Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
File: f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa (raw, json)
Hash identifier: ccN9e6/05KOoPtn/JyyUdaHMWxb6VFAB3gcKi68XDVk=
Subject key identifier: 12:A6:90:F9:C4:5B:5E:19:E0:E8:60:44:7C:29:39:5C:E0:EA:AB:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 499DA69F666470B9623FD035F5C5CAB3BB9903CF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
Signing time: Tue 19 May 2026 04:30:31 +0000
ROA not before: Tue 19 May 2026 04:30:31 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:9d:a6:9f:66:64:70:b9:62:3f:d0:35:f5:c5:ca:b3:bb:99:03:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:31 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b5298544e2a408a831acd3007c2ec032ce9900a6ba4d00d4a20e5fa172ce6be6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cc:a8:e1:fe:5b:af:8e:6a:9e:c3:78:c0:e0:
3c:cf:12:b2:6a:d8:ad:72:e2:f3:fd:3c:20:8c:f0:
0d:c2:24:69:50:61:a3:2a:ea:f6:8e:28:e4:55:d3:
7c:6e:ff:39:33:96:f7:6e:06:f8:5c:5e:1e:99:cd:
d9:5b:62:de:aa:b0:59:1c:40:56:33:c9:0c:2b:e5:
7a:f3:20:4a:8f:13:fe:a5:15:ff:10:5d:57:01:7b:
6c:63:5a:10:07:af:8e:86:3c:ed:d8:fc:80:96:38:
90:fc:04:93:48:68:56:b1:ff:94:a4:53:8a:46:25:
27:1f:64:9a:b3:35:05:ea:05:66:b6:24:ec:2c:45:
00:e5:e7:f2:2e:56:ad:e8:c2:df:62:8a:8c:39:c3:
53:e9:de:a8:e4:9c:bd:ee:ca:55:62:5e:14:66:33:
64:c4:70:21:5f:05:73:93:b5:af:9b:41:37:cc:f8:
f1:76:d9:7c:f6:64:66:0d:f7:d4:37:41:bc:6d:7f:
74:5c:50:8e:e2:31:fc:73:63:db:ef:d9:6c:41:e7:
68:cb:07:ad:7c:5a:c3:97:a3:81:d3:bf:68:58:ba:
7a:e0:16:d7:ac:cf:ec:7f:92:e4:e9:2d:47:da:e2:
cc:2a:2c:b8:a9:dd:19:20:4d:df:59:72:5b:e2:e8:
06:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A6:90:F9:C4:5B:5E:19:E0:E8:60:44:7C:29:39:5C:E0:EA:AB:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6040::/48
Signature Algorithm: sha256WithRSAEncryption
08:57:b6:63:c2:50:3a:96:a4:86:51:91:74:ce:f1:f9:e8:26:
e5:df:ee:88:b2:c4:19:14:08:8f:c5:37:2d:51:09:ad:23:ab:
03:db:ef:9e:01:94:22:a1:5f:56:e8:39:4d:ed:f8:d6:c4:b9:
7c:9d:79:43:7b:e1:24:36:2d:42:44:ec:67:4e:d6:1c:5c:67:
02:fd:32:d5:70:81:5a:0e:08:0b:69:0e:dc:6f:a8:a2:6e:0f:
21:5f:04:84:ca:25:b3:53:e3:8c:75:56:88:58:15:0f:5e:99:
1d:2d:a7:16:52:d6:0a:d2:c7:7a:1e:c2:b8:7f:f9:03:09:45:
72:7b:7d:b2:e1:b1:28:22:c9:48:c6:99:2d:1a:fe:6c:2b:f0:
ed:6a:72:ad:d6:c1:03:2a:93:57:d2:bb:35:36:26:fb:be:34:
41:32:f2:7f:78:f6:f8:f6:c2:31:23:25:24:fd:c2:87:64:24:
23:f4:c9:72:bb:fe:1b:fb:3c:a0:3b:42:a3:60:0b:6d:b3:a0:
cb:3f:c6:88:6b:7f:d2:69:61:61:86:10:2d:9a:d5:be:83:49:
67:67:e7:cb:12:91:81:e8:6a:7b:f2:50:4f:16:f7:49:d7:03:
86:ac:40:c2:fd:28:96:16:d4:32:a8:0e:87:18:6d:fb:c1:da:
4b:25:40:3b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSZ2mn2ZkcLliP9A19cXKs7uZA88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMzFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1Mjk4NTQ0ZTJhNDA4YTgzMWFjZDMwMDdjMmVjMDMyY2U5OTAwYTZiYTRk
MDBkNGEyMGU1ZmExNzJjZTZiZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXMqOH+W6+Oap7DeMDgPM8SsmrYrXLi8/08IIzwDcIkaVBhoyrq9o4o5FXT
fG7/OTOW924G+FxeHpnN2Vti3qqwWRxAVjPJDCvlevMgSo8T/qUV/xBdVwF7bGNa
EAevjoY87dj8gJY4kPwEk0hoVrH/lKRTikYlJx9kmrM1BeoFZrYk7CxFAOXn8i5W
rejC32KKjDnDU+neqOScve7KVWJeFGYzZMRwIV8Fc5O1r5tBN8z48XbZfPZkZg33
1DdBvG1/dFxQjuIx/HNj2+/ZbEHnaMsHrXxaw5ejgdO/aFi6euAW16zP7H+S5Okt
R9rizCosuKndGSBN31lyW+LoBmECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQSppD5
xFteGeDoYER8KTlc4OqrMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjVlNjQ5MzgtZmMyZC00OTcxLWIyZGEtYWFiYzlmZTU1NmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
QDANBgkqhkiG9w0BAQsFAAOCAQEACFe2Y8JQOpakhlGRdM7x+egm5d/uiLLEGRQI
j8U3LVEJrSOrA9vvngGUIqFfVug5Te341sS5fJ15Q3vhJDYtQkTsZ07WHFxnAv0y
1XCBWg4IC2kO3G+oom4PIV8EhMols1PjjHVWiFgVD16ZHS2nFlLWCtLHeh7CuH/5
AwlFcnt9suGxKCLJSMaZLRr+bCvw7WpyrdbBAyqTV9K7NTYm+740QTLyf3j2+PbC
MSMlJP3Ch2QkI/TJcrv+G/s8oDtCo2ALbbOgyz/GiGt/0mlhYYYQLZrVvoNJZ2fn
yxKRgehqe/JQTxb3SdcDhqxAwv0olhbUMqgOhxht+8HaSyVAOw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:50 2026 by rpki-client