Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
File: e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa (raw, json)
Hash identifier: OdEV6Mhu9mLWOaqoNiAVYc5A7CL/5MTw/G7F0xmAOhA=
Subject key identifier: 47:D9:3B:5B:F1:EC:B9:2E:62:C4:2B:96:54:30:5D:7E:8D:BB:8A:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AB25A41529376BD9F257173041F59C75C32F608
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
Signing time: Tue 19 May 2026 04:40:25 +0000
ROA not before: Tue 19 May 2026 04:40:25 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:b2:5a:41:52:93:76:bd:9f:25:71:73:04:1f:59:c7:5c:32:f6:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:25 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=0516852c8ec50ce121e99eaf29e8fa36c368d9857cb690acf1e4048f74e19576, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0b:38:10:64:16:c2:99:1d:06:84:23:be:65:
05:34:8d:d8:bc:85:6e:6a:87:3a:f1:05:15:6c:1f:
70:0d:d4:78:05:43:96:4f:c4:b7:2e:08:3d:18:82:
c9:a6:f0:d7:e1:cb:17:29:c6:5e:c1:cb:fb:b8:65:
07:74:54:a1:b8:e1:4d:45:ae:c1:39:98:a8:69:b0:
c4:ba:29:2e:4b:f4:55:e7:28:c5:b0:8d:c6:25:5f:
99:87:2a:0a:5f:ce:59:65:78:67:7b:0e:8f:86:c9:
ed:b2:41:4b:35:7f:8c:4a:88:6d:f1:1a:b1:dd:71:
20:9e:58:ee:e5:94:53:5c:bd:a8:a2:e8:52:d5:de:
ac:2e:f6:5b:bd:3d:c1:3a:7b:c1:7c:7d:a4:24:62:
f2:76:cc:ce:4b:fc:8a:ab:d3:d3:e1:0e:e2:16:00:
d9:5d:85:fb:59:1a:16:ea:f9:0d:5a:70:d5:aa:91:
7d:a9:31:e3:b5:79:d6:2f:b6:56:5f:9b:cd:b4:39:
da:a9:1b:8b:fb:0c:4d:04:fa:ec:9d:0e:1c:be:9f:
da:8a:c1:76:98:03:5f:d3:67:6f:8f:2b:a0:d4:64:
1d:4b:2f:37:7f:11:c9:7e:62:43:db:88:d7:c9:e5:
27:96:6f:ac:87:32:8c:5f:50:20:f3:94:8c:6d:7b:
98:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D9:3B:5B:F1:EC:B9:2E:62:C4:2B:96:54:30:5D:7E:8D:BB:8A:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
3a:7b:b7:42:d0:ce:86:ee:2b:6a:ad:ce:b3:2d:2f:84:90:d2:
d2:3a:e1:cd:7c:26:db:82:ee:1b:a0:2f:0a:a6:1a:6f:39:88:
95:5b:6d:85:ee:eb:28:0e:60:7a:63:54:d2:3e:9a:fb:e0:fc:
ad:0c:82:48:c9:42:c6:c4:88:39:7c:3c:60:c3:e6:8a:56:dd:
75:82:d7:e5:6d:39:1e:95:c6:42:c3:6d:f0:b8:32:94:3e:a8:
a3:de:6d:f7:65:e3:bb:ea:9d:8c:58:28:1a:45:e5:5c:da:44:
7d:87:2d:51:f4:8c:a6:22:05:7f:d4:7c:28:16:f5:a3:84:9d:
2a:0a:eb:9b:35:1d:34:d5:c3:6a:5c:39:05:55:ef:af:10:18:
31:ad:ff:1a:0b:29:23:5f:53:e1:ca:7a:59:ce:57:dc:2e:2d:
05:92:92:e3:37:86:d6:90:13:92:60:26:c8:6e:45:ea:f5:3a:
66:8c:33:08:ee:eb:43:64:b1:74:7a:d8:2b:c8:85:90:85:de:
d6:f4:8a:b6:a8:b5:b4:b0:2d:c5:4e:99:af:d3:49:09:a5:28:
9a:d8:a8:b2:e7:67:da:46:80:aa:ec:6b:e4:1a:d1:b1:d4:2c:
64:71:5b:e2:46:68:72:3a:9c:1c:18:a8:9f:4b:25:2b:23:e7:
94:5e:d5:a3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWrJaQVKTdr2fJXFzBB9Zx1wy9ggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMjVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1MTY4NTJjOGVjNTBjZTEyMWU5OWVhZjI5ZThmYTM2YzM2OGQ5ODU3Y2I2
OTBhY2YxZTQwNDhmNzRlMTk1NzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKILOBBkFsKZHQaEI75lBTSN2LyFbmqHOvEFFWwfcA3UeAVDlk/Ety4IPRiC
yabw1+HLFynGXsHL+7hlB3RUobjhTUWuwTmYqGmwxLopLkv0VecoxbCNxiVfmYcq
Cl/OWWV4Z3sOj4bJ7bJBSzV/jEqIbfEasd1xIJ5Y7uWUU1y9qKLoUtXerC72W709
wTp7wXx9pCRi8nbMzkv8iqvT0+EO4hYA2V2F+1kaFur5DVpw1aqRfakx47V51i+2
Vl+bzbQ52qkbi/sMTQT67J0OHL6f2orBdpgDX9Nnb48roNRkHUsvN38RyX5iQ9uI
18nlJ5ZvrIcyjF9QIPOUjG17mIMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRH2Ttb
8ey5LmLEK5ZUMF1+jbuKYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3YTk3MWMtOWJhZC00NGQ0LWJhNjMtOWMwOWYwMjk5ZmEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
wDANBgkqhkiG9w0BAQsFAAOCAQEAOnu3QtDOhu4raq3Osy0vhJDS0jrhzXwm24Lu
G6AvCqYabzmIlVtthe7rKA5gemNU0j6a++D8rQyCSMlCxsSIOXw8YMPmilbddYLX
5W05HpXGQsNt8LgylD6oo95t92Xju+qdjFgoGkXlXNpEfYctUfSMpiIFf9R8KBb1
o4SdKgrrmzUdNNXDalw5BVXvrxAYMa3/GgspI19T4cp6Wc5X3C4tBZKS4zeG1pAT
kmAmyG5F6vU6ZowzCO7rQ2SxdHrYK8iFkIXe1vSKtqi1tLAtxU6Zr9NJCaUomtio
sudn2kaAquxr5BrRsdQsZHFb4kZocjqcHBion0slKyPnlF7Vow==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:52 2026 by rpki-client