Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d776994a-af2b-429b-a96a-85d6c3d8262a.roa
File: d776994a-af2b-429b-a96a-85d6c3d8262a.roa (raw, json)
Hash identifier: eKC4BVQtkNjOO3oXiGA6wKEfkk2+4Ge/PdqpAWuk8/s=
Subject key identifier: 45:B0:44:D2:12:0F:9C:F7:D3:CE:6F:71:E0:82:E0:CE:88:10:34:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C8B08F2CD7EED8BBD3FAB9AC7686A10602AC412
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d776994a-af2b-429b-a96a-85d6c3d8262a.roa
Signing time: Fri 22 May 2026 16:01:54 +0000
ROA not before: Fri 22 May 2026 16:01:54 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:8b:08:f2:cd:7e:ed:8b:bd:3f:ab:9a:c7:68:6a:10:60:2a:c4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:01:54 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=a7fdbe1ff1f9b1e8796b49dcb327109c460f20ee941c19589a44538a4966800e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f3:5f:69:dd:25:78:ef:19:a6:f1:39:33:62:
1f:ec:8f:7b:b0:3a:a0:f8:fa:08:f2:62:1e:54:0e:
64:cb:90:92:eb:3c:22:f9:f0:d9:5a:4a:21:9c:03:
33:5c:ab:8c:14:82:71:f9:30:15:73:c0:3a:5f:07:
db:50:f2:b0:52:62:07:3b:ce:29:94:0c:3a:48:5f:
a1:25:93:70:c6:c5:eb:bc:fb:37:6e:31:b3:3a:c5:
30:40:69:da:8c:2c:55:24:a8:f8:df:05:12:66:84:
89:ac:e4:b0:87:ec:12:66:fc:c5:ea:75:d7:d0:9c:
6f:9a:fa:c9:56:92:12:7d:21:ab:f4:06:cb:e3:62:
01:12:3c:50:77:3a:8f:45:1e:90:98:66:6c:7a:2f:
f6:03:f3:95:c9:ec:32:51:b0:4c:c0:22:21:17:a5:
6b:15:18:e8:23:c1:09:4e:aa:1d:97:b8:1d:4f:59:
d8:c3:38:63:a1:86:e6:99:4f:ac:6b:94:b8:1e:8b:
86:25:fa:c0:43:0d:b7:dd:2f:c6:7a:a3:b5:6b:b7:
ad:e2:13:e5:37:60:13:dd:cb:ef:59:0b:0f:90:7e:
5c:86:46:a5:04:93:75:e2:76:bc:68:1c:4b:54:e9:
8a:33:c0:1a:be:79:d7:c2:d2:79:7b:5e:72:9f:de:
1a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B0:44:D2:12:0F:9C:F7:D3:CE:6F:71:E0:82:E0:CE:88:10:34:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d776994a-af2b-429b-a96a-85d6c3d8262a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c000::/40
Signature Algorithm: sha256WithRSAEncryption
66:79:10:42:cd:11:b7:01:6c:9b:71:14:80:85:ac:a0:4d:50:
30:e1:69:e5:4c:e3:07:27:2b:a4:33:bd:06:74:8a:c9:b6:22:
8f:be:91:34:77:80:7d:0d:2c:08:c1:93:6c:92:1b:9e:c9:fe:
5c:fe:c7:bd:c0:97:dd:79:86:7d:ce:31:36:87:be:58:94:3b:
7a:02:9d:a5:75:fc:e0:0b:bf:36:f3:3d:d2:d9:f6:12:0f:9b:
3f:49:92:01:c2:e8:06:ee:1d:ff:36:c5:25:3a:0f:65:e8:cc:
08:f9:49:8f:e0:b0:b3:d6:43:3a:b1:23:21:ab:c5:9c:5b:96:
a5:a4:5a:13:50:11:46:c0:cc:4a:0a:47:f9:e9:07:9e:09:03:
7e:e8:cb:21:78:22:7b:80:14:b1:1c:5c:1f:92:ab:ad:da:fa:
10:d0:ac:52:6f:d9:4a:03:bf:a4:af:df:39:7d:56:33:c0:5d:
43:6d:35:b5:3d:a2:c6:0c:a6:7a:83:69:23:2c:9d:9d:17:0e:
77:44:4e:a0:a0:e2:1a:2f:a3:a1:50:aa:2f:3f:8f:a6:80:13:
e7:b6:c5:86:2e:91:5d:13:96:b1:70:c1:9a:8c:b4:ea:a0:34:
fd:3a:04:bc:91:95:3e:1c:1f:c9:83:a7:86:6f:32:08:89:06:
26:d4:2e:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXIsI8s1+7Yu9P6uax2hqEGAqxBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAxNTRaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3ZmRiZTFmZjFmOWIxZTg3OTZiNDlkY2IzMjcxMDljNDYwZjIwZWU5NDFj
MTk1ODlhNDQ1MzhhNDk2NjgwMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIfzX2ndJXjvGabxOTNiH+yPe7A6oPj6CPJiHlQOZMuQkus8Ivnw2VpKIZwD
M1yrjBSCcfkwFXPAOl8H21DysFJiBzvOKZQMOkhfoSWTcMbF67z7N24xszrFMEBp
2owsVSSo+N8FEmaEiazksIfsEmb8xep119Ccb5r6yVaSEn0hq/QGy+NiARI8UHc6
j0UekJhmbHov9gPzlcnsMlGwTMAiIRelaxUY6CPBCU6qHZe4HU9Z2MM4Y6GG5plP
rGuUuB6LhiX6wEMNt90vxnqjtWu3reIT5TdgE93L71kLD5B+XIZGpQSTdeJ2vGgc
S1TpijPAGr5518LSeXtecp/eGrMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRFsETS
Eg+c99POb3HgguDOiBA0gDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDc3Njk5NGEtYWYyYi00MjliLWE5NmEtODVkNmMzZDgyNjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHA
MA0GCSqGSIb3DQEBCwUAA4IBAQBmeRBCzRG3AWybcRSAhaygTVAw4WnlTOMHJyuk
M70GdIrJtiKPvpE0d4B9DSwIwZNskhueyf5c/se9wJfdeYZ9zjE2h75YlDt6Ap2l
dfzgC7828z3S2fYSD5s/SZIBwugG7h3/NsUlOg9l6MwI+UmP4LCz1kM6sSMhq8Wc
W5alpFoTUBFGwMxKCkf56QeeCQN+6MsheCJ7gBSxHFwfkqut2voQ0KxSb9lKA7+k
r985fVYzwF1DbTW1PaLGDKZ6g2kjLJ2dFw53RE6goOIaL6OhUKovP4+mgBPntsWG
LpFdE5axcMGajLTqoDT9OgS8kZU+HB/Jg6eGbzIIiQYm1C6E
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:16:49 2026 by rpki-client