Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/85151a34-1ac3-4b9b-801b-33bd153ac88d.roa
File: 85151a34-1ac3-4b9b-801b-33bd153ac88d.roa (raw, json)
Hash identifier: yOfPsnBHYXkOvJBjEaI0Lh8h9e50QQEFCVIkWdxGn3Q=
Subject key identifier: 28:37:6D:CD:26:B2:07:4B:12:FC:0D:36:36:2A:9E:D0:86:9A:3F:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 555B97CC46AFFC2A1B098E6C3CC62AD2A5D401E9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/85151a34-1ac3-4b9b-801b-33bd153ac88d.roa
Signing time: Tue 19 May 2026 04:50:51 +0000
ROA not before: Tue 19 May 2026 04:50:51 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:5b:97:cc:46:af:fc:2a:1b:09:8e:6c:3c:c6:2a:d2:a5:d4:01:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:51 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=3f864c09c243981f5a56a0c4b796322dc14225a5f8e70c81886cc17c71ae29db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9f:09:36:8b:4f:23:03:ca:a9:55:32:c4:70:
69:6c:33:c4:ce:65:d8:1f:e8:2c:8e:08:81:55:cd:
9d:c5:c5:27:e5:ef:6f:09:ce:fb:f4:21:aa:8f:a2:
34:98:96:39:01:0c:4a:ba:6a:70:a4:70:48:75:2e:
f9:42:ea:0f:af:6a:1e:d9:ef:70:72:12:25:88:33:
27:2c:31:ec:8a:1b:f0:e1:1a:b1:e8:bb:be:a7:94:
ac:73:d3:9c:f7:0d:64:da:88:09:34:8e:0c:87:51:
05:e1:b8:f7:22:22:8b:4a:24:65:b3:ab:5c:c4:7a:
1b:0f:68:72:48:4c:4c:89:7e:43:ad:c1:1c:3c:d3:
76:b0:27:1b:17:09:b8:1b:6d:ec:5f:8e:c8:01:a6:
cb:1b:7d:b1:77:5b:2e:e5:19:c4:d8:41:73:81:9c:
73:bf:20:df:74:d3:96:7e:de:1a:b1:d0:5a:04:c5:
8a:5e:20:05:63:49:cb:ed:b5:2a:1f:ab:54:cb:72:
fa:fc:a2:b5:7d:fe:26:44:4c:c4:e5:e4:70:dc:29:
60:47:ee:6f:7d:e7:ae:96:5d:f7:66:03:7e:31:0b:
23:2e:41:e5:b2:d8:e4:9a:eb:cb:d9:fd:0a:13:b9:
55:56:a6:be:6f:3c:c7:37:68:6a:60:6d:4a:f1:05:
df:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:37:6D:CD:26:B2:07:4B:12:FC:0D:36:36:2A:9E:D0:86:9A:3F:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/85151a34-1ac3-4b9b-801b-33bd153ac88d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:1000::/40
Signature Algorithm: sha256WithRSAEncryption
8a:0c:8c:2c:1a:68:92:3a:71:d5:55:6c:3c:5e:1f:d2:bf:59:
3c:b0:0d:d2:a1:42:a9:1c:5e:b8:c2:ef:d0:3a:de:e4:70:75:
94:9a:8e:d3:1a:2e:09:24:1f:79:4e:c6:07:62:ec:f5:ee:72:
a5:34:cf:d3:30:a2:be:7e:1a:ae:6c:b1:33:3e:d1:c5:7a:24:
96:68:77:2e:8f:16:af:5b:f6:54:66:69:4b:18:5b:ea:09:ba:
1e:79:cf:90:e6:c1:dc:4d:0d:67:61:80:4f:4a:22:88:7d:dc:
a8:57:2e:ad:42:e1:87:e0:45:bd:26:2e:d2:b7:95:2d:a8:30:
d8:25:25:f7:de:b4:c4:97:f4:50:56:1e:0a:46:73:16:ac:d1:
48:37:74:3e:34:ae:7b:30:57:26:85:22:61:92:ca:39:dd:5c:
56:1e:f5:66:e9:48:5a:f8:c9:7e:ec:3c:d1:54:78:90:cd:68:
c3:f4:78:a1:05:55:90:e0:d2:37:34:cf:8e:b2:0a:a7:7a:37:
9c:ef:8e:c9:7b:d5:31:05:83:6f:27:23:c9:b4:4e:46:d6:d3:
af:f6:37:af:ec:f4:04:e3:35:37:cc:e5:00:e8:75:31:21:06:
18:a7:c8:fd:30:5e:97:e2:a4:6a:07:0f:d5:92:5d:05:09:00:
dd:de:81:a5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVVuXzEav/CobCY5sPMYq0qXUAekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwNTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmODY0YzA5YzI0Mzk4MWY1YTU2YTBjNGI3OTYzMjJkYzE0MjI1YTVmOGU3
MGM4MTg4NmNjMTdjNzFhZTI5ZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmfCTaLTyMDyqlVMsRwaWwzxM5l2B/oLI4IgVXNncXFJ+XvbwnO+/Qhqo+i
NJiWOQEMSrpqcKRwSHUu+ULqD69qHtnvcHISJYgzJywx7Iob8OEasei7vqeUrHPT
nPcNZNqICTSODIdRBeG49yIii0okZbOrXMR6Gw9ockhMTIl+Q63BHDzTdrAnGxcJ
uBtt7F+OyAGmyxt9sXdbLuUZxNhBc4Gcc78g33TTln7eGrHQWgTFil4gBWNJy+21
Kh+rVMty+vyitX3+JkRMxOXkcNwpYEfub33nrpZd92YDfjELIy5B5bLY5Jrry9n9
ChO5VVamvm88xzdoamBtSvEF36sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoN23N
JrIHSxL8DTY2Kp7Qhpo/YTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODUxNTFhMzQtMWFjMy00YjliLTgwMWItMzNiZDE1M2FjODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCKDIwsGmiSOnHVVWw8Xh/Sv1k8sA3SoUKpHF64
wu/QOt7kcHWUmo7TGi4JJB95TsYHYuz17nKlNM/TMKK+fhqubLEzPtHFeiSWaHcu
jxavW/ZUZmlLGFvqCboeec+Q5sHcTQ1nYYBPSiKIfdyoVy6tQuGH4EW9Ji7St5Ut
qDDYJSX33rTEl/RQVh4KRnMWrNFIN3Q+NK57MFcmhSJhkso53VxWHvVm6Uha+Ml+
7DzRVHiQzWjD9HihBVWQ4NI3NM+Osgqnejec747Je9UxBYNvJyPJtE5G1tOv9jev
7PQE4zU3zOUA6HUxIQYYp8j9MF6X4qRqBw/Vkl0FCQDd3oGl
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:05 2026 by rpki-client