Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
File: e437969a-a36c-4417-88bd-c48ac88d9a5c.roa (raw, json)
Hash identifier: 3Ql2/RC4hAqpYlTunYhwzhqXQZtpnkkljRVEpFTE4kg=
Subject key identifier: B8:96:ED:7D:54:52:E5:5F:C3:C4:F8:73:52:42:6E:2E:A9:A4:F2:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 383EAEED36B03627948903CEF20480F0F980C858
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
Signing time: Tue 19 May 2026 05:20:07 +0000
ROA not before: Tue 19 May 2026 05:20:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:3e:ae:ed:36:b0:36:27:94:89:03:ce:f2:04:80:f0:f9:80:c8:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=29cf04c98159c7cb71461a489b465529fd55cdcb621e56574f50cdbe1a1d2d9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c7:95:6d:34:48:55:2a:5f:35:56:14:72:87:
20:d8:88:39:e9:31:e1:cf:13:62:41:1a:e0:44:d0:
bb:eb:8c:99:9d:40:a3:dc:a6:a3:c2:b1:f7:47:ee:
e8:7a:ae:55:cc:38:16:2f:0b:d1:b2:0b:96:36:1d:
e9:7b:c6:46:5a:5f:93:cf:60:2b:8b:b2:58:55:6f:
b7:e5:d0:93:3c:7e:c8:af:e3:52:2b:7c:2e:e8:0e:
94:66:e3:e5:8c:10:64:ee:64:37:32:d0:9d:e0:bc:
99:96:38:59:c0:f3:0f:bb:b2:43:be:cf:33:1f:df:
4c:9c:c2:d4:be:9a:31:d8:d6:88:80:c8:96:cb:b9:
6b:e3:79:f6:f5:dc:ab:f2:15:fa:e5:f1:ec:0c:c4:
3f:f1:5e:ae:c0:c5:c5:4c:55:f7:95:53:ce:6b:2c:
f2:8b:21:0b:3c:c0:f8:91:c6:74:62:fd:06:c0:9c:
38:f3:4f:2e:a8:6a:96:bc:5b:bd:c4:1f:52:e3:b8:
66:f6:9b:10:c7:3c:5b:72:79:73:05:1e:9a:94:b3:
62:24:f7:48:98:42:cb:62:63:4b:ac:e0:54:99:bf:
78:1e:98:02:f6:fe:98:7d:73:08:33:8a:18:d7:f0:
eb:83:9b:d4:f4:e0:24:c7:5a:eb:f8:9e:6b:8a:2c:
ad:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:96:ED:7D:54:52:E5:5F:C3:C4:F8:73:52:42:6E:2E:A9:A4:F2:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b080::/48
Signature Algorithm: sha256WithRSAEncryption
90:e2:a5:9f:79:64:58:b4:8e:51:b6:dd:a0:52:f4:fb:bd:ca:
1b:76:67:2d:8f:ae:11:1f:1b:d8:eb:2e:ca:45:12:13:34:83:
0c:26:f4:ea:ac:48:f8:9e:bc:96:82:f7:e0:bf:32:1d:cc:00:
ba:0b:a2:df:d3:be:c7:10:d8:3d:9b:95:15:96:f3:15:20:0d:
7d:8b:ee:a7:2d:7f:96:66:c6:41:f8:58:17:61:8c:d6:94:3e:
a0:fb:f0:68:91:26:78:c0:1c:78:3e:62:75:9f:65:2e:a4:1a:
d9:dc:24:da:9e:cd:6e:85:9b:e3:05:6e:20:8a:5a:bd:d0:66:
27:40:21:e0:80:44:ec:81:4a:d4:87:96:e5:a9:0a:d7:da:c9:
15:c6:c6:c6:76:79:63:74:6c:33:78:7f:32:9b:c3:39:0e:24:
b6:5d:34:e8:b5:23:e8:39:de:43:c4:50:09:c7:72:73:bc:a6:
5d:e1:82:d2:b4:fa:db:ea:ae:d0:96:4b:b7:29:5e:ca:4f:09:
9d:c6:4e:46:6c:41:00:e9:60:6a:a0:fd:00:34:7d:c5:d7:2f:
8f:4e:2b:81:f2:6c:93:21:08:b6:4e:d6:c1:49:e5:79:41:76:
ee:42:72:90:42:31:f0:88:9e:e7:a8:57:d1:43:18:5c:e7:8e:
e6:4e:37:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOD6u7TawNieUiQPO8gSA8PmAyFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5Y2YwNGM5ODE1OWM3Y2I3MTQ2MWE0ODliNDY1NTI5ZmQ1NWNkY2I2MjFl
NTY1NzRmNTBjZGJlMWExZDJkOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPHlW00SFUqXzVWFHKHINiIOekx4c8TYkEa4ETQu+uMmZ1Ao9ymo8Kx90fu
6HquVcw4Fi8L0bILljYd6XvGRlpfk89gK4uyWFVvt+XQkzx+yK/jUit8LugOlGbj
5YwQZO5kNzLQneC8mZY4WcDzD7uyQ77PMx/fTJzC1L6aMdjWiIDIlsu5a+N59vXc
q/IV+uXx7AzEP/FersDFxUxV95VTzmss8oshCzzA+JHGdGL9BsCcOPNPLqhqlrxb
vcQfUuO4ZvabEMc8W3J5cwUempSzYiT3SJhCy2JjS6zgVJm/eB6YAvb+mH1zCDOK
GNfw64Ob1PTgJMda6/iea4osrXECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS4lu19
VFLlX8PE+HNSQm4uqaTyOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTQzNzk2OWEtYTM2Yy00NDE3LTg4YmQtYzQ4YWM4OGQ5YTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Diw
gDANBgkqhkiG9w0BAQsFAAOCAQEAkOKln3lkWLSOUbbdoFL0+73KG3ZnLY+uER8b
2OsuykUSEzSDDCb06qxI+J68loL34L8yHcwAugui39O+xxDYPZuVFZbzFSANfYvu
py1/lmbGQfhYF2GM1pQ+oPvwaJEmeMAceD5idZ9lLqQa2dwk2p7NboWb4wVuIIpa
vdBmJ0Ah4IBE7IFK1IeW5akK19rJFcbGxnZ5Y3RsM3h/MpvDOQ4ktl006LUj6Dne
Q8RQCcdyc7ymXeGC0rT62+qu0JZLtyleyk8JncZORmxBAOlgaqD9ADR9xdcvj04r
gfJskyEItk7WwUnleUF27kJykEIx8Iie56hX0UMYXOeO5k43Fg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:15 2026 by rpki-client