Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce04c6c2-3994-4b71-a579-ee490d4b125b.roa
File: ce04c6c2-3994-4b71-a579-ee490d4b125b.roa (raw, json)
Hash identifier: slgfrXL+oLkKkcZJoOpvPGz7fLjiSbJgBwYq0eNfUz0=
Subject key identifier: AF:11:FA:C1:DC:DD:7F:42:C0:26:EC:A3:90:32:74:CE:6A:DA:64:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66488CDF2CBE897C02A0BC349742DDFE517C5259
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce04c6c2-3994-4b71-a579-ee490d4b125b.roa
Signing time: Fri 15 May 2026 02:00:10 +0000
ROA not before: Fri 15 May 2026 02:00:10 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:f000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:48:8c:df:2c:be:89:7c:02:a0:bc:34:97:42:dd:fe:51:7c:52:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:00:10 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=fbe57c1d98b0ba132ec83ef02b1fbe6adc13f1f0065a344e665419137283c9f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4e:1c:69:cf:6d:31:27:ab:8d:3c:d6:4c:cb:
19:42:b9:d2:06:5f:82:9a:68:34:3e:a8:95:f9:60:
d8:88:8e:57:9b:e5:e3:a3:d9:47:db:7b:48:8c:83:
40:86:e5:55:8d:cf:18:ee:8c:11:f2:86:78:00:bb:
f6:de:4b:f4:e6:21:7f:46:99:84:b7:0f:cc:e2:fd:
03:5c:8a:3b:0e:41:76:27:13:c6:3e:8c:18:ca:5a:
79:80:26:12:45:de:ee:11:1e:e4:91:2c:f9:0b:95:
e7:11:ef:a4:aa:d2:c8:49:3e:91:6a:79:42:58:3b:
04:21:f0:26:2a:55:44:5c:d3:78:37:60:03:90:6e:
79:2e:4c:fc:5f:de:0b:60:d7:64:d6:24:42:85:83:
90:37:4b:a8:45:f7:1b:45:9c:d3:26:d2:b1:d5:84:
2d:d6:4b:4e:ef:a7:2c:f2:6d:b8:f8:d4:8f:ba:e3:
7b:8c:1a:80:b0:05:e4:b3:f6:7e:bb:0c:65:e4:9b:
81:3c:7d:40:72:02:20:02:b4:25:09:9c:fd:67:2a:
c2:0b:4d:a3:38:bb:09:e5:5f:ef:7c:69:4e:5f:d5:
cb:15:fc:7c:58:76:a3:28:1c:4d:31:ca:5f:33:a9:
c6:c5:37:a9:fd:ce:2c:2d:3a:9e:3b:a5:bc:f3:0d:
a2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:11:FA:C1:DC:DD:7F:42:C0:26:EC:A3:90:32:74:CE:6A:DA:64:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce04c6c2-3994-4b71-a579-ee490d4b125b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:f000::/40
Signature Algorithm: sha256WithRSAEncryption
a9:02:fb:80:fe:18:f5:d6:93:90:2c:d9:de:82:d0:19:ce:78:
fa:c1:34:71:76:5f:1a:72:b3:99:a1:26:58:72:dc:58:c3:43:
b2:8d:fc:1e:7a:45:8a:47:d0:ff:c3:16:65:c2:3c:a3:2f:c0:
22:08:7d:29:1d:9b:d3:80:4d:46:d8:ab:96:9c:f1:2e:1f:cb:
3e:d3:8a:4c:28:67:16:ca:aa:69:3a:d2:7d:39:80:a1:a0:e2:
2c:5d:16:82:0d:2e:8b:81:b4:3e:45:ef:1b:4a:98:d1:d3:e2:
59:5e:e2:18:d0:2f:11:83:84:fd:df:de:c1:56:4b:3b:9d:f4:
69:48:97:c8:f9:8e:9c:0e:05:19:31:22:5e:17:bd:f7:33:10:
3d:2b:ec:cc:ad:a1:2d:2e:a5:85:ef:b8:c0:36:ee:e4:31:54:
6d:a7:c7:33:91:4d:4e:59:d5:86:5f:e4:f2:c5:08:af:3e:68:
01:c4:f0:9c:38:fe:f8:bf:8f:cc:55:14:82:73:44:13:ab:72:
53:d8:45:d2:8b:0c:24:5b:60:87:34:42:0a:7f:57:fc:03:3e:
87:5d:4f:ab:00:76:3e:3d:0c:14:8a:55:05:9f:14:c8:54:5b:
e5:1e:ed:96:f3:6a:14:ef:01:7b:f8:48:1b:fe:af:55:06:e7:
e3:19:6b:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZkiM3yy+iXwCoLw0l0Ld/lF8UlkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjAwMTBaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiZTU3YzFkOThiMGJhMTMyZWM4M2VmMDJiMWZiZTZhZGMxM2YxZjAwNjVh
MzQ0ZTY2NTQxOTEzNzI4M2M5ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhOHGnPbTEnq4081kzLGUK50gZfgppoND6olflg2IiOV5vl46PZR9t7SIyD
QIblVY3PGO6MEfKGeAC79t5L9OYhf0aZhLcPzOL9A1yKOw5BdicTxj6MGMpaeYAm
EkXe7hEe5JEs+QuV5xHvpKrSyEk+kWp5Qlg7BCHwJipVRFzTeDdgA5BueS5M/F/e
C2DXZNYkQoWDkDdLqEX3G0Wc0ybSsdWELdZLTu+nLPJtuPjUj7rje4wagLAF5LP2
frsMZeSbgTx9QHICIAK0JQmc/WcqwgtNozi7CeVf73xpTl/VyxX8fFh2oygcTTHK
XzOpxsU3qf3OLC06njulvPMNoiMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSvEfrB
3N1/QsAm7KOQMnTOatpkpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2UwNGM2YzItMzk5NC00YjcxLWE1NzktZWU0OTBkNGIxMjViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjw
MA0GCSqGSIb3DQEBCwUAA4IBAQCpAvuA/hj11pOQLNnegtAZznj6wTRxdl8acrOZ
oSZYctxYw0OyjfweekWKR9D/wxZlwjyjL8AiCH0pHZvTgE1G2KuWnPEuH8s+04pM
KGcWyqppOtJ9OYChoOIsXRaCDS6LgbQ+Re8bSpjR0+JZXuIY0C8Rg4T9397BVks7
nfRpSJfI+Y6cDgUZMSJeF733MxA9K+zMraEtLqWF77jANu7kMVRtp8czkU1OWdWG
X+TyxQivPmgBxPCcOP74v4/MVRSCc0QTq3JT2EXSiwwkW2CHNEIKf1f8Az6HXU+r
AHY+PQwUilUFnxTIVFvlHu2W82oU7wF7+Egb/q9VBufjGWuc
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:25 2026 by rpki-client