Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
File: 8c99b00e-290a-4618-8076-435475c3020f.roa (raw, json)
Hash identifier: fVbyMsnnAtTCvhl6EXWEAHUKxNYtG2LiN2j3pq6ltwI=
Subject key identifier: 2E:5A:84:6A:C6:22:6A:C3:E0:97:D8:8B:33:96:0A:D6:73:37:EA:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 714A0A227E3456925CA7DF33B3DDAE065283FD60
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
Signing time: Tue 19 May 2026 05:30:47 +0000
ROA not before: Tue 19 May 2026 05:30:47 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:4a:0a:22:7e:34:56:92:5c:a7:df:33:b3:dd:ae:06:52:83:fd:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:47 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=c5d28ebba10d61f1cde166954a47beb57f53637473d0a7d78460e1c9f5ef8bb8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3e:c2:27:8b:63:1a:50:f1:6f:9c:82:ef:01:
07:1b:4e:56:95:f3:82:7b:9c:0e:6d:e8:51:4c:18:
72:5e:8e:e6:55:ff:99:1b:27:4c:65:c6:80:53:78:
e1:27:85:26:27:f0:1a:62:c7:a3:1b:2f:13:c0:25:
f7:09:1a:a3:60:93:eb:5a:2b:13:37:cf:bb:5b:c4:
2f:6e:0e:19:35:9c:14:95:db:d2:9e:3d:71:2f:19:
70:93:43:81:f2:a5:96:eb:05:c7:26:04:c7:b3:fe:
e6:e0:ab:36:74:6b:43:c1:1d:5e:7b:c6:7b:90:cd:
5a:f7:93:68:97:a5:10:d8:4c:8a:1d:dd:15:ff:70:
37:d4:cd:40:36:8e:fd:ab:04:c3:5d:76:42:8b:cd:
7e:24:88:2c:9a:a1:f5:38:12:dd:51:0c:76:cb:da:
e5:0a:eb:3c:0c:2c:25:14:b8:4e:d0:4f:1d:17:3e:
77:f4:d8:dc:a1:d3:91:04:77:aa:88:2c:93:91:c7:
44:b4:33:a0:ad:57:cd:8c:f1:2f:c5:53:c6:74:8b:
91:ed:93:29:83:b3:6e:f1:7f:e4:d2:c4:64:13:6f:
df:ea:95:63:53:53:9f:08:e3:b6:19:ea:35:79:a5:
d2:73:cc:64:ce:82:76:f5:bd:82:91:78:6b:2a:2c:
07:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:5A:84:6A:C6:22:6A:C3:E0:97:D8:8B:33:96:0A:D6:73:37:EA:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c080::/48
Signature Algorithm: sha256WithRSAEncryption
a4:71:14:0a:9a:3f:ee:db:40:18:d3:9e:40:bc:97:aa:99:a5:
63:91:0e:71:d9:c4:dc:9d:b7:bb:13:e5:b6:8f:10:b2:dd:b4:
2b:42:4d:5f:32:cf:b3:13:46:45:d2:79:23:d5:71:e4:67:d2:
34:89:29:7e:e5:c2:7e:47:c5:2d:84:45:ef:5e:4a:e3:fc:34:
4b:ce:d8:54:7b:37:da:57:e0:2b:a2:f8:4a:32:8a:98:e7:2b:
bc:35:e6:16:b3:aa:f6:e4:3f:88:cd:37:84:50:36:00:d0:7b:
ae:e2:31:a9:98:16:e0:7b:56:60:74:5e:dc:20:f2:b3:a6:60:
fc:41:3c:b2:33:d5:4a:fe:80:66:5b:61:8e:a6:a2:36:a1:62:
ea:b3:b7:fc:8d:35:78:7c:e6:31:1f:a0:84:08:be:19:57:ad:
22:12:28:54:fd:a3:29:6b:eb:e8:0c:63:0a:a5:26:b9:dc:d1:
89:e9:e6:e0:ed:59:d5:14:78:3d:23:be:fc:88:f4:fb:6c:1d:
64:7a:4f:01:fc:87:b6:2d:b6:7d:a8:47:ab:86:1f:39:d5:4c:
27:1e:2a:02:bb:cc:fe:15:72:5b:1c:70:2b:97:0b:9f:b5:0f:
49:d2:e1:92:fd:a6:0a:e6:12:76:dc:9f:0b:8b:94:c9:4b:f9:
f2:fa:05:a0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcUoKIn40VpJcp98zs92uBlKD/WAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1ZDI4ZWJiYTEwZDYxZjFjZGUxNjY5NTRhNDdiZWI1N2Y1MzYzNzQ3M2Qw
YTdkNzg0NjBlMWM5ZjVlZjhiYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJM+wieLYxpQ8W+cgu8BBxtOVpXzgnucDm3oUUwYcl6O5lX/mRsnTGXGgFN4
4SeFJifwGmLHoxsvE8Al9wkao2CT61orEzfPu1vEL24OGTWcFJXb0p49cS8ZcJND
gfKllusFxyYEx7P+5uCrNnRrQ8EdXnvGe5DNWveTaJelENhMih3dFf9wN9TNQDaO
/asEw112QovNfiSILJqh9TgS3VEMdsva5QrrPAwsJRS4TtBPHRc+d/TY3KHTkQR3
qogsk5HHRLQzoK1XzYzxL8VTxnSLke2TKYOzbvF/5NLEZBNv3+qVY1NTnwjjthnq
NXml0nPMZM6CdvW9gpF4ayosB38CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQuWoRq
xiJqw+CX2IszlgrWczfqRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM5OWIwMGUtMjkwYS00NjE4LTgwNzYtNDM1NDc1YzMwMjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
gDANBgkqhkiG9w0BAQsFAAOCAQEApHEUCpo/7ttAGNOeQLyXqpmlY5EOcdnE3J23
uxPlto8Qst20K0JNXzLPsxNGRdJ5I9Vx5GfSNIkpfuXCfkfFLYRF715K4/w0S87Y
VHs32lfgK6L4SjKKmOcrvDXmFrOq9uQ/iM03hFA2ANB7ruIxqZgW4HtWYHRe3CDy
s6Zg/EE8sjPVSv6AZlthjqaiNqFi6rO3/I01eHzmMR+ghAi+GVetIhIoVP2jKWvr
6AxjCqUmudzRienm4O1Z1RR4PSO+/Ij0+2wdZHpPAfyHti22fahHq4YfOdVMJx4q
ArvM/hVyWxxwK5cLn7UPSdLhkv2mCuYSdtyfC4uUyUv58voFoA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:46:03 2026 by rpki-client