Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5bc893b-21b9-487c-a51d-bb198783570b.roa
File: f5bc893b-21b9-487c-a51d-bb198783570b.roa (raw, json)
Hash identifier: oTbvK5FFQ7jD0Vx1bVby7rywenR2z5YGdpIFYSDs+8Y=
Subject key identifier: 87:D1:23:43:7A:B3:BC:E8:98:C4:6F:52:DD:8F:55:51:39:2E:99:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F12663316093D369458DC2F7742B1B0E9A93471
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5bc893b-21b9-487c-a51d-bb198783570b.roa
Signing time: Fri 22 May 2026 16:03:28 +0000
ROA not before: Fri 22 May 2026 16:03:28 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:12:66:33:16:09:3d:36:94:58:dc:2f:77:42:b1:b0:e9:a9:34:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:03:28 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=ec56b3fdb2471b63d1cb8259e678263106c10a5bef39ecb8c9b43efe32daca02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:42:ca:85:8f:84:7d:46:49:55:0d:ec:ea:ab:
e6:b9:b5:1e:1f:9d:59:69:82:2a:92:de:fa:ab:66:
6f:0d:7a:17:85:7e:0d:64:a8:d5:4a:c3:48:3e:78:
4f:61:d5:7c:ff:5d:ef:94:e5:08:e5:cc:3e:5e:df:
c5:1b:85:f8:4e:c9:99:79:b5:bd:f1:84:b9:a4:3b:
d3:d5:47:49:73:94:9a:cd:fb:ae:37:d7:6b:2c:e3:
01:ec:43:41:a8:22:a2:25:14:ab:9b:3b:49:66:03:
b5:6d:b2:99:dd:01:ba:44:85:4f:8e:cd:a6:21:50:
2c:56:41:a4:5e:17:2a:93:f1:12:67:54:ad:37:59:
55:21:fd:0d:a5:e4:5c:0a:61:ce:94:05:96:bf:8d:
00:44:8d:38:69:83:01:04:4f:23:16:7f:65:93:fd:
1d:be:c3:fe:41:f0:5c:12:6a:61:aa:fb:c8:f1:e0:
d5:16:05:45:b7:b7:9d:b5:aa:26:06:d7:ed:92:41:
e9:b4:39:07:ec:c7:3f:b7:fd:a6:1f:41:10:70:ae:
18:b6:d3:da:79:4b:a9:86:d8:f3:05:28:c3:54:9d:
73:ae:90:96:1f:1e:28:89:b4:0a:ee:f7:fd:15:8b:
bc:36:ec:ec:cf:18:39:07:6f:b0:ad:ba:14:1f:40:
9e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D1:23:43:7A:B3:BC:E8:98:C4:6F:52:DD:8F:55:51:39:2E:99:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5bc893b-21b9-487c-a51d-bb198783570b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:4040::/48
Signature Algorithm: sha256WithRSAEncryption
62:5a:9d:63:c6:aa:f4:8d:c5:9d:c5:b4:81:59:4b:32:db:48:
f3:9c:4f:be:c9:75:5b:c1:a7:db:ad:15:17:e7:64:32:c8:20:
d8:b1:fe:01:3d:fb:5a:a5:34:b7:03:35:a0:a5:0e:b8:d1:49:
62:a4:f5:da:32:4a:e9:0b:86:69:f6:e2:df:cf:63:60:ee:ae:
b4:25:4f:d3:c2:59:e1:25:4c:96:a6:b9:67:de:7d:63:4c:32:
11:b7:d1:88:8d:cd:4d:be:45:c2:40:a0:be:ab:a5:5b:91:d8:
48:b1:89:69:b2:9f:15:c1:45:d0:db:11:52:91:5d:e6:f6:66:
d0:61:e5:69:79:a9:ce:20:a7:a7:21:8d:87:a9:8d:ad:5e:02:
0c:3c:ae:44:c7:65:40:57:57:1f:58:37:3a:5f:7c:05:70:14:
b6:51:30:b5:a4:fd:9e:2c:f1:31:7a:81:6d:02:af:25:4d:80:
4c:8d:14:e8:86:a4:e7:11:9b:0f:51:9c:90:d0:22:da:45:1a:
9a:d5:43:90:f1:4d:ca:67:bb:f4:9d:79:6b:f5:99:df:24:7b:
64:79:7f:d5:ea:9b:54:b9:d9:36:e2:a4:63:21:ae:dc:d6:de:
ed:bf:1d:ca:14:e4:da:95:01:f6:bd:cf:54:56:d5:ae:53:99:
8b:16:f7:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXxJmMxYJPTaUWNwvd0KxsOmpNHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAzMjhaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjNTZiM2ZkYjI0NzFiNjNkMWNiODI1OWU2NzgyNjMxMDZjMTBhNWJlZjM5
ZWNiOGM5YjQzZWZlMzJkYWNhMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtCyoWPhH1GSVUN7Oqr5rm1Hh+dWWmCKpLe+qtmbw16F4V+DWSo1UrDSD54
T2HVfP9d75TlCOXMPl7fxRuF+E7JmXm1vfGEuaQ709VHSXOUms37rjfXayzjAexD
QagioiUUq5s7SWYDtW2ymd0BukSFT47NpiFQLFZBpF4XKpPxEmdUrTdZVSH9DaXk
XAphzpQFlr+NAESNOGmDAQRPIxZ/ZZP9Hb7D/kHwXBJqYar7yPHg1RYFRbe3nbWq
JgbX7ZJB6bQ5B+zHP7f9ph9BEHCuGLbT2nlLqYbY8wUow1Sdc66Qlh8eKIm0Cu73
/RWLvDbs7M8YOQdvsK26FB9AnscCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSH0SND
erO86JjEb1Ldj1VROS6ZyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjViYzg5M2ItMjFiOS00ODdjLWE1MWQtYmIxOTg3ODM1NzBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GhA
QDANBgkqhkiG9w0BAQsFAAOCAQEAYlqdY8aq9I3FncW0gVlLMttI85xPvsl1W8Gn
260VF+dkMsgg2LH+AT37WqU0twM1oKUOuNFJYqT12jJK6QuGafbi389jYO6utCVP
08JZ4SVMlqa5Z959Y0wyEbfRiI3NTb5FwkCgvqulW5HYSLGJabKfFcFF0NsRUpFd
5vZm0GHlaXmpziCnpyGNh6mNrV4CDDyuRMdlQFdXH1g3Ol98BXAUtlEwtaT9nizx
MXqBbQKvJU2ATI0U6Iak5xGbD1GckNAi2kUamtVDkPFNyme79J15a/WZ3yR7ZHl/
1eqbVLnZNuKkYyGu3Nbe7b8dyhTk2pUB9r3PVFbVrlOZixb35A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:54:04 2026 by rpki-client