Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
File: 68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa (raw, json)
Hash identifier: F3aryPBAkmr0R79EiDpe/BbXNBpaH4h8ORHCmKj+C4U=
Subject key identifier: 51:77:1E:0D:A8:CB:7E:9C:EF:36:41:93:14:1F:41:47:0E:65:4A:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58E0B45DDE338218648BD0853A33B3A44F3BD5B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
Signing time: Tue 19 May 2026 05:00:55 +0000
ROA not before: Tue 19 May 2026 05:00:55 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:e0:b4:5d:de:33:82:18:64:8b:d0:85:3a:33:b3:a4:4f:3b:d5:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:55 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f3830f25df7a8e0f0056ece954888a05d46acc0774627dfc00e1d8fd6c1f8231, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0e:79:a8:00:03:5e:74:c1:de:9d:05:99:aa:
be:81:3c:a8:fe:a0:bf:4a:0a:5f:ca:54:a2:c9:a7:
84:de:bf:55:0b:4d:e0:5a:c5:53:e6:d5:82:a5:63:
47:2e:84:66:ed:ed:e1:c4:86:3e:b9:bb:9e:f6:27:
4f:16:21:ff:17:21:1f:c0:01:3a:87:f4:ec:89:b0:
a4:8f:dd:cd:81:24:84:c8:56:5a:6e:b9:37:36:86:
41:e4:d3:46:82:20:84:8d:1b:65:7d:3e:7f:45:68:
67:cc:dd:b0:16:19:ff:6e:cd:35:a0:1c:d1:d9:ed:
10:26:6d:31:8a:c8:86:b6:1e:ff:d4:d8:fd:df:27:
bc:57:d1:5f:71:87:e2:89:2b:2a:ee:fe:44:c6:48:
8e:56:53:78:2d:d4:d7:19:df:e0:15:4d:5e:04:a1:
17:6c:a1:dc:95:a7:9d:1c:4a:db:4c:8b:02:7a:01:
2f:87:92:e3:32:9b:7e:08:f8:7f:40:32:83:e4:43:
d5:9c:19:a7:68:8e:7b:42:58:09:20:ad:c6:5c:08:
e6:fc:e0:51:0e:02:05:6a:18:60:d2:90:1f:ad:7d:
9f:5e:94:30:10:11:7d:08:29:17:ff:2c:fb:8d:a0:
73:c5:d9:74:ae:d6:9e:7c:00:50:41:8b:ef:b8:15:
bd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:77:1E:0D:A8:CB:7E:9C:EF:36:41:93:14:1F:41:47:0E:65:4A:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:a000::/40
Signature Algorithm: sha256WithRSAEncryption
94:78:c4:9d:fb:83:4c:9f:14:d1:cb:ed:a1:84:1a:72:65:e1:
3f:5e:b4:4e:2b:64:dc:21:13:15:7e:1b:0f:ca:c5:d1:fd:2d:
0d:08:6d:b1:a5:21:93:9e:6b:6e:0e:9b:16:87:c3:1f:13:ed:
31:3c:64:b6:ab:d0:c6:41:f3:f8:81:4f:de:3c:9f:ab:bd:8e:
b5:80:4e:73:ae:2a:61:7c:ff:ba:70:b3:66:46:5c:67:4e:65:
69:af:f9:12:f3:c3:c5:0a:1a:ca:22:f6:7f:28:78:a7:5a:54:
25:24:ab:d4:63:24:50:d7:87:12:54:a9:80:0c:6c:51:a8:63:
0b:8b:a1:4a:64:f7:94:a2:41:09:14:64:2d:9a:65:53:29:5c:
4d:9c:8e:40:58:c9:7f:e1:0b:fe:6d:d5:f1:e8:67:17:e3:19:
1a:e6:11:be:dd:10:49:ca:82:6a:7c:77:eb:e7:cb:2f:f9:c3:
57:eb:e2:2a:ee:44:30:9c:67:c0:67:cf:58:00:0e:93:ca:ed:
1a:58:f9:36:e5:fd:59:f5:3e:6b:fb:ba:ff:ed:2f:e0:e8:e1:
2f:46:97:b0:29:1b:a1:81:34:21:c6:d9:11:dc:1b:ad:94:69:
ea:1f:6a:5d:22:3a:87:f7:8c:89:79:d9:10:8b:82:14:1b:6c:
09:49:ec:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWOC0Xd4zghhki9CFOjOzpE871bQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNTVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzODMwZjI1ZGY3YThlMGYwMDU2ZWNlOTU0ODg4YTA1ZDQ2YWNjMDc3NDYy
N2RmYzAwZTFkOGZkNmMxZjgyMzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMOeagAA150wd6dBZmqvoE8qP6gv0oKX8pUosmnhN6/VQtN4FrFU+bVgqVj
Ry6EZu3t4cSGPrm7nvYnTxYh/xchH8ABOof07ImwpI/dzYEkhMhWWm65NzaGQeTT
RoIghI0bZX0+f0VoZ8zdsBYZ/27NNaAc0dntECZtMYrIhrYe/9TY/d8nvFfRX3GH
4okrKu7+RMZIjlZTeC3U1xnf4BVNXgShF2yh3JWnnRxK20yLAnoBL4eS4zKbfgj4
f0Ayg+RD1ZwZp2iOe0JYCSCtxlwI5vzgUQ4CBWoYYNKQH619n16UMBARfQgpF/8s
+42gc8XZdK7WnnwAUEGL77gVvc8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRdx4N
qMt+nO82QZMUH0FHDmVKTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhkNWQ5MzQtZmVkNi00OWE1LWFlMDMtYTI4YTU4NmU5YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fig
MA0GCSqGSIb3DQEBCwUAA4IBAQCUeMSd+4NMnxTRy+2hhBpyZeE/XrROK2TcIRMV
fhsPysXR/S0NCG2xpSGTnmtuDpsWh8MfE+0xPGS2q9DGQfP4gU/ePJ+rvY61gE5z
riphfP+6cLNmRlxnTmVpr/kS88PFChrKIvZ/KHinWlQlJKvUYyRQ14cSVKmADGxR
qGMLi6FKZPeUokEJFGQtmmVTKVxNnI5AWMl/4Qv+bdXx6GcX4xka5hG+3RBJyoJq
fHfr58sv+cNX6+Iq7kQwnGfAZ89YAA6Tyu0aWPk25f1Z9T5r+7r/7S/g6OEvRpew
KRuhgTQhxtkR3ButlGnqH2pdIjqH94yJedkQi4IUG2wJSewk
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:49 2026 by rpki-client