Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
File: caeeaf61-b927-4d38-b398-1efb2c05d49e.roa (raw, json)
Hash identifier: 4LR+m4YCjP1aMhp7205Aq9ixl9MxNSHAfB21Gs2jWJI=
Subject key identifier: C9:35:14:9C:88:AB:E4:E5:E6:8F:0F:60:EE:A9:B2:DD:2B:EF:38:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41EA416957EDE3B780C55BBD4EBFE05A5E322FA8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
Signing time: Sun 17 May 2026 02:00:09 +0000
ROA not before: Sun 17 May 2026 02:00:09 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ea:41:69:57:ed:e3:b7:80:c5:5b:bd:4e:bf:e0:5a:5e:32:2f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:09 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=d8eb5103af204b3b662c95b05daa3e173be480503e3dd6eb3793c3b509303466, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:15:ca:0e:ec:c9:e7:05:08:02:17:b8:bc:e5:
74:9f:82:f2:81:fa:e1:2b:9c:79:01:2c:9e:9b:66:
6a:74:47:67:95:bf:19:17:9c:21:d7:cd:bf:f1:1b:
10:10:43:dc:98:0f:3b:39:82:f7:24:95:61:c8:1f:
52:f3:df:33:be:35:58:1e:10:4c:2d:a7:a3:96:d5:
4f:a2:2c:89:77:34:5b:72:b6:45:1a:13:40:45:67:
0f:25:c1:4a:35:91:69:0d:bb:e4:9a:00:83:1a:63:
d1:80:75:f5:0d:06:b3:b1:fe:61:82:75:2e:d5:15:
9d:c5:9c:4e:ed:1c:68:90:44:5e:32:e6:43:40:b8:
89:bb:3d:5d:99:23:be:ee:48:d6:2d:b6:c6:70:17:
d1:35:8a:0e:d9:44:55:ce:05:e0:46:0b:90:0a:63:
e3:52:01:40:42:1d:47:9a:13:fd:17:03:1e:df:78:
ba:14:68:2c:26:63:d8:05:76:18:37:50:bc:74:70:
cd:6a:d4:35:01:35:23:78:b1:45:3a:74:d9:3f:75:
61:49:18:59:7e:1f:ce:ac:ec:a5:3e:72:46:cb:b6:
68:cf:4e:0f:74:d7:f5:4d:12:82:ec:64:31:64:4c:
9b:ae:c9:d9:73:b0:c8:d7:f0:d2:6b:1f:89:bb:11:
ce:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:35:14:9C:88:AB:E4:E5:E6:8F:0F:60:EE:A9:B2:DD:2B:EF:38:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:800::/40
Signature Algorithm: sha256WithRSAEncryption
10:bb:5c:7d:bf:d3:e1:50:d1:60:d7:7b:33:e5:3f:04:9f:1b:
c5:10:cd:b1:75:33:8a:b0:e4:20:f3:78:f7:8c:80:e8:e3:40:
2d:0d:67:2b:63:c2:fc:9e:14:c7:3b:bb:e4:73:55:03:f3:74:
9f:f6:d5:18:07:36:36:9f:ec:90:34:21:31:ae:f0:d8:ab:7d:
41:a8:38:f0:10:2e:e7:c7:09:73:d0:73:d3:de:12:7a:72:de:
dc:2f:f2:29:d0:d9:19:d3:22:30:db:60:40:4e:bc:ec:20:67:
bd:07:ec:45:01:a4:48:79:4d:4e:51:ca:fd:e9:c2:5a:99:c5:
7e:7a:db:38:92:77:c9:cd:2d:71:91:1b:c2:c8:34:a4:45:e5:
93:98:85:3e:75:ff:48:1d:cf:cf:98:81:8e:cb:6f:3e:b3:cf:
58:36:5d:04:99:1b:79:15:64:44:b8:41:69:b4:68:7c:49:2a:
1c:97:9a:1f:e9:a7:bc:53:fe:13:f3:8e:60:f4:10:53:cc:f6:
f4:86:72:0c:7f:3e:54:be:8b:c0:e9:e7:f1:67:a2:19:e4:59:
4d:3e:2b:e4:38:5c:49:81:c6:37:cd:53:65:e6:44:a8:e2:4a:
99:0c:96:a2:90:b7:e1:4b:e9:84:81:6a:18:bd:05:c1:35:10:
d8:c9:46:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQepBaVft47eAxVu9Tr/gWl4yL6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDlaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4ZWI1MTAzYWYyMDRiM2I2NjJjOTViMDVkYWEzZTE3M2JlNDgwNTAzZTNk
ZDZlYjM3OTNjM2I1MDkzMDM0NjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8Vyg7syecFCAIXuLzldJ+C8oH64SuceQEsnptmanRHZ5W/GRecIdfNv/Eb
EBBD3JgPOzmC9ySVYcgfUvPfM741WB4QTC2no5bVT6IsiXc0W3K2RRoTQEVnDyXB
SjWRaQ275JoAgxpj0YB19Q0Gs7H+YYJ1LtUVncWcTu0caJBEXjLmQ0C4ibs9XZkj
vu5I1i22xnAX0TWKDtlEVc4F4EYLkApj41IBQEIdR5oT/RcDHt94uhRoLCZj2AV2
GDdQvHRwzWrUNQE1I3ixRTp02T91YUkYWX4fzqzspT5yRsu2aM9OD3TX9U0Sguxk
MWRMm67J2XOwyNfw0msfibsRzoMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJNRSc
iKvk5eaPD2DuqbLdK+84pDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FlZWFmNjEtYjkyNy00ZDM4LWIzOTgtMWVmYjJjMDVkNDllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgI
MA0GCSqGSIb3DQEBCwUAA4IBAQAQu1x9v9PhUNFg13sz5T8EnxvFEM2xdTOKsOQg
83j3jIDo40AtDWcrY8L8nhTHO7vkc1UD83Sf9tUYBzY2n+yQNCExrvDYq31BqDjw
EC7nxwlz0HPT3hJ6ct7cL/Ip0NkZ0yIw22BATrzsIGe9B+xFAaRIeU1OUcr96cJa
mcV+ets4knfJzS1xkRvCyDSkReWTmIU+df9IHc/PmIGOy28+s89YNl0EmRt5FWRE
uEFptGh8SSocl5of6ae8U/4T845g9BBTzPb0hnIMfz5UvovA6efxZ6IZ5FlNPivk
OFxJgcY3zVNl5kSo4kqZDJaikLfhS+mEgWoYvQXBNRDYyUae
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:24 2026 by rpki-client