Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
File: cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa (raw, json)
Hash identifier: hChZDXCBBn0vPcKjD9kiY4MIlbFy4YcP9JJUVCLOJUw=
Subject key identifier: 48:62:23:7D:32:22:7D:52:59:97:9B:06:0C:33:C6:29:30:6B:0A:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2656D5D5ED7783C22F424BB0799D7C81142310FF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
Signing time: Tue 19 May 2026 05:40:54 +0000
ROA not before: Tue 19 May 2026 05:40:54 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:56:d5:d5:ed:77:83:c2:2f:42:4b:b0:79:9d:7c:81:14:23:10:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:54 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b274660e3eb4856d8c1496f6879a5e3f165c36cb6d77b775b32eb338f19f8287, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:86:7f:45:45:19:4d:7f:1d:c3:82:cd:3a:4c:
85:fc:d1:45:56:9f:0d:de:8e:11:8d:ab:6c:ac:63:
b4:7c:74:72:0e:be:f9:94:7a:b6:5c:05:34:df:0b:
0c:de:09:bb:4d:8b:f1:7d:19:e2:68:38:3b:98:d5:
71:38:3c:86:24:62:f3:d8:f0:8a:67:89:ec:11:a4:
3f:0d:dc:ab:11:83:c9:98:a7:f0:3e:2c:46:0c:a5:
24:35:9b:83:92:ce:59:ea:4e:0d:73:d7:1f:b4:c7:
86:e4:2d:37:69:3c:08:ef:cb:98:f6:3d:0c:a4:84:
c2:0d:5a:ba:0a:3a:16:22:22:15:97:fd:e6:82:30:
55:14:35:7a:b5:28:6b:a9:32:fb:74:80:d3:51:d3:
66:4c:cc:3c:8d:2a:5b:cb:6a:5f:a8:55:08:fd:4c:
e9:4b:e9:a6:09:90:74:db:e9:c1:f1:88:bd:d3:5a:
53:78:ee:bb:cb:58:ed:e7:53:71:3f:a9:d6:df:6b:
a4:ba:0d:b4:77:98:a9:d2:e7:0b:ac:5d:06:83:ac:
0e:2e:1f:a8:fe:6b:b0:9e:55:70:b9:2a:59:b5:11:
7f:f3:f3:9e:e0:ac:4c:aa:34:7f:e0:09:9b:ec:eb:
da:6d:58:eb:96:fd:9a:29:65:c1:46:4b:6d:67:2e:
a3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:62:23:7D:32:22:7D:52:59:97:9B:06:0C:33:C6:29:30:6B:0A:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1040::/48
Signature Algorithm: sha256WithRSAEncryption
60:9d:1c:63:11:e3:28:ea:8b:94:89:53:10:32:5a:eb:04:e9:
20:25:99:c0:7f:70:97:3b:63:72:e4:f8:ed:bc:8a:e0:3d:01:
9b:e2:9c:29:8d:a9:a9:07:65:2a:8c:7a:a9:39:fe:9a:2d:68:
6a:64:66:14:94:c4:d0:d4:95:2a:d8:1e:67:b5:e6:c1:37:f6:
42:ed:3c:f4:8d:35:66:e0:04:d2:ec:b4:67:60:a2:2a:6e:0b:
13:cf:83:f6:ac:f4:59:80:29:15:83:c8:db:c8:09:16:c0:7f:
4d:1b:e5:2a:89:5a:62:34:3d:26:ba:ae:37:43:d7:f8:bf:7d:
3e:ca:b4:3c:53:25:dd:31:a2:8b:57:fe:c3:db:22:aa:f5:9d:
05:49:fe:47:b6:33:39:f7:2e:6b:c8:c2:b0:19:ab:6b:3e:35:
de:fe:bf:a6:0c:2d:01:8d:56:46:c4:f4:e1:a1:53:6d:ef:3c:
2f:e6:d2:e4:c9:f8:cc:78:ab:03:84:17:41:04:a8:27:3f:b1:
ad:5f:61:01:54:74:20:0e:79:f1:37:bc:f0:85:68:51:f7:67:
06:9f:53:ca:c1:4d:c7:f7:12:59:fd:a8:41:30:d0:bc:3c:c3:
33:c7:a4:8c:19:77:b7:d0:46:c1:07:7d:9c:d5:4a:72:b9:2e:
ea:46:35:3a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJlbV1e13g8IvQkuweZ18gRQjEP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNTRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyNzQ2NjBlM2ViNDg1NmQ4YzE0OTZmNjg3OWE1ZTNmMTY1YzM2Y2I2ZDc3
Yjc3NWIzMmViMzM4ZjE5ZjgyODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPOGf0VFGU1/HcOCzTpMhfzRRVafDd6OEY2rbKxjtHx0cg6++ZR6tlwFNN8L
DN4Ju02L8X0Z4mg4O5jVcTg8hiRi89jwimeJ7BGkPw3cqxGDyZin8D4sRgylJDWb
g5LOWepODXPXH7THhuQtN2k8CO/LmPY9DKSEwg1augo6FiIiFZf95oIwVRQ1erUo
a6ky+3SA01HTZkzMPI0qW8tqX6hVCP1M6UvppgmQdNvpwfGIvdNaU3juu8tY7edT
cT+p1t9rpLoNtHeYqdLnC6xdBoOsDi4fqP5rsJ5VcLkqWbURf/PznuCsTKo0f+AJ
m+zr2m1Y65b9millwUZLbWcuoy8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRIYiN9
MiJ9UlmXmwYMM8YpMGsKlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FjODUwZjgtNWFhOS00YTU2LWFlYTItZTIyZDNhZmQ0ZTM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAYJ0cYxHjKOqLlIlTEDJa6wTpICWZwH9wlztj
cuT47byK4D0Bm+KcKY2pqQdlKox6qTn+mi1oamRmFJTE0NSVKtgeZ7XmwTf2Qu08
9I01ZuAE0uy0Z2CiKm4LE8+D9qz0WYApFYPI28gJFsB/TRvlKolaYjQ9JrquN0PX
+L99Psq0PFMl3TGii1f+w9siqvWdBUn+R7YzOfcua8jCsBmraz413v6/pgwtAY1W
RsT04aFTbe88L+bS5Mn4zHirA4QXQQSoJz+xrV9hAVR0IA558Te88IVoUfdnBp9T
ysFNx/cSWf2oQTDQvDzDM8ekjBl3t9BGwQd9nNVKcrku6kY1Og==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:21 2026 by rpki-client