Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa
File: ad363c67-ff83-46aa-9474-de02e382946b.roa (raw, json)
Hash identifier: ONLtEgJ82WvtnmFzU8+o3kD/X77ows44Cxza+gQTjoc=
Subject key identifier: D5:86:93:05:2B:D8:15:E8:6B:BD:78:60:55:AF:95:EE:8D:EF:F7:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D7F2E49C4B6787E096964755BBC58628668C555
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa
Signing time: Tue 19 May 2026 04:50:27 +0000
ROA not before: Tue 19 May 2026 04:50:27 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:7f:2e:49:c4:b6:78:7e:09:69:64:75:5b:bc:58:62:86:68:c5:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:27 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f5a4ac2c5973712eb68aa1ea71a0b4911bf5569fdd0459288243a0bd73a4481b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3f:5a:47:50:be:ab:ee:53:2e:38:9b:7e:c2:
0b:52:db:89:a7:10:ee:5a:a5:00:f7:e5:3d:11:1d:
63:52:b0:e9:b1:dd:7c:07:6f:cc:8b:5f:34:22:1a:
31:97:4a:42:69:d6:59:79:f3:c6:75:b0:7e:0c:f8:
b6:93:90:5e:df:ce:4d:e7:59:00:a0:8e:5b:86:dc:
f1:de:ad:f2:8d:76:55:7e:70:c9:f7:96:55:44:04:
84:df:e9:62:10:9d:e2:5a:e7:9b:be:ad:78:17:d9:
8c:5c:23:49:89:76:fb:de:fd:7b:1a:b1:74:2f:3b:
07:98:e9:45:85:bd:7f:b5:b2:b2:55:0e:80:50:8b:
9d:fc:c4:48:ad:10:06:33:03:f4:fb:45:21:32:c9:
fb:10:d2:da:0b:29:62:8c:a1:79:bf:9d:96:b2:b9:
61:28:8c:76:b0:64:9e:be:ae:f4:4f:e3:19:d6:0b:
10:91:e1:d2:37:33:51:d6:03:3a:c9:2f:73:0a:0d:
97:b0:b6:e5:53:ef:f1:92:a6:bf:df:cb:7e:b5:17:
92:b7:f4:10:7a:1a:b2:c2:59:7b:2d:89:97:c2:55:
48:bb:c7:54:73:22:d8:66:e1:32:66:00:aa:da:9a:
09:e8:46:99:88:d1:26:58:8e:21:04:c2:86:8c:15:
4e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:86:93:05:2B:D8:15:E8:6B:BD:78:60:55:AF:95:EE:8D:EF:F7:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:b000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:07:aa:77:b5:0e:c7:2b:7b:1d:5b:2e:32:a6:63:62:f3:d2:
74:d3:0c:c8:29:ae:3a:0e:6c:45:e8:52:cc:98:b9:19:d2:80:
8f:2b:27:28:be:b0:fd:9a:e0:e5:ec:58:b0:55:ea:5f:79:b4:
0a:80:0f:32:d0:ed:c4:91:81:48:79:95:5f:bb:e8:db:71:e9:
4c:59:0f:99:b0:e8:0d:7f:0b:96:d7:e2:c1:98:75:63:28:ae:
0a:67:f6:3f:32:bb:e3:57:21:66:1a:c6:6e:2e:36:0a:87:1f:
2d:dc:cc:b6:fe:8d:89:ba:74:1f:58:01:89:c1:53:8d:7b:75:
47:8f:4f:51:9b:4d:98:ce:f0:56:4c:aa:b6:f7:f7:90:50:d3:
c5:17:7a:33:ea:2a:70:df:7c:6a:87:39:08:52:0b:a5:20:07:
83:e5:66:2a:72:e4:ec:4f:f0:44:72:4e:11:4d:05:99:3c:3f:
df:11:0d:1f:eb:b0:2f:04:8e:cb:72:02:f9:57:e2:9f:c1:e3:
30:52:8a:03:f6:78:50:1d:ef:42:28:76:3f:1c:fd:84:d4:96:
99:b6:2d:63:aa:9d:51:c1:9e:31:d3:7a:39:1b:34:cd:bc:e2:
f9:d8:49:9d:ff:f9:ee:29:4b:91:98:a5:ec:bb:6a:a8:dd:06:
6c:bf:41:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbX8uScS2eH4JaWR1W7xYYoZoxVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMjdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1YTRhYzJjNTk3MzcxMmViNjhhYTFlYTcxYTBiNDkxMWJmNTU2OWZkZDA0
NTkyODgyNDNhMGJkNzNhNDQ4MWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKc/WkdQvqvuUy44m37CC1LbiacQ7lqlAPflPREdY1Kw6bHdfAdvzItfNCIa
MZdKQmnWWXnzxnWwfgz4tpOQXt/OTedZAKCOW4bc8d6t8o12VX5wyfeWVUQEhN/p
YhCd4lrnm76teBfZjFwjSYl2+979exqxdC87B5jpRYW9f7WyslUOgFCLnfzESK0Q
BjMD9PtFITLJ+xDS2gspYoyheb+dlrK5YSiMdrBknr6u9E/jGdYLEJHh0jczUdYD
OskvcwoNl7C25VPv8ZKmv9/LfrUXkrf0EHoassJZey2Jl8JVSLvHVHMi2GbhMmYA
qtqaCehGmYjRJliOIQTChowVTrECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVhpMF
K9gV6Gu9eGBVr5Xuje/3TTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQzNjNjNjctZmY4My00NmFhLTk0NzQtZGUwMmUzODI5NDZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGw
MA0GCSqGSIb3DQEBCwUAA4IBAQAaB6p3tQ7HK3sdWy4ypmNi89J00wzIKa46DmxF
6FLMmLkZ0oCPKycovrD9muDl7FiwVepfebQKgA8y0O3EkYFIeZVfu+jbcelMWQ+Z
sOgNfwuW1+LBmHVjKK4KZ/Y/MrvjVyFmGsZuLjYKhx8t3My2/o2JunQfWAGJwVON
e3VHj09Rm02YzvBWTKq29/eQUNPFF3oz6ipw33xqhzkIUgulIAeD5WYqcuTsT/BE
ck4RTQWZPD/fEQ0f67AvBI7LcgL5V+KfweMwUooD9nhQHe9CKHY/HP2E1JaZti1j
qp1RwZ4x03o5GzTNvOL52Emd//nuKUuRmKXsu2qo3QZsv0Hz
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:43 2026 by rpki-client