Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
File: 533769c8-002c-491c-9b99-324fe9f5743c.roa (raw, json)
Hash identifier: JL9UCzBjqF9wlBkyNDC76i0PGIyOCAS3CGj432QicJY=
Subject key identifier: D5:15:0F:DD:F1:F7:36:99:D5:AD:3B:CC:90:88:E5:C6:12:0A:5A:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CA3E897BD02C3D2E30F169DDB3D98D1665D710E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
Signing time: Tue 19 May 2026 04:50:41 +0000
ROA not before: Tue 19 May 2026 04:50:41 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d022::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:a3:e8:97:bd:02:c3:d2:e3:0f:16:9d:db:3d:98:d1:66:5d:71:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:41 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f5e8a5f582c4d4ecfa8cf58ca7f6481d4998166d3bdaeb6145a6330bcd04cbd7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ce:5a:59:9b:5c:a3:48:7d:c1:de:5a:3e:53:
9e:77:d5:59:5b:08:39:45:2f:00:1c:12:34:90:6e:
f8:e0:98:2f:f9:d7:b5:d9:f6:0a:c2:6a:e2:cf:b2:
37:5a:9b:82:41:a5:85:25:88:81:56:45:c1:9b:1c:
0c:3b:88:81:19:28:95:80:9d:7f:53:b0:04:fc:f7:
b7:ef:1f:f8:ce:64:ea:b3:eb:47:81:c1:55:8a:42:
cf:2e:21:42:22:78:59:63:01:2e:72:3f:6d:fa:3a:
ee:8e:85:4b:6f:eb:dc:4a:27:9d:db:fc:89:91:fd:
54:a4:26:a7:e6:46:50:18:e0:f0:56:f4:ca:e3:53:
8a:54:d1:84:68:c5:82:9e:ff:3a:26:c7:a1:31:0a:
90:d4:81:45:0d:4e:ae:dd:a3:e5:c1:ec:f2:d0:0a:
c1:12:14:77:27:68:44:f4:8c:a3:aa:84:02:52:78:
b8:52:23:56:3c:07:8e:76:28:bd:0c:5e:0e:50:51:
a8:b6:e0:9a:26:43:84:ad:c6:34:c9:be:88:b2:51:
5f:99:30:e3:c4:76:2c:29:9b:40:50:55:c8:05:c6:
37:eb:8c:42:2c:3a:0f:f7:7f:eb:54:0b:1d:cd:28:
18:e8:8e:73:d3:17:4a:95:42:7f:87:e4:37:5a:97:
fa:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:15:0F:DD:F1:F7:36:99:D5:AD:3B:CC:90:88:E5:C6:12:0A:5A:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d022::/36
Signature Algorithm: sha256WithRSAEncryption
11:e8:3c:0a:de:f2:8d:ee:0c:8c:76:85:d2:07:6e:7f:72:36:
9f:8a:03:f6:bf:31:df:bb:2c:3e:23:12:32:ee:cb:94:a0:ad:
bb:f0:56:f5:dc:72:04:19:31:f0:72:39:85:d9:5a:96:14:9e:
f5:9f:6d:39:b1:97:8e:a9:e4:e7:89:45:08:b7:6b:b5:78:19:
c9:7b:4a:7e:12:91:10:b1:2b:68:c3:41:7b:54:34:61:d4:a3:
87:6f:cc:fc:98:1b:11:ed:76:08:d2:98:bc:e9:56:00:f9:a4:
7e:15:1f:52:97:96:0a:de:eb:3c:55:77:49:7a:1d:8c:26:31:
dc:02:f9:2b:dc:2a:92:8e:88:05:c4:06:dc:7a:9e:43:a1:a0:
d9:76:b6:0b:c5:f8:29:b4:67:cd:da:2d:70:87:6a:54:b9:bc:
b3:73:6d:86:3a:73:f5:73:1e:6b:aa:18:ce:b2:20:a6:6c:8b:
2b:26:16:6c:9a:ec:04:94:ce:9b:1a:4f:57:a5:6b:88:c5:6d:
51:e2:55:75:04:86:78:65:b5:b9:ea:a6:38:c4:f3:69:eb:2d:
27:57:08:04:17:23:a0:26:ad:62:3a:29:46:be:39:8d:a2:8c:
83:e5:09:3b:6c:df:8a:0a:92:51:c5:82:f6:16:50:df:df:95:
bc:1d:27:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfKPol70Cw9LjDxad2z2Y0WZdcQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwNDFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1ZThhNWY1ODJjNGQ0ZWNmYThjZjU4Y2E3ZjY0ODFkNDk5ODE2NmQzYmRh
ZWI2MTQ1YTYzMzBiY2QwNGNiZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHOWlmbXKNIfcHeWj5TnnfVWVsIOUUvABwSNJBu+OCYL/nXtdn2CsJq4s+y
N1qbgkGlhSWIgVZFwZscDDuIgRkolYCdf1OwBPz3t+8f+M5k6rPrR4HBVYpCzy4h
QiJ4WWMBLnI/bfo67o6FS2/r3Eonndv8iZH9VKQmp+ZGUBjg8Fb0yuNTilTRhGjF
gp7/OibHoTEKkNSBRQ1Ort2j5cHs8tAKwRIUdydoRPSMo6qEAlJ4uFIjVjwHjnYo
vQxeDlBRqLbgmiZDhK3GNMm+iLJRX5kw48R2LCmbQFBVyAXGN+uMQiw6D/d/61QL
Hc0oGOiOc9MXSpVCf4fkN1qX+g0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVFQ/d
8fc2mdWtO8yQiOXGEgpaxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMzNzY5YzgtMDAyYy00OTFjLTliOTktMzI0ZmU5ZjU3NDNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CIA
MA0GCSqGSIb3DQEBCwUAA4IBAQAR6DwK3vKN7gyMdoXSB25/cjafigP2vzHfuyw+
IxIy7suUoK278Fb13HIEGTHwcjmF2VqWFJ71n205sZeOqeTniUUIt2u1eBnJe0p+
EpEQsStow0F7VDRh1KOHb8z8mBsR7XYI0pi86VYA+aR+FR9Sl5YK3us8VXdJeh2M
JjHcAvkr3CqSjogFxAbcep5DoaDZdrYLxfgptGfN2i1wh2pUubyzc22GOnP1cx5r
qhjOsiCmbIsrJhZsmuwElM6bGk9XpWuIxW1R4lV1BIZ4ZbW56qY4xPNp6y0nVwgE
FyOgJq1iOilGvjmNooyD5Qk7bN+KCpJRxYL2FlDf35W8HSfE
-----END CERTIFICATE-----
Generated at Mon Jun 1 16:42:09 2026 by rpki-client