Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
File: 8a06e909-5227-47d9-a58c-be623a2a4cad.roa (raw, json)
Hash identifier: fhSvgS4qab6AvLlz/LLeFR2H+8eGBiuB0c7uoymFlzA=
Subject key identifier: 84:C4:85:45:9E:6B:DE:C6:B7:F4:39:BB:27:1F:53:9E:90:6E:A6:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54D510F2190FE73AA24D51D98D69AF7F4B7B8487
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
Signing time: Tue 19 May 2026 05:21:00 +0000
ROA not before: Tue 19 May 2026 05:21:00 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:d5:10:f2:19:0f:e7:3a:a2:4d:51:d9:8d:69:af:7f:4b:7b:84:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:21:00 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=74e820fbeec1054eea3b4f4a8f9542c9701530fb893ce731a89dae3d43d103d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d5:26:04:4f:ea:37:df:0e:97:7c:35:af:47:
a9:20:2d:4d:16:8d:80:ef:31:73:dd:14:23:20:b9:
a6:0c:b3:6c:89:6e:ef:bd:69:eb:a0:0f:6b:b9:d5:
f2:8c:ea:1e:1d:90:6a:58:7c:90:4e:1c:d1:a9:de:
8e:83:ad:97:3e:ca:ce:e6:57:5e:f5:91:43:ea:84:
c0:d0:83:4e:30:e8:20:b8:64:ee:65:e4:75:ff:ad:
45:30:66:74:48:2e:9f:03:6e:4f:97:e0:82:6e:d0:
ff:f5:3e:86:7b:1d:7a:2c:cd:12:6a:85:0c:9f:83:
96:03:b4:a3:36:20:0a:c5:15:e2:e6:1c:4f:5a:0d:
cc:88:46:8f:e7:a5:37:59:79:ed:e0:b7:f3:1f:ba:
8c:f2:01:89:b5:3e:33:38:c2:9e:68:c0:a6:3d:87:
3d:1b:38:75:07:77:a7:2a:fa:6f:31:69:16:5e:c5:
37:e7:9e:d2:4b:cb:45:0a:80:44:4a:b1:41:c6:c6:
85:10:a3:e8:b2:4e:b9:b9:d4:5b:98:e3:36:b7:9f:
8b:d6:dc:c1:3f:77:77:c4:47:49:de:62:28:3e:62:
77:ba:ef:58:37:17:08:de:58:19:8b:12:18:47:16:
83:34:47:a8:09:0f:fe:85:3d:7d:de:b5:d1:c0:06:
a1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C4:85:45:9E:6B:DE:C6:B7:F4:39:BB:27:1F:53:9E:90:6E:A6:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:4000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:32:21:2a:6c:1c:f2:bb:77:7f:78:2f:9f:f7:dc:61:95:a8:
21:16:52:04:74:55:ae:38:26:c0:d4:c5:63:33:f2:b1:22:91:
f0:a4:77:6e:8f:82:9f:14:24:11:fc:e6:43:82:d5:bb:1b:ea:
6a:68:f6:42:79:94:32:fd:78:ef:dc:77:59:df:d7:66:05:30:
0a:08:07:1e:dd:87:9b:a4:4d:41:5e:e2:45:54:cf:e7:23:f5:
10:23:ed:1c:b1:0e:ab:b0:15:8a:95:8c:ee:da:b9:8e:58:2e:
e9:84:fe:fd:c2:04:cc:aa:b5:db:e6:e7:0e:fb:fc:73:bb:bd:
42:c0:3b:53:89:71:90:39:f3:84:e5:00:51:15:c2:d7:dd:10:
2f:61:e5:4e:65:09:d3:f2:0e:62:50:19:f2:42:53:bb:fa:a7:
02:98:8f:e2:6f:ad:40:ac:2c:d1:f2:49:3f:46:08:93:de:79:
71:32:66:b5:fb:8d:71:94:67:d3:70:7f:6e:ae:4e:d8:6c:fd:
19:fe:17:6a:40:e6:e5:f5:09:f9:c9:36:cc:4c:56:af:69:5d:
b1:a1:27:1b:57:f0:93:b7:5d:1f:ef:6b:7e:90:72:42:c4:c2:
5d:8d:d0:7c:25:80:e5:96:9d:e3:ab:7b:7f:9d:31:72:db:6f:
a4:53:83:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVNUQ8hkP5zqiTVHZjWmvf0t7hIcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIxMDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0ZTgyMGZiZWVjMTA1NGVlYTNiNGY0YThmOTU0MmM5NzAxNTMwZmI4OTNj
ZTczMWE4OWRhZTNkNDNkMTAzZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrVJgRP6jffDpd8Na9HqSAtTRaNgO8xc90UIyC5pgyzbIlu771p66APa7nV
8ozqHh2Qalh8kE4c0anejoOtlz7KzuZXXvWRQ+qEwNCDTjDoILhk7mXkdf+tRTBm
dEgunwNuT5fggm7Q//U+hnsdeizNEmqFDJ+DlgO0ozYgCsUV4uYcT1oNzIhGj+el
N1l57eC38x+6jPIBibU+MzjCnmjApj2HPRs4dQd3pyr6bzFpFl7FN+ee0kvLRQqA
REqxQcbGhRCj6LJOubnUW5jjNrefi9bcwT93d8RHSd5iKD5id7rvWDcXCN5YGYsS
GEcWgzRHqAkP/oU9fd610cAGodMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSExIVF
nmvexrf0ObsnH1OekG6m4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGEwNmU5MDktNTIyNy00N2Q5LWE1OGMtYmU2MjNhMmE0Y2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhA
MA0GCSqGSIb3DQEBCwUAA4IBAQBOMiEqbBzyu3d/eC+f99xhlaghFlIEdFWuOCbA
1MVjM/KxIpHwpHduj4KfFCQR/OZDgtW7G+pqaPZCeZQy/Xjv3HdZ39dmBTAKCAce
3YebpE1BXuJFVM/nI/UQI+0csQ6rsBWKlYzu2rmOWC7phP79wgTMqrXb5ucO+/xz
u71CwDtTiXGQOfOE5QBRFcLX3RAvYeVOZQnT8g5iUBnyQlO7+qcCmI/ib61ArCzR
8kk/RgiT3nlxMma1+41xlGfTcH9urk7YbP0Z/hdqQObl9Qn5yTbMTFavaV2xoScb
V/CTt10f72t+kHJCxMJdjdB8JYDllp3jq3t/nTFy22+kU4MD
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:38 2026 by rpki-client