Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
File: 6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa (raw, json)
Hash identifier: 5RZKWxN9zhK7t769PZ4SZi/yUmzSb5v2bptTMhwkIss=
Subject key identifier: 2D:24:0F:31:8A:F0:86:1D:6C:25:6E:06:F2:25:E2:A9:4D:D9:68:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3551142EB50DFB1BB7CEB7F9FFB61388423382AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
Signing time: Tue 19 May 2026 05:30:14 +0000
ROA not before: Tue 19 May 2026 05:30:14 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:51:14:2e:b5:0d:fb:1b:b7:ce:b7:f9:ff:b6:13:88:42:33:82:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:14 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=61645040d4c761fe9a1fec9897bdfbd317d60d9a6977613a932cecb987235e18, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d2:d8:fa:f8:c8:87:d3:80:26:8c:7c:4e:25:
36:52:a3:25:e1:c8:81:2d:3e:02:91:f0:b1:1e:f2:
38:b5:4a:8a:ce:15:fb:6b:6c:6d:20:fe:a2:95:55:
39:e8:52:b5:8b:94:10:8c:58:f7:99:8f:7e:0a:dd:
ba:cb:2a:a7:3a:eb:13:64:14:77:5b:2c:ad:2d:54:
50:c4:5f:d5:3c:4c:f8:dc:af:93:5a:10:33:f3:8d:
53:70:ec:64:70:d3:dd:ba:a5:cf:e7:69:f3:ac:11:
5f:3d:24:d8:68:ac:fe:33:b5:05:41:b5:6c:31:4b:
22:1b:b6:22:d8:93:df:57:80:c3:b2:d0:a8:dd:fe:
64:36:74:28:8b:71:b5:34:b9:d7:46:76:cd:1d:5f:
75:f9:bf:f4:a7:74:32:e0:3c:5e:39:91:e3:09:1f:
d3:e6:0a:42:ec:10:f1:e7:9a:9e:a3:7c:25:85:c5:
52:bb:11:1d:69:50:29:9c:20:bf:9b:20:e7:82:e0:
79:80:61:50:97:a5:6c:2c:fd:fc:75:4a:10:f6:73:
b9:83:2b:fe:12:cd:a5:aa:95:3f:94:2f:07:eb:f2:
9d:0a:ca:34:dc:56:fb:58:7d:f8:f7:79:57:4a:11:
c8:7f:43:c8:47:8e:de:b1:57:af:30:9c:c6:9b:2d:
80:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:24:0F:31:8A:F0:86:1D:6C:25:6E:06:F2:25:E2:A9:4D:D9:68:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
9c:fa:40:95:9e:48:6e:41:04:53:a7:63:e5:61:41:4f:c8:bf:
a1:cc:85:3d:dc:51:94:3a:91:b7:12:83:d1:ee:be:85:0f:0e:
2f:bc:b0:02:db:ca:d2:80:56:0f:6c:ab:1e:fc:bc:95:5a:ea:
5a:72:f4:2b:96:cc:68:6f:de:ca:06:f7:39:cc:97:d7:f0:50:
81:b6:4b:a5:7b:34:d3:fd:22:59:a7:f7:1a:df:28:bf:14:9b:
09:e3:ef:e4:6c:ab:74:87:a1:0c:3b:71:b8:c8:ff:d8:96:c2:
00:73:17:5d:b7:bb:28:6a:2b:e9:bd:f3:2c:12:45:97:d4:25:
33:ec:d7:2c:2d:bb:a3:50:fa:0d:49:a6:0d:ef:59:cf:b1:9b:
e0:50:a6:a5:d2:c9:e4:4f:bd:bb:5b:85:b6:38:87:0b:22:5b:
2f:26:b7:2a:55:b7:30:4c:86:bc:22:76:93:02:3b:a1:e2:45:
c7:da:d3:62:b6:5b:80:dd:92:c4:29:2a:50:c5:a0:29:58:c7:
5c:b8:be:63:de:2f:e2:e2:5a:2f:40:e4:1c:f3:4c:6f:06:db:
7a:b6:3b:8a:12:f1:9d:8e:ee:b3:47:c7:e9:4a:b0:7e:b0:49:
bb:57:a0:e4:3a:fa:7f:0c:e3:91:34:5b:5a:47:35:28:1f:ee:
f4:b1:58:7e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNVEULrUN+xu3zrf5/7YTiEIzgq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxNjQ1MDQwZDRjNzYxZmU5YTFmZWM5ODk3YmRmYmQzMTdkNjBkOWE2OTc3
NjEzYTkzMmNlY2I5ODcyMzVlMTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbS2Pr4yIfTgCaMfE4lNlKjJeHIgS0+ApHwsR7yOLVKis4V+2tsbSD+opVV
OehStYuUEIxY95mPfgrdussqpzrrE2QUd1ssrS1UUMRf1TxM+Nyvk1oQM/ONU3Ds
ZHDT3bqlz+dp86wRXz0k2Gis/jO1BUG1bDFLIhu2ItiT31eAw7LQqN3+ZDZ0KItx
tTS510Z2zR1fdfm/9Kd0MuA8XjmR4wkf0+YKQuwQ8eeanqN8JYXFUrsRHWlQKZwg
v5sg54LgeYBhUJelbCz9/HVKEPZzuYMr/hLNpaqVP5QvB+vynQrKNNxW+1h9+Pd5
V0oRyH9DyEeO3rFXrzCcxpstgNsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQtJA8x
ivCGHWwlbgbyJeKpTdlojzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU1OGZhMTctMGNmYy00YTA2LThkNDgtNDdkOTZjMGQ0OWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQCc+kCVnkhuQQRTp2PlYUFPyL+hzIU93FGUOpG3
EoPR7r6FDw4vvLAC28rSgFYPbKse/LyVWupacvQrlsxob97KBvc5zJfX8FCBtkul
ezTT/SJZp/ca3yi/FJsJ4+/kbKt0h6EMO3G4yP/YlsIAcxddt7soaivpvfMsEkWX
1CUz7NcsLbujUPoNSaYN71nPsZvgUKal0snkT727W4W2OIcLIlsvJrcqVbcwTIa8
InaTAjuh4kXH2tNitluA3ZLEKSpQxaApWMdcuL5j3i/i4lovQOQc80xvBtt6tjuK
EvGdju6zR8fpSrB+sEm7V6DkOvp/DOORNFtaRzUoH+70sVh+
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:05 2026 by rpki-client