:b0:f7:c8:a0:5b:eb:d3:0b:3f:49:29:
cf:cd:d2:a5:8b:f4:bc:04:61:e2:90:33:9f:c0:ad:
ae:79:60:3f:a1:c7:46:e0:c8:c8:ab:7b:62:f0:9e:
3a:43:ef:97:f5:f4:b8:af:94:2d:fd:be:40:42:50:
cd:ed:db:a2:7d:95:df:6f:a3:56:3c:a2:fc:f7:26:
b6:8f:fb:9a:34:c3:5e:1d:06:ae:8d:24:3e:03:bc:
22:3e:10:d1:b0:2c:ed:90:8e:33:fd:eb:f6:ad:71:
d0:76:f8:43:9e:07:48:f1:1e:f1:cd:a3:70:96:99:
a2:2c:5e:92:6b:c1:d2:3f:fb:cf:41:c4:78:7c:1f:
88:11:06:ac:f5:db:7e:1c:a8:08:62:90:d6:15:d5:
20:59:c3:db:9d:24:4e:46:a9:72:0b:9c:cf:14:8b:
1d:6a:ef:b6:09:95:26:6e:d9:fc:6f:65:f6:80:07:
49:ca:96:9c:a4:2b:41:30:2f:7c:4a:2a:8b:f3:c9:
ec:45:df:0d:0d:8f:9f:0a:de:bf:51:fc:76:52:8c:
58:12:ef:1c:f8:1d:d3:ea:8d:3d:ee:f4:2c:6d:0a:
63:fe:d2:62:58:1f:87:4a:90:3f:d0:2c:51:d3:42:
b6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:03:7E:C4:CA:3F:F3:2A:01:6A:C2:A7:FF:82:D9:CE:03:6B:DC:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
70:63:93:f7:ba:c7:2d:b6:f6:a8:44:22:b2:07:c4:45:dc:a5:
b7:da:09:4c:93:4c:10:64:25:6b:90:81:90:a9:2b:9a:19:18:
b1:41:d4:66:89:25:75:c3:33:c9:96:4d:e9:ad:b3:91:91:4d:
3e:2f:aa:0c:6c:fd:f0:38:4e:f0:a8:d5:e5:02:e5:f7:18:58:
64:79:67:98:10:d4:4a:d9:7f:6c:58:a0:b8:88:30:1c:ec:0b:
97:3f:a8:2a:31:c8:97:3a:f4:ab:dd:e0:92:9c:90:cc:55:fc:
1b:34:bd:bd:a6:19:f4:68:8f:4f:83:6f:48:cc:a4:76:9f:7e:
22:a0:73:61:0b:8e:bb:21:0b:41:14:95:45:27:c4:f9:e3:4b:
b5:16:38:e5:4f:11:b8:cd:73:4d:87:70:cc:94:54:cf:50:1d:
db:f3:37:99:91:76:ca:a8:15:96:7f:56:53:eb:e3:a3:38:15:
90:12:76:2f:ad:4f:fe:44:66:be:d0:c1:08:c9:1e:5d:79:0b:
c0:d8:7a:de:d5:d1:82:b9:d3:92:30:52:b2:49:27:20:c9:58:
e5:a9:7f:34:ce:d0:39:86:ff:39:57:30:05:ac:f1:59:5b:45:
81:60:8c:c2:43:4e:c2:a5:02:3c:ac:5d:28:32:a1:45:c7:ae:
69:7f:95:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHUjr4fjozkW9mfIsT+/naKl/64IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmYjIzN2Q4Yzc5ZWQ1Zjg2MTBjZWVhZmUxZGU3YzExM2Q3ZTljMGQzNGEw
ZjNkYzI4NmJiNzhhMjg2NmVmODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTavvj4eUoZyXCXXjLVGwtuCrD3yKBb69MLP0kpz83SpYv0vARh4pAzn8Ct
rnlgP6HHRuDIyKt7YvCeOkPvl/X0uK+ULf2+QEJQze3bon2V32+jVjyi/Pcmto/7
mjTDXh0Gro0kPgO8Ij4Q0bAs7ZCOM/3r9q1x0Hb4Q54HSPEe8c2jcJaZoixekmvB
0j/7z0HEeHwfiBEGrPXbfhyoCGKQ1hXVIFnD250kTkapcguczxSLHWrvtgmVJm7Z
/G9l9oAHScqWnKQrQTAvfEoqi/PJ7EXfDQ2Pnwrev1H8dlKMWBLvHPgd0+qNPe70
LG0KY/7SYlgfh0qQP9AsUdNCtlkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGA37E
yj/zKgFqwqf/gtnOA2vcyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQ4ZTgzMWUtNGQ2MS00NDliLWE1MzItYTFkZDlkNzQzYWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hog
MA0GCSqGSIb3DQEBCwUAA4IBAQBwY5P3uscttvaoRCKyB8RF3KW32glMk0wQZCVr
kIGQqSuaGRixQdRmiSV1wzPJlk3prbORkU0+L6oMbP3wOE7wqNXlAuX3GFhkeWeY
ENRK2X9sWKC4iDAc7AuXP6gqMciXOvSr3eCSnJDMVfwbNL29phn0aI9Pg29IzKR2
n34ioHNhC467IQtBFJVFJ8T540u1FjjlTxG4zXNNh3DMlFTPUB3b8zeZkXbKqBWW
f1ZT6+OjOBWQEnYvrU/+RGa+0MEIyR5deQvA2Hre1dGCudOSMFKySScgyVjlqX80
ztA5hv85VzAFrPFZW0WBYIzCQ07CpQI8rF0oMqFFx65pf5Uf
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:32 2026 by rpki-client