Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
File: 5fe931ae-e353-437d-9738-79004c5e9188.roa (raw, json)
Hash identifier: gfM5cy5dKUroFsGgoFG8/9v52ERd2xjI8I0wTZxbbRE=
Subject key identifier: 88:E5:86:24:BE:4B:52:50:D0:3E:D3:74:54:98:55:11:5A:AB:4B:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AB7745D741060C9007D46C04434D307FB17B78E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
Signing time: Tue 19 May 2026 05:40:08 +0000
ROA not before: Tue 19 May 2026 05:40:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:b7:74:5d:74:10:60:c9:00:7d:46:c0:44:34:d3:07:fb:17:b7:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=537c41387d9778a0982715e3d033afb9446fcc690cb6cb1ff9ba4c7b03349845, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1f:48:89:e5:5f:f3:f8:b6:37:9e:32:fd:ff:
bb:c1:da:a4:de:b5:24:02:c0:f6:46:10:f5:46:78:
c0:ea:02:8c:47:c4:5b:14:83:d8:d9:87:ee:74:66:
9d:c0:b0:64:9f:4a:74:7b:88:e7:51:62:b8:ac:3a:
3d:aa:1a:68:c2:ec:f5:24:db:20:78:12:e9:7a:7b:
e1:45:09:ef:06:96:c6:26:ac:65:b1:3c:ef:72:cf:
fc:53:ff:a7:0b:9f:21:53:9a:8d:86:23:c9:0b:74:
af:a2:53:02:b4:42:a7:04:36:a3:dd:33:a4:80:72:
5b:e9:27:22:ac:40:e6:d4:64:c1:04:db:b7:e7:41:
2f:ce:2c:de:40:54:20:0a:f2:e2:60:b0:ad:d2:3c:
ad:df:9c:3f:96:f8:3f:40:77:7a:0b:00:60:1c:5f:
23:f8:91:e8:7f:9c:0b:6a:82:ba:c5:5a:c3:73:f9:
1c:a2:fc:ed:fe:11:71:60:cd:bc:f9:e0:45:17:e4:
5c:ae:a0:f1:65:36:6b:fa:0b:6a:04:a1:ec:7b:aa:
ee:1c:39:cf:59:87:a2:36:f4:ca:c8:90:21:b0:48:
59:de:84:d4:54:66:d0:64:c4:87:93:a8:d8:20:c5:
b8:3d:d7:a1:62:6d:1c:65:9c:1d:61:da:fc:1e:2f:
56:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E5:86:24:BE:4B:52:50:D0:3E:D3:74:54:98:55:11:5A:AB:4B:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:c000::/40
Signature Algorithm: sha256WithRSAEncryption
57:c1:36:c1:d6:35:b4:cf:8c:f9:73:d8:c6:96:52:1f:8b:9f:
a7:1c:9a:f7:c4:7a:3f:fa:2d:3e:da:5c:b8:07:b6:b2:bd:05:
f8:8c:ee:9c:14:30:64:fd:d6:75:16:2c:9d:d7:bf:95:a3:a3:
1f:2f:25:06:5d:4d:1a:99:1f:cb:27:f3:79:76:4d:1f:c5:4d:
a4:c1:ce:3c:21:35:4c:ed:3b:9e:33:41:f5:ac:eb:a9:e6:f7:
e0:ee:6a:a2:c8:b7:d2:f7:cd:b6:3f:c6:b9:33:c9:15:1a:69:
cd:4e:96:11:5f:91:97:d5:ca:21:71:86:64:35:07:bb:4c:84:
0c:79:54:c1:9e:c8:69:91:1d:14:85:58:5a:9f:10:67:bb:cf:
a5:bc:27:96:05:62:b4:9f:62:91:b2:13:1b:75:45:01:17:24:
1a:c9:96:d0:a5:50:bd:dc:68:b7:f0:51:04:29:7d:70:28:66:
9e:fe:54:74:7a:8e:15:9d:4c:7d:b7:e2:ef:4b:5c:c1:83:d3:
3d:97:6b:c2:5d:19:34:49:cd:1f:3b:e0:17:9f:a1:af:5f:cb:
f7:d4:0d:ec:3a:f9:23:19:da:65:08:19:c3:e6:e8:fe:a4:ef:
59:4e:ae:8f:38:f9:d6:a6:0d:57:d1:8b:c0:41:a5:97:b6:ed:
db:2b:f3:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUard0XXQQYMkAfUbARDTTB/sXt44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzN2M0MTM4N2Q5Nzc4YTA5ODI3MTVlM2QwMzNhZmI5NDQ2ZmNjNjkwY2I2
Y2IxZmY5YmE0YzdiMDMzNDk4NDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsfSInlX/P4tjeeMv3/u8HapN61JALA9kYQ9UZ4wOoCjEfEWxSD2NmH7nRm
ncCwZJ9KdHuI51FiuKw6PaoaaMLs9STbIHgS6Xp74UUJ7waWxiasZbE873LP/FP/
pwufIVOajYYjyQt0r6JTArRCpwQ2o90zpIByW+knIqxA5tRkwQTbt+dBL84s3kBU
IAry4mCwrdI8rd+cP5b4P0B3egsAYBxfI/iR6H+cC2qCusVaw3P5HKL87f4RcWDN
vPngRRfkXK6g8WU2a/oLagSh7Huq7hw5z1mHojb0ysiQIbBIWd6E1FRm0GTEh5Oo
2CDFuD3XoWJtHGWcHWHa/B4vVv8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSI5YYk
vktSUNA+03RUmFURWqtLTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWZlOTMxYWUtZTM1My00MzdkLTk3MzgtNzkwMDRjNWU5MTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXwTbB1jW0z4z5c9jGllIfi5+nHJr3xHo/+i0+
2ly4B7ayvQX4jO6cFDBk/dZ1Fiyd17+Vo6MfLyUGXU0amR/LJ/N5dk0fxU2kwc48
ITVM7TueM0H1rOup5vfg7mqiyLfS9822P8a5M8kVGmnNTpYRX5GX1cohcYZkNQe7
TIQMeVTBnshpkR0UhVhanxBnu8+lvCeWBWK0n2KRshMbdUUBFyQayZbQpVC93Gi3
8FEEKX1wKGae/lR0eo4VnUx9t+LvS1zBg9M9l2vCXRk0Sc0fO+AXn6GvX8v31A3s
OvkjGdplCBnD5uj+pO9ZTq6POPnWpg1X0YvAQaWXtu3bK/Mk
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:16 2026 by rpki-client