Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: PNxmeD2tNrhJ8RscmJ6eI6kR0OW5AhYLTB+u0eSj5eU=
Subject key identifier: E6:09:40:7F:D0:80:B5:31:A3:9A:56:0F:A9:B2:9E:C9:5F:2C:20:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45725C2BB77D432E414DE51DE68795F7306E9A85
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Tue 19 May 2026 05:40:48 +0000
ROA not before: Tue 19 May 2026 05:40:48 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:72:5c:2b:b7:7d:43:2e:41:4d:e5:1d:e6:87:95:f7:30:6e:9a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:48 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=aa3141851bce25ff50da3ea6a2a1c5d34c9f74606fe4857c167caa72740c7eda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b2:c3:41:ad:fd:15:2c:c0:d7:7e:03:42:fc:
f8:0d:75:6c:c5:21:96:1f:e9:62:0f:64:a5:e1:ce:
57:66:43:56:37:2d:5a:27:7e:46:da:1d:a9:dc:4b:
68:f3:c2:13:71:ff:7a:0b:a5:bc:09:8e:f1:f7:95:
65:79:91:76:ff:95:32:a2:80:42:2b:94:25:32:8c:
83:45:8c:fd:f3:98:70:36:b9:4f:d7:1d:11:6f:e9:
0a:ec:c1:f6:cb:12:36:eb:78:d9:f4:a4:f8:7a:6c:
83:41:af:1b:d1:cf:c5:54:c8:15:d0:3b:22:22:45:
3f:ec:a7:15:8b:25:12:7b:d5:93:af:b5:ad:1d:8e:
08:f8:f0:a0:af:77:94:91:08:eb:3d:27:ff:bc:da:
17:a2:19:a0:77:16:68:6e:7d:ce:23:9f:d2:2e:9f:
20:81:36:47:6c:e9:34:13:15:09:0c:5e:53:ff:2e:
ef:8a:ed:19:04:72:fc:da:c5:9d:93:a7:f3:b1:ee:
74:1a:a6:74:e1:2f:e8:2e:4b:b9:8f:09:c2:ab:54:
14:e8:1f:3d:68:cb:27:da:00:77:74:77:18:a7:18:
14:3e:a3:ad:c2:2a:46:28:bb:db:6f:e8:77:c2:37:
2c:c7:94:f6:c1:fc:93:7c:01:51:f7:e5:fd:78:4e:
ce:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:09:40:7F:D0:80:B5:31:A3:9A:56:0F:A9:B2:9E:C9:5F:2C:20:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
4b:6a:7b:08:95:4e:40:18:82:29:92:7c:5d:d8:cf:38:15:c7:
0c:c5:a8:0f:77:0c:e8:16:2f:48:89:b4:f0:26:76:6c:eb:1a:
a8:09:22:21:e0:f5:03:16:23:01:8f:4e:be:bf:3e:d4:2b:c4:
df:1a:b2:7c:19:68:5d:34:c8:42:bc:72:28:cc:81:49:90:e1:
fe:85:67:6e:c2:8a:7b:d1:ba:b3:2b:40:f5:cb:a4:61:cf:9f:
96:ea:d7:6a:18:5c:a5:b9:0a:df:0d:d5:f4:dd:34:d1:29:f1:
7c:ac:bc:68:0a:fc:ee:0e:fe:f9:c5:6f:8b:2b:cb:38:1e:03:
dc:b8:08:2f:b0:3b:c7:8d:3e:4a:11:d2:66:a9:e9:51:67:70:
a4:ab:b9:5e:66:6d:55:77:87:85:56:25:4c:22:37:4c:83:e9:
dd:78:8a:96:e0:12:50:04:47:29:b6:be:02:02:8c:97:99:57:
39:18:02:0b:da:e7:c5:87:ea:94:1b:e5:54:c2:54:a0:72:d1:
ba:23:56:2f:66:51:1b:1e:d4:d0:59:7e:99:44:c7:79:03:98:
99:18:05:03:ae:9d:c6:81:17:db:51:99:d8:5f:2b:f5:6b:a0:
60:03:6b:7a:70:43:25:fe:a9:43:b8:c4:e7:d5:14:0b:8b:d9:
00:6f:24:16
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURXJcK7d9Qy5BTeUd5oeV9zBumoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhMzE0MTg1MWJjZTI1ZmY1MGRhM2VhNmEyYTFjNWQzNGM5Zjc0NjA2ZmU0
ODU3YzE2N2NhYTcyNzQwYzdlZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6yw0Gt/RUswNd+A0L8+A11bMUhlh/pYg9kpeHOV2ZDVjctWid+RtodqdxL
aPPCE3H/egulvAmO8feVZXmRdv+VMqKAQiuUJTKMg0WM/fOYcDa5T9cdEW/pCuzB
9ssSNut42fSk+Hpsg0GvG9HPxVTIFdA7IiJFP+ynFYslEnvVk6+1rR2OCPjwoK93
lJEI6z0n/7zaF6IZoHcWaG59ziOf0i6fIIE2R2zpNBMVCQxeU/8u74rtGQRy/NrF
nZOn87HudBqmdOEv6C5LuY8JwqtUFOgfPWjLJ9oAd3R3GKcYFD6jrcIqRii722/o
d8I3LMeU9sH8k3wBUffl/XhOzhECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTmCUB/
0IC1MaOaVg+psp7JXywgSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQBLansIlU5AGIIpknxd2M84FccMxagPdwzoFi9I
ibTwJnZs6xqoCSIh4PUDFiMBj06+vz7UK8TfGrJ8GWhdNMhCvHIozIFJkOH+hWdu
wop70bqzK0D1y6Rhz5+W6tdqGFyluQrfDdX03TTRKfF8rLxoCvzuDv75xW+LK8s4
HgPcuAgvsDvHjT5KEdJmqelRZ3Ckq7leZm1Vd4eFViVMIjdMg+ndeIqW4BJQBEcp
tr4CAoyXmVc5GAIL2ufFh+qUG+VUwlSgctG6I1YvZlEbHtTQWX6ZRMd5A5iZGAUD
rp3GgRfbUZnYXyv1a6BgA2t6cEMl/qlDuMTn1RQLi9kAbyQW
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:21 2026 by rpki-client