Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
File: 631196a4-90f5-4760-982e-15fbaf4805ec.roa (raw, json)
Hash identifier: g5N677WzyOSCH0M5ocIWQnPJPjlkEtrIi6O/Vkw9zWQ=
Subject key identifier: 44:DB:6D:13:F0:40:B7:13:8B:D1:92:4F:3B:AF:E3:27:DF:5D:4B:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 043ECA3ACE14F5CD4782ADCD65655F6D45D4CCB8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
Signing time: Sun 17 May 2026 02:00:05 +0000
ROA not before: Sun 17 May 2026 02:00:05 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:3e:ca:3a:ce:14:f5:cd:47:82:ad:cd:65:65:5f:6d:45:d4:cc:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:05 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=1c68d0f1162c85c99892e96a5955b07f4f6013bdbf179bb76ab4e3798d703413, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a5:4a:e5:cf:1d:ca:c5:20:fb:8b:8f:4d:f5:
ab:1f:f4:d9:99:65:0b:e2:a0:fd:37:6e:bf:36:39:
51:d3:88:52:39:51:a7:ac:da:44:79:db:a4:b2:b6:
3d:a9:0a:d6:82:30:27:ec:75:ff:f7:37:47:4a:b1:
b7:85:6d:02:f6:cb:ac:9f:7b:10:87:8a:af:c2:f7:
0e:0b:e8:d0:05:56:07:dc:8c:31:0a:39:1e:6c:af:
f9:26:1f:8b:73:e3:12:52:c1:f3:50:e3:14:a9:3a:
58:15:c9:cd:f5:00:3a:c2:78:0e:71:a5:e1:32:94:
9e:d8:0a:86:c7:48:d5:2a:04:06:67:fd:6f:8d:21:
e4:e8:0b:dd:cd:b2:94:72:b7:29:df:60:d9:31:e8:
3d:79:36:fe:b2:3a:fb:fb:dc:4d:d0:20:2a:db:33:
14:24:5c:c5:f3:f8:c3:01:b6:7f:66:93:cc:cc:e9:
8f:33:ec:49:98:60:b9:2e:f2:d9:51:9f:d5:12:f0:
57:7c:5c:4a:07:fa:62:75:92:73:1e:d5:e3:ee:98:
56:0f:fb:1d:f4:ed:86:14:17:63:34:e7:ba:65:79:
10:dc:40:ed:69:f0:76:38:25:47:42:35:b1:0c:c3:
14:5b:cb:9e:51:5e:4d:06:a5:61:9e:cb:ac:a2:54:
38:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:DB:6D:13:F0:40:B7:13:8B:D1:92:4F:3B:AF:E3:27:DF:5D:4B:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020:8000::/36
Signature Algorithm: sha256WithRSAEncryption
ba:33:7a:1a:23:f9:a4:d0:e6:ad:ba:77:48:ec:c7:76:9f:be:
2f:e1:62:8d:54:85:e7:2a:d8:6a:1c:34:72:ec:3a:c3:5a:c4:
7e:0b:ca:f6:36:f0:1f:b3:11:7c:b1:7f:15:f9:bc:75:9e:b4:
87:d9:d3:08:f9:8f:89:75:dc:78:13:2d:5d:43:24:3f:67:7c:
9a:59:8d:ce:d5:8e:4f:1d:a2:2e:c9:15:74:0d:4e:db:6d:ef:
42:c4:eb:2a:da:e9:c5:85:e0:da:38:a6:ec:59:16:a2:01:45:
b1:74:18:9b:f1:db:54:66:92:36:d9:59:cb:cc:44:97:a9:09:
7f:6b:e6:15:e7:77:d0:37:60:36:cc:ca:79:08:f0:bb:13:3f:
3d:aa:ea:ff:ad:04:d3:d2:49:6e:fd:7b:27:cc:b1:36:26:29:
48:cd:ec:c4:93:83:f4:72:5e:34:ec:8b:3e:1c:97:b6:a5:34:
12:b0:ef:7b:e9:a5:d1:e8:50:82:15:10:44:2a:0e:1b:4e:cf:
67:35:62:b7:0d:68:29:7b:db:3e:c0:ad:24:a3:dc:f5:21:5e:
51:a9:b3:36:18:af:eb:7b:8d:7e:2c:e2:9c:7a:d8:5c:ff:b2:
cd:f6:d1:91:9c:94:a8:9a:44:c2:3b:61:11:9f:fe:8b:e7:89:
a9:ff:ba:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBD7KOs4U9c1Hgq3NZWVfbUXUzLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDVaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjNjhkMGYxMTYyYzg1Yzk5ODkyZTk2YTU5NTViMDdmNGY2MDEzYmRiZjE3
OWJiNzZhYjRlMzc5OGQ3MDM0MTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOClSuXPHcrFIPuLj031qx/02ZllC+Kg/TduvzY5UdOIUjlRp6zaRHnbpLK2
PakK1oIwJ+x1//c3R0qxt4VtAvbLrJ97EIeKr8L3Dgvo0AVWB9yMMQo5Hmyv+SYf
i3PjElLB81DjFKk6WBXJzfUAOsJ4DnGl4TKUntgKhsdI1SoEBmf9b40h5OgL3c2y
lHK3Kd9g2THoPXk2/rI6+/vcTdAgKtszFCRcxfP4wwG2f2aTzMzpjzPsSZhguS7y
2VGf1RLwV3xcSgf6YnWScx7V4+6YVg/7HfTthhQXYzTnumV5ENxA7WnwdjglR0I1
sQzDFFvLnlFeTQalYZ7LrKJUOPUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRE220T
8EC3E4vRkk87r+Mn311LAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjMxMTk2YTQtOTBmNS00NzYwLTk4MmUtMTVmYmFmNDgwNWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CCA
MA0GCSqGSIb3DQEBCwUAA4IBAQC6M3oaI/mk0OatundI7Md2n74v4WKNVIXnKthq
HDRy7DrDWsR+C8r2NvAfsxF8sX8V+bx1nrSH2dMI+Y+Jddx4Ey1dQyQ/Z3yaWY3O
1Y5PHaIuyRV0DU7bbe9CxOsq2unFheDaOKbsWRaiAUWxdBib8dtUZpI22VnLzESX
qQl/a+YV53fQN2A2zMp5CPC7Ez89qur/rQTT0klu/XsnzLE2JilIzezEk4P0cl40
7Is+HJe2pTQSsO976aXR6FCCFRBEKg4bTs9nNWK3DWgpe9s+wK0ko9z1IV5RqbM2
GK/re41+LOKcethc/7LN9tGRnJSomkTCO2ERn/6L54mp/7oC
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:03 2026 by rpki-client