Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
File: 60b690d0-a362-4547-bf57-d14f49f40869.roa (raw, json)
Hash identifier: HYWxJxZdSMlvFilpnorwHnWnjnMQfOWnQE9Ogf0fn9Q=
Subject key identifier: 60:FB:BD:56:5D:8D:47:CE:DE:62:12:4D:6B:E8:86:02:4F:7C:BB:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FA37ED5536489BAEE0DD9FCE3A782FC10A51A91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
Signing time: Tue 19 May 2026 04:40:06 +0000
ROA not before: Tue 19 May 2026 04:40:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:a3:7e:d5:53:64:89:ba:ee:0d:d9:fc:e3:a7:82:fc:10:a5:1a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b9d04d9ba0478fd0c37b5a58c2ceed84f86d0e847a5cfb7455f69756f9f2c8ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:85:8c:9b:2d:2d:27:f9:e0:9f:f2:7b:44:5c:
d2:54:7a:11:1e:61:87:97:63:9c:87:db:84:16:d0:
28:69:01:36:30:2c:a5:61:fb:0c:c8:41:fc:70:df:
7e:88:f7:17:da:fe:29:61:5b:01:bc:ac:bb:11:8a:
80:bf:dd:04:ed:1e:4c:77:09:2d:88:37:fa:b7:55:
8a:3e:0a:cc:1f:82:41:06:8d:01:df:61:13:eb:ec:
56:b7:15:de:d3:02:7c:00:83:9a:6e:ca:76:37:ae:
f7:ed:ca:ed:42:e3:eb:7f:61:7b:fb:cb:55:9e:47:
fa:e7:52:ee:db:b2:23:40:ce:ae:98:21:77:1b:79:
56:b5:78:f3:a1:8e:fb:a0:1f:b7:a5:f3:e7:d9:7b:
88:3c:51:12:41:cb:6c:20:cb:c5:69:01:94:cc:7f:
be:2b:a2:e3:59:a0:51:ea:d3:a5:79:19:71:eb:a4:
48:2e:f6:c9:94:b8:cd:75:a2:ae:77:da:32:9d:4f:
ed:14:c6:f9:2b:4e:e3:fc:5e:90:27:8a:da:5d:38:
e4:29:af:ae:6a:b8:68:0f:5c:59:cb:47:9f:3c:4a:
28:ce:62:0e:13:3d:93:2c:f3:12:17:f1:15:8f:52:
23:10:4e:3b:69:f4:7c:4b:c4:f5:eb:ef:2f:21:b1:
5b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FB:BD:56:5D:8D:47:CE:DE:62:12:4D:6B:E8:86:02:4F:7C:BB:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:400::/38
Signature Algorithm: sha256WithRSAEncryption
85:11:05:00:3f:8d:2e:08:ec:e4:2f:c2:e2:28:97:1f:7f:cf:
b5:8f:89:b4:f4:30:8c:d7:c2:d5:70:e5:01:0b:12:e4:f8:27:
ff:f1:f2:09:70:11:c0:c8:b4:50:a1:ce:06:12:8d:5b:ca:c2:
89:7d:ea:4c:31:ab:51:2e:16:25:3b:1b:26:c2:01:09:48:8c:
81:0e:34:10:e8:d6:15:97:05:bf:a4:3e:15:e6:a5:07:89:1b:
94:3b:bc:df:dc:a5:5e:11:c1:7a:02:30:4b:4b:50:1e:c5:af:
43:5d:7b:ff:45:9f:f3:e5:75:7d:58:9f:f0:ee:a0:4c:e0:05:
2d:55:8c:3b:50:97:51:a5:25:e1:82:68:11:43:6f:26:4e:ee:
c7:34:2a:37:9e:19:c7:cc:ff:90:15:78:cd:b3:c5:15:1a:bd:
e8:72:26:b2:12:6f:6e:10:ef:01:60:8b:00:3a:1f:b5:21:36:
be:80:e8:b5:7f:8b:fe:69:2b:49:97:a5:ce:b0:13:4d:2f:4e:
ee:c3:ef:51:86:32:f8:82:11:8a:ef:27:e9:0a:12:cb:e6:a0:
c0:d7:b1:7d:9f:db:33:aa:aa:ac:fd:07:97:9a:0a:77:c3:ac:
ae:7b:6b:6c:db:6b:23:8c:4b:f3:ab:33:46:b3:e3:2d:64:d9:
f0:96:70:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP6N+1VNkibruDdn846eC/BClGpEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5ZDA0ZDliYTA0NzhmZDBjMzdiNWE1OGMyY2VlZDg0Zjg2ZDBlODQ3YTVj
ZmI3NDU1ZjY5NzU2ZjlmMmM4ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOFjJstLSf54J/ye0Rc0lR6ER5hh5djnIfbhBbQKGkBNjAspWH7DMhB/HDf
foj3F9r+KWFbAbysuxGKgL/dBO0eTHcJLYg3+rdVij4KzB+CQQaNAd9hE+vsVrcV
3tMCfACDmm7Kdjeu9+3K7ULj639he/vLVZ5H+udS7tuyI0DOrpghdxt5VrV486GO
+6Aft6Xz59l7iDxREkHLbCDLxWkBlMx/viui41mgUerTpXkZceukSC72yZS4zXWi
rnfaMp1P7RTG+StO4/xekCeK2l045Cmvrmq4aA9cWctHnzxKKM5iDhM9kyzzEhfx
FY9SIxBOO2n0fEvE9evvLyGxW2MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRg+71W
XY1Hzt5iEk1r6IYCT3y7jDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBiNjkwZDAtYTM2Mi00NTQ3LWJmNTctZDE0ZjQ5ZjQwODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgE
MA0GCSqGSIb3DQEBCwUAA4IBAQCFEQUAP40uCOzkL8LiKJcff8+1j4m09DCM18LV
cOUBCxLk+Cf/8fIJcBHAyLRQoc4GEo1bysKJfepMMatRLhYlOxsmwgEJSIyBDjQQ
6NYVlwW/pD4V5qUHiRuUO7zf3KVeEcF6AjBLS1Aexa9DXXv/RZ/z5XV9WJ/w7qBM
4AUtVYw7UJdRpSXhgmgRQ28mTu7HNCo3nhnHzP+QFXjNs8UVGr3ociayEm9uEO8B
YIsAOh+1ITa+gOi1f4v+aStJl6XOsBNNL07uw+9RhjL4ghGK7yfpChLL5qDA17F9
n9szqqqs/QeXmgp3w6yue2ts22sjjEvzqzNGs+MtZNnwlnB8
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:28 2026 by rpki-client