Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
File: 8cfa3133-8fd4-4816-ad14-c49146075f82.roa (raw, json)
Hash identifier: yv4Cn9mTIl9X8OBj3b5zVPkT3RMYyDF6ei28ji8kddo=
Subject key identifier: 03:16:86:80:85:86:2E:07:DA:C8:7F:4B:49:49:2A:04:9D:D7:41:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F478BDC59193218ABEA13FA2949FBABAF54CD52
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
Signing time: Tue 19 May 2026 04:40:23 +0000
ROA not before: Tue 19 May 2026 04:40:23 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:47:8b:dc:59:19:32:18:ab:ea:13:fa:29:49:fb:ab:af:54:cd:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:23 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=4d3fcc1dfb37ffb545ede292980f845535551c2f99eb122417c04e3909f304b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0b:00:53:6e:2b:12:fe:cb:70:63:5c:36:9b:
b9:d1:7a:b0:e8:87:5d:a8:c4:cf:4a:ba:1e:94:b1:
53:b6:71:2f:e7:13:b8:c1:49:a7:a7:85:81:3f:f8:
f5:52:4d:48:d2:80:da:dd:06:77:ed:b5:9c:48:4c:
97:e7:75:a3:8c:9e:ad:97:8d:f1:f7:76:c8:b4:44:
95:19:94:56:d7:0d:b0:5f:fb:b8:fe:44:12:ae:aa:
a8:3a:1c:7c:c3:5a:a8:8c:ae:14:68:fc:52:c0:30:
23:8a:0d:ba:98:40:5d:8b:c3:06:b8:e4:8f:37:c4:
de:2b:27:06:16:d8:45:ad:f1:b8:c6:2e:9b:04:ea:
19:c5:a6:53:16:7b:42:0e:a0:ee:f5:fd:b2:3d:f5:
ef:82:1c:f9:83:75:b4:89:91:9e:b5:ba:8a:16:b8:
15:01:0d:93:73:fb:bd:84:59:16:d4:9c:12:bc:86:
07:dc:89:ea:ec:44:d3:c0:5c:cc:d8:fa:e5:84:0c:
71:a4:66:53:4c:a6:55:70:6c:81:ad:82:02:d3:74:
58:66:78:fe:ec:27:31:a2:7b:42:1f:6d:91:5c:8f:
52:60:47:b8:33:08:29:c1:44:82:41:77:29:4c:59:
11:ac:4f:3f:58:39:6a:da:b7:ea:c3:49:fe:2c:18:
76:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:16:86:80:85:86:2E:07:DA:C8:7F:4B:49:49:2A:04:9D:D7:41:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
17:8f:c5:54:32:f3:32:d5:12:38:b7:08:29:c9:76:63:1c:70:
ee:c6:4b:08:b2:1b:4e:9f:93:9c:29:d7:69:3b:10:5e:c5:de:
46:f1:1d:b9:b5:13:09:9e:c7:2f:60:e7:09:37:13:22:4a:bb:
f5:a0:eb:28:6e:a1:32:f1:ee:eb:24:92:61:02:a3:79:f1:5b:
4e:a8:ff:ca:07:12:a0:fc:6b:00:aa:03:14:c6:eb:ac:42:aa:
09:7f:78:68:22:01:bf:c6:a5:0c:8e:64:4c:aa:94:d0:9f:fb:
14:ba:a3:1b:d9:66:bd:c1:b3:c3:dd:23:ec:d2:74:19:ee:7d:
70:89:59:da:b9:54:58:1f:99:01:fa:33:d4:52:2d:90:9c:73:
94:69:ca:8a:b1:21:37:72:de:97:89:c8:e7:1b:9e:c5:67:10:
43:fd:61:db:cb:85:57:b0:6f:d6:46:32:d7:17:a8:7b:52:3d:
bf:ae:5f:a2:4a:00:7a:de:64:dd:d4:6d:7d:17:da:4f:c8:7e:
a4:71:f6:a7:c8:b0:24:df:14:b3:ea:a9:bf:e5:04:30:98:4e:
6f:f5:11:ca:b0:24:cf:22:1a:e3:40:61:8b:2d:8e:1b:6c:48:
2c:6e:68:75:57:a5:15:d2:b1:28:c8:ef:2a:ee:7a:8c:53:6f:
49:22:5e:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT0eL3FkZMhir6hP6KUn7q69UzVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMjNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkM2ZjYzFkZmIzN2ZmYjU0NWVkZTI5Mjk4MGY4NDU1MzU1NTFjMmY5OWVi
MTIyNDE3YzA0ZTM5MDlmMzA0YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOILAFNuKxL+y3BjXDabudF6sOiHXajEz0q6HpSxU7ZxL+cTuMFJp6eFgT/4
9VJNSNKA2t0Gd+21nEhMl+d1o4yerZeN8fd2yLRElRmUVtcNsF/7uP5EEq6qqDoc
fMNaqIyuFGj8UsAwI4oNuphAXYvDBrjkjzfE3isnBhbYRa3xuMYumwTqGcWmUxZ7
Qg6g7vX9sj3174Ic+YN1tImRnrW6iha4FQENk3P7vYRZFtScEryGB9yJ6uxE08Bc
zNj65YQMcaRmU0ymVXBsga2CAtN0WGZ4/uwnMaJ7Qh9tkVyPUmBHuDMIKcFEgkF3
KUxZEaxPP1g5atq36sNJ/iwYdqUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDFoaA
hYYuB9rIf0tJSSoEnddBMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNmYTMxMzMtOGZkNC00ODE2LWFkMTQtYzQ5MTQ2MDc1ZjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQAXj8VUMvMy1RI4twgpyXZjHHDuxksIshtOn5Oc
KddpOxBexd5G8R25tRMJnscvYOcJNxMiSrv1oOsobqEy8e7rJJJhAqN58VtOqP/K
BxKg/GsAqgMUxuusQqoJf3hoIgG/xqUMjmRMqpTQn/sUuqMb2Wa9wbPD3SPs0nQZ
7n1wiVnauVRYH5kB+jPUUi2QnHOUacqKsSE3ct6XicjnG57FZxBD/WHby4VXsG/W
RjLXF6h7Uj2/rl+iSgB63mTd1G19F9pPyH6kcfanyLAk3xSz6qm/5QQwmE5v9RHK
sCTPIhrjQGGLLY4bbEgsbmh1V6UV0rEoyO8q7nqMU29JIl63
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:48:48 2026 by rpki-client