Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
File: 93932fd5-a431-4690-94d6-ed2f97f585c1.roa (raw, json)
Hash identifier: gc5YxqIPelQTQsyhoDHdMLTiIECNugYeex9QIMp/im8=
Subject key identifier: 2F:6F:43:4C:A2:51:C4:55:25:94:0A:AC:B8:20:1A:4E:58:02:33:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E437E8AC11AFA42D88AE934880618182AD7A212
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
Signing time: Tue 19 May 2026 04:30:14 +0000
ROA not before: Tue 19 May 2026 04:30:14 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:43:7e:8a:c1:1a:fa:42:d8:8a:e9:34:88:06:18:18:2a:d7:a2:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:14 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=16f9ac90f20d2f5b90915d9963e1a091bce012d1d46d152de05ef5ec8ca52797, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a2:f7:32:93:39:72:30:01:d6:65:4c:13:7b:
dc:e2:73:9c:79:9a:28:eb:f7:e7:ca:35:c1:0a:57:
ce:30:50:5b:bc:74:ec:4e:2a:4c:a3:93:67:1e:f1:
3e:57:57:db:b2:a7:37:44:10:68:fc:8b:69:39:a4:
14:80:46:27:de:6e:c7:fe:72:b2:9d:30:8b:2c:84:
25:95:67:22:81:6a:d2:be:53:9b:1e:10:31:42:3e:
ae:dc:2b:68:6e:e9:f0:37:b7:53:7c:bb:1c:e8:74:
05:97:86:35:8b:39:02:71:36:2c:b2:a1:ef:39:de:
7f:d9:d7:ea:9a:3e:be:da:a4:52:b4:02:80:ac:e6:
f8:91:eb:6c:36:ce:77:4e:26:26:d9:37:bf:5d:05:
70:af:3d:b5:42:4f:d6:24:52:33:88:9e:9f:16:fc:
a3:e5:00:c0:72:17:9f:60:f0:32:0b:52:67:4e:ad:
85:0a:59:47:23:0a:c6:17:77:aa:b5:5b:55:d8:b0:
b9:36:5f:ec:47:00:0e:3b:60:69:43:46:1d:51:44:
31:6d:b0:e0:41:2e:28:b8:d8:6a:1c:f9:31:9f:18:
eb:ed:9e:c0:8a:b8:4e:dd:98:91:15:44:f6:2b:ed:
28:c7:84:0e:8a:c1:1d:7c:61:36:21:11:91:ab:ac:
d3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6F:43:4C:A2:51:C4:55:25:94:0A:AC:B8:20:1A:4E:58:02:33:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:800::/38
Signature Algorithm: sha256WithRSAEncryption
c6:eb:0b:e9:4f:a6:7c:d6:c9:3e:aa:f8:7f:68:44:da:6b:47:
17:9b:06:16:34:7f:62:40:83:79:91:a0:ca:35:00:3a:89:ad:
83:4a:93:2a:71:a0:bf:9f:49:4e:24:49:36:0f:2a:27:b1:ac:
c5:9a:1c:f2:62:0e:f7:cd:b2:7a:51:a3:d0:8f:71:e5:6f:ac:
60:93:89:0b:d8:3c:7f:5a:0c:41:55:16:8a:b1:8f:57:35:7d:
de:bc:38:4d:21:70:7e:bc:21:3c:e7:15:97:c3:ff:48:7d:43:
b3:b9:ea:d3:39:c9:57:60:d9:59:d8:df:8f:24:1c:1f:24:c1:
5f:96:c4:ed:bd:30:dd:b8:f6:db:3f:64:25:cb:e4:60:7d:eb:
2e:2f:53:b0:d7:59:5c:e0:f2:89:f0:52:8e:1d:d5:84:90:6d:
2e:fb:32:e9:69:d4:cc:f1:61:ab:09:2e:aa:02:f1:f9:32:ea:
33:f4:5a:7a:d1:b9:e9:04:36:46:5f:1e:93:f8:e6:bd:30:a7:
f7:39:81:37:c3:d4:5c:c9:35:57:c8:1e:9c:de:21:35:fe:96:
8e:b3:22:2c:ed:b6:c2:73:8a:60:14:56:04:04:52:18:70:fa:
f0:0b:3c:fa:e0:8e:73:ec:8c:02:75:0b:ef:f8:b9:51:69:40:
98:e9:ea:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHkN+isEa+kLYiuk0iAYYGCrXohIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMTRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ZjlhYzkwZjIwZDJmNWI5MDkxNWQ5OTYzZTFhMDkxYmNlMDEyZDFkNDZk
MTUyZGUwNWVmNWVjOGNhNTI3OTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIui9zKTOXIwAdZlTBN73OJznHmaKOv358o1wQpXzjBQW7x07E4qTKOTZx7x
PldX27KnN0QQaPyLaTmkFIBGJ95ux/5ysp0wiyyEJZVnIoFq0r5Tmx4QMUI+rtwr
aG7p8De3U3y7HOh0BZeGNYs5AnE2LLKh7znef9nX6po+vtqkUrQCgKzm+JHrbDbO
d04mJtk3v10FcK89tUJP1iRSM4ienxb8o+UAwHIXn2DwMgtSZ06thQpZRyMKxhd3
qrVbVdiwuTZf7EcADjtgaUNGHVFEMW2w4EEuKLjYahz5MZ8Y6+2ewIq4Tt2YkRVE
9ivtKMeEDorBHXxhNiERkaus0/MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvb0NM
olHEVSWUCqy4IBpOWAIzDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5MzJmZDUtYTQzMS00NjkwLTk0ZDYtZWQyZjk3ZjU4NWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BII
MA0GCSqGSIb3DQEBCwUAA4IBAQDG6wvpT6Z81sk+qvh/aETaa0cXmwYWNH9iQIN5
kaDKNQA6ia2DSpMqcaC/n0lOJEk2DyonsazFmhzyYg73zbJ6UaPQj3Hlb6xgk4kL
2Dx/WgxBVRaKsY9XNX3evDhNIXB+vCE85xWXw/9IfUOzuerTOclXYNlZ2N+PJBwf
JMFflsTtvTDduPbbP2Qly+RgfesuL1Ow11lc4PKJ8FKOHdWEkG0u+zLpadTM8WGr
CS6qAvH5Muoz9Fp60bnpBDZGXx6T+Oa9MKf3OYE3w9RcyTVXyB6c3iE1/paOsyIs
7bbCc4pgFFYEBFIYcPrwCzz64I5z7IwCdQvv+LlRaUCY6eoR
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:51 2026 by rpki-client