Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
File: ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa (raw, json)
Hash identifier: 3Zboi+3jLn581f1FkUXd+l4r+I27DSLs0P9LxbBDRjA=
Subject key identifier: 28:2A:E8:58:09:C9:61:35:4D:A4:6A:BD:2E:AD:B3:86:E1:00:E2:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A83102E9A3D62E8758BFD4C2723FD93FFF09201
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
Signing time: Tue 19 May 2026 05:30:10 +0000
ROA not before: Tue 19 May 2026 05:30:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:83:10:2e:9a:3d:62:e8:75:8b:fd:4c:27:23:fd:93:ff:f0:92:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=96ce78a1cd98e12a6071a082e52780475ba278bf3988ebf505bdd0755734647c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4f:27:d7:5e:57:c0:d1:15:8c:7e:4b:05:8c:
5e:89:97:f5:72:79:9c:25:78:e5:c5:af:05:86:2d:
81:dd:ee:57:63:69:4e:5c:a4:8a:94:b2:9b:63:51:
fe:91:93:bb:b1:5c:c4:1b:b8:77:64:42:04:4b:d3:
09:a4:92:22:fc:69:67:b0:1c:b6:91:67:cb:aa:38:
06:56:07:7b:55:b9:58:00:57:f9:c3:f6:75:c6:b6:
98:49:e1:1d:7c:86:e6:c2:1b:ea:e2:66:b8:70:76:
eb:17:03:43:7c:00:ea:ad:46:72:82:f1:39:fd:d6:
01:1e:f0:70:30:42:30:8f:76:a5:bc:c9:4c:b8:f3:
3c:14:49:08:f7:b1:29:a6:94:ae:c0:c0:cb:f3:99:
c1:3a:df:fa:28:8e:a3:67:64:7d:ac:d1:73:11:55:
1d:cf:49:d6:62:f9:22:69:5d:84:2c:22:b2:60:c8:
4a:d8:e0:22:c2:21:72:f6:d7:28:85:89:64:90:55:
6a:e2:61:8a:c8:bc:58:c5:32:68:8f:2e:de:ad:dd:
8b:ef:8d:76:1d:bd:ea:1a:70:4b:0c:7f:35:f3:ce:
22:84:5e:d0:ac:fd:e8:d3:d2:f1:73:43:a5:ed:bc:
04:c2:d4:c9:c8:52:5e:5a:60:13:e1:41:f0:29:aa:
66:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2A:E8:58:09:C9:61:35:4D:A4:6A:BD:2E:AD:B3:86:E1:00:E2:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:e4:0b:44:97:54:8f:e6:12:ca:20:a0:cb:d5:c7:1d:7e:f0:
b0:ae:fd:bd:7d:fe:df:80:b6:75:d9:36:9e:dd:92:91:88:fe:
df:d3:d5:e8:1d:21:5a:69:a0:24:98:4c:d2:9d:b8:f1:4c:2c:
3d:0b:ea:4e:6a:38:46:5a:09:51:c8:bb:2b:8f:73:ba:bb:45:
44:9f:aa:20:09:3c:a9:fd:08:d7:41:ae:99:51:b3:39:4e:0a:
d8:e0:10:f9:bc:a9:e9:c1:71:24:67:11:8d:04:80:53:ba:21:
b7:b8:e1:f1:d8:0f:23:dd:fa:aa:36:80:aa:f8:85:cf:b0:67:
01:13:1c:37:9f:14:c9:c4:60:08:e2:0e:06:28:05:0f:bb:99:
fd:4d:21:78:e8:a4:33:f9:9b:44:5f:5a:e5:fe:84:e3:d6:cd:
e7:f6:be:3b:13:d1:09:56:10:d5:d7:ac:a2:a7:6a:74:f6:23:
89:5e:53:8f:95:1c:c7:62:b6:63:c5:d0:e7:e4:5d:03:38:3a:
3d:8f:51:b4:8c:6e:c9:d6:39:07:29:64:a8:cd:e1:fc:7a:5a:
ac:15:fd:3b:3f:08:fa:80:d2:ff:d6:18:08:6a:7f:f6:ed:1a:
53:a7:9a:88:70:0f:1f:e1:c7:ad:2b:3c:c7:34:83:bc:9d:7a:
18:45:98:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWoMQLpo9Yuh1i/1MJyP9k//wkgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2Y2U3OGExY2Q5OGUxMmE2MDcxYTA4MmU1Mjc4MDQ3NWJhMjc4YmYzOTg4
ZWJmNTA1YmRkMDc1NTczNDY0N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxPJ9deV8DRFYx+SwWMXomX9XJ5nCV45cWvBYYtgd3uV2NpTlykipSym2NR
/pGTu7FcxBu4d2RCBEvTCaSSIvxpZ7ActpFny6o4BlYHe1W5WABX+cP2dca2mEnh
HXyG5sIb6uJmuHB26xcDQ3wA6q1GcoLxOf3WAR7wcDBCMI92pbzJTLjzPBRJCPex
KaaUrsDAy/OZwTrf+iiOo2dkfazRcxFVHc9J1mL5ImldhCwismDIStjgIsIhcvbX
KIWJZJBVauJhisi8WMUyaI8u3q3di++Ndh296hpwSwx/NfPOIoRe0Kz96NPS8XND
pe28BMLUychSXlpgE+FB8CmqZnECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoKuhY
CclhNU2kar0urbOG4QDi8zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWExMGRhYzUtMzJjZS00YWFmLTgyOTctZmZkMWRiYzg1MjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDB5AtEl1SP5hLKIKDL1ccdfvCwrv29ff7fgLZ1
2Tae3ZKRiP7f09XoHSFaaaAkmEzSnbjxTCw9C+pOajhGWglRyLsrj3O6u0VEn6og
CTyp/QjXQa6ZUbM5TgrY4BD5vKnpwXEkZxGNBIBTuiG3uOHx2A8j3fqqNoCq+IXP
sGcBExw3nxTJxGAI4g4GKAUPu5n9TSF46KQz+ZtEX1rl/oTj1s3n9r47E9EJVhDV
16yip2p09iOJXlOPlRzHYrZjxdDn5F0DODo9j1G0jG7J1jkHKWSozeH8elqsFf07
Pwj6gNL/1hgIan/27RpTp5qIcA8f4cetKzzHNIO8nXoYRZg1
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:12 2026 by rpki-client