Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
File: 8aeef071-ad76-436d-a059-ad727b09eb3b.roa (raw, json)
Hash identifier: X1bph/ezeUZGOgkjv8yF58GGCCc2jt19pGi3fUMflJc=
Subject key identifier: 61:A4:EC:B9:93:B5:BA:E7:38:10:5C:51:34:E2:2B:5D:8B:A2:6C:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A6CED6932A24505D66CCF4123C8E31DF05B30E3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
Signing time: Tue 19 May 2026 05:30:43 +0000
ROA not before: Tue 19 May 2026 05:30:43 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:6c:ed:69:32:a2:45:05:d6:6c:cf:41:23:c8:e3:1d:f0:5b:30:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:43 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f0701a52bcfb6cacd07a11e7b21cebb65380bd43dcd44cd821312492204fb6c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:11:59:6c:5a:3e:33:10:b1:a6:b8:a1:5c:fc:
ae:b2:6d:1a:f8:87:40:cc:2b:1a:72:bf:7c:2b:e7:
ab:cd:f8:7a:09:32:6d:9e:4d:36:59:c2:db:a5:ed:
f9:e7:75:c5:42:7d:03:bd:06:06:76:d2:e7:c9:28:
e8:af:a9:92:cb:92:80:d6:94:c0:d5:8e:ea:35:11:
a3:4e:56:0f:4c:97:62:aa:17:6b:2c:cc:08:4b:bb:
5b:c5:d5:92:68:e8:6a:a3:88:07:59:47:45:d1:2f:
60:ff:62:74:af:fe:08:17:5b:84:75:20:08:41:99:
e2:d0:e3:57:1b:cf:f3:b6:19:0c:a2:0d:c1:a0:b6:
8f:59:e2:53:a7:ff:25:1e:a5:62:27:13:81:3c:17:
1c:c2:c5:0d:88:04:f9:55:af:f7:cc:c0:a7:c7:62:
59:e2:9d:49:84:b3:e7:34:a1:9e:b9:ac:bb:61:ae:
fb:4d:c7:d6:96:04:69:fb:79:01:71:39:1e:07:4d:
35:db:a1:5f:c6:30:0c:b8:7d:89:81:28:65:b2:57:
29:b5:21:d8:cc:98:5c:3b:aa:a9:7f:80:31:55:0d:
a1:19:c0:2e:dd:c4:76:c8:54:dd:99:46:7a:13:57:
5b:6b:82:d8:3f:b9:0c:48:cd:3f:1d:0d:b9:65:35:
30:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A4:EC:B9:93:B5:BA:E7:38:10:5C:51:34:E2:2B:5D:8B:A2:6C:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:72:7c:e5:7b:71:7b:79:8d:70:fd:bb:ca:28:32:c4:ac:e9:
20:36:7d:75:39:ca:03:d9:9f:59:75:96:80:f7:45:c9:3a:0a:
ee:2d:c7:a9:96:89:f7:3b:c0:a8:fb:95:29:34:53:62:23:cf:
99:49:52:78:43:7d:74:a5:99:0e:8b:2b:c8:a0:22:c1:55:03:
c7:ea:06:2e:69:bd:b4:cd:d1:f3:c3:a8:b3:c3:dc:0d:16:cd:
69:12:8b:b9:62:a0:50:78:32:9a:7d:62:6c:f8:42:d6:68:6b:
b5:f5:5c:32:ef:b1:19:3e:83:ce:cc:68:fe:e5:29:5e:2f:71:
46:49:ae:d4:98:4b:8d:9b:7b:ce:07:af:a6:db:45:94:ac:ba:
d3:ae:c2:3b:3b:8b:5f:8a:d8:b6:0e:66:01:2c:62:a8:9c:14:
b2:f6:e7:a9:ac:c3:f2:bf:cf:ea:1b:be:0e:f8:46:a1:94:ca:
a8:af:b5:05:ed:80:cd:f4:63:64:8c:83:ca:9d:4e:04:ca:c2:
75:88:15:c4:23:23:6d:ca:e6:82:46:d0:85:31:4a:14:aa:45:
5b:31:97:07:b6:7a:7d:c7:a9:da:75:70:16:d6:fc:e2:a0:aa:
77:7f:63:af:e2:1f:26:fa:8e:8d:5f:a1:33:45:f5:29:1c:6b:
02:d7:2e:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWmztaTKiRQXWbM9BI8jjHfBbMOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwNzAxYTUyYmNmYjZjYWNkMDdhMTFlN2IyMWNlYmI2NTM4MGJkNDNkY2Q0
NGNkODIxMzEyNDkyMjA0ZmI2YzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0RWWxaPjMQsaa4oVz8rrJtGviHQMwrGnK/fCvnq834egkybZ5NNlnC26Xt
+ed1xUJ9A70GBnbS58ko6K+pksuSgNaUwNWO6jURo05WD0yXYqoXayzMCEu7W8XV
kmjoaqOIB1lHRdEvYP9idK/+CBdbhHUgCEGZ4tDjVxvP87YZDKINwaC2j1niU6f/
JR6lYicTgTwXHMLFDYgE+VWv98zAp8diWeKdSYSz5zShnrmsu2Gu+03H1pYEaft5
AXE5HgdNNduhX8YwDLh9iYEoZbJXKbUh2MyYXDuqqX+AMVUNoRnALt3EdshU3ZlG
ehNXW2uC2D+5DEjNPx0NuWU1MN0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhpOy5
k7W65zgQXFE04itdi6JsDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFlZWYwNzEtYWQ3Ni00MzZkLWEwNTktYWQ3MjdiMDllYjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dgg
MA0GCSqGSIb3DQEBCwUAA4IBAQCscnzle3F7eY1w/bvKKDLErOkgNn11OcoD2Z9Z
dZaA90XJOgruLceplon3O8Co+5UpNFNiI8+ZSVJ4Q310pZkOiyvIoCLBVQPH6gYu
ab20zdHzw6izw9wNFs1pEou5YqBQeDKafWJs+ELWaGu19Vwy77EZPoPOzGj+5Sle
L3FGSa7UmEuNm3vOB6+m20WUrLrTrsI7O4tfiti2DmYBLGKonBSy9ueprMPyv8/q
G74O+EahlMqor7UF7YDN9GNkjIPKnU4EysJ1iBXEIyNtyuaCRtCFMUoUqkVbMZcH
tnp9x6nadXAW1vzioKp3f2Ov4h8m+o6NX6EzRfUpHGsC1y6c
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:46 2026 by rpki-client