Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
File: d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa (raw, json)
Hash identifier: yPR+bdiQAR67INTgShH8MNs+opKIDfomBbh4etstRpg=
Subject key identifier: 4B:05:24:3C:5D:E7:27:50:A0:81:3B:C4:B7:38:C7:3D:CB:54:5F:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E1F63EE020E06FCE36457044CEDF368A949DA05
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
Signing time: Tue 19 May 2026 05:20:07 +0000
ROA not before: Tue 19 May 2026 05:20:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:1f:63:ee:02:0e:06:fc:e3:64:57:04:4c:ed:f3:68:a9:49:da:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=c0b51320030a74ece0ea0ec4146b60c9853fe16db32a786c5d1350a60795b609, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:22:35:54:4b:96:08:3b:f3:a7:36:f7:00:15:
f9:dd:5a:1b:06:f5:8b:c8:dc:a7:17:28:c1:c5:9b:
33:58:f9:22:24:dc:a0:de:0a:81:f8:68:ed:87:26:
ab:38:fc:3a:21:77:e8:82:0f:15:7e:27:77:7d:ee:
46:6b:5c:bb:4e:d5:22:90:60:9c:d0:7f:68:71:af:
92:f2:7d:10:ee:f4:55:49:22:04:37:2f:d6:4d:ac:
53:77:80:1f:9f:d7:69:a6:f8:48:f4:e5:b4:e6:cc:
b0:b2:1c:b5:06:41:fe:c9:b1:70:1c:4e:ca:41:1d:
02:8b:cb:f6:96:ed:bf:da:4e:2f:7c:d6:ba:3a:53:
af:6b:ce:bd:7e:67:ab:1c:4c:a2:84:c2:a1:74:e0:
4c:70:25:ce:8a:6c:70:eb:9a:b2:c6:0e:b0:29:f1:
c7:eb:d6:a5:05:40:9a:43:d2:6a:05:9e:7b:96:d6:
5d:44:71:c3:fc:fb:75:a8:7b:e7:f6:2c:93:df:dd:
21:f4:81:3c:79:a4:cf:e7:47:eb:f7:98:2a:10:05:
c7:86:62:bc:a0:d3:3b:eb:f3:5f:30:77:85:a8:53:
04:2d:e2:ed:7e:41:97:b2:ae:87:f7:30:5c:4f:9c:
f2:2c:36:f8:41:53:41:aa:2c:60:2b:64:56:38:21:
57:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:05:24:3C:5D:E7:27:50:A0:81:3B:C4:B7:38:C7:3D:CB:54:5F:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:1000::/40
Signature Algorithm: sha256WithRSAEncryption
1d:45:02:82:2d:53:b2:f3:d6:ee:7d:73:2f:28:7a:71:51:d9:
c6:0e:fb:27:1b:f3:b7:2c:92:c6:ff:37:87:2a:68:09:c8:99:
e0:65:78:c8:54:ee:e5:a6:26:d0:09:7e:f1:17:2d:e0:04:e2:
9f:38:a6:94:03:c2:ea:51:cf:5b:66:f0:42:31:7c:81:5f:69:
cc:72:ee:b6:b7:22:a0:72:11:f9:90:f9:2f:c4:58:5f:83:51:
02:7d:84:44:c0:a8:4b:d1:62:ee:e0:ba:c1:1e:94:05:d2:30:
f4:f3:b2:e8:b3:aa:7e:e8:e5:84:5e:c1:1a:bb:93:fd:56:ee:
2a:da:89:75:34:c0:4c:50:06:27:cf:3b:04:d7:6e:48:39:fa:
9a:0d:c3:a1:cd:e6:c0:5a:4d:0e:03:44:51:97:2c:01:4e:63:
21:2c:85:9e:cc:da:e0:fd:ab:80:cf:fe:d0:55:ec:02:6d:54:
00:83:98:94:05:d5:93:f3:d7:18:6e:bb:84:63:09:d8:a6:ba:
0e:2d:c9:90:b8:62:f7:c8:59:20:16:68:79:fc:f8:98:8a:dc:
db:1f:37:57:9c:68:e2:f1:fc:60:ce:99:c9:c1:ca:07:b7:dc:
c1:e9:f4:5f:82:cd:0a:7b:c9:16:a4:d2:81:4d:02:51:12:15:
bc:4f:f9:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTh9j7gIOBvzjZFcETO3zaKlJ2gUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwYjUxMzIwMDMwYTc0ZWNlMGVhMGVjNDE0NmI2MGM5ODUzZmUxNmRiMzJh
Nzg2YzVkMTM1MGE2MDc5NWI2MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoiNVRLlgg786c29wAV+d1aGwb1i8jcpxcowcWbM1j5IiTcoN4Kgfho7Ycm
qzj8OiF36IIPFX4nd33uRmtcu07VIpBgnNB/aHGvkvJ9EO70VUkiBDcv1k2sU3eA
H5/Xaab4SPTltObMsLIctQZB/smxcBxOykEdAovL9pbtv9pOL3zWujpTr2vOvX5n
qxxMooTCoXTgTHAlzopscOuassYOsCnxx+vWpQVAmkPSagWee5bWXURxw/z7dah7
5/Ysk9/dIfSBPHmkz+dH6/eYKhAFx4ZivKDTO+vzXzB3hahTBC3i7X5Bl7Kuh/cw
XE+c8iw2+EFTQaosYCtkVjghVx8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLBSQ8
XecnUKCBO8S3OMc9y1RfozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM4NWZmNGItN2Y4ZS00NWQyLThmOGItZmNkZTE0MjZhMDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAdRQKCLVOy89bufXMvKHpxUdnGDvsnG/O3LJLG
/zeHKmgJyJngZXjIVO7lpibQCX7xFy3gBOKfOKaUA8LqUc9bZvBCMXyBX2nMcu62
tyKgchH5kPkvxFhfg1ECfYREwKhL0WLu4LrBHpQF0jD087Los6p+6OWEXsEau5P9
Vu4q2ol1NMBMUAYnzzsE125IOfqaDcOhzebAWk0OA0RRlywBTmMhLIWezNrg/auA
z/7QVewCbVQAg5iUBdWT89cYbruEYwnYproOLcmQuGL3yFkgFmh5/PiYitzbHzdX
nGji8fxgzpnJwcoHt9zB6fRfgs0Ke8kWpNKBTQJREhW8T/mk
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:50 2026 by rpki-client