Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fb7dc84-f094-4f1c-8826-a8f7c3464f71.roa
File: 5fb7dc84-f094-4f1c-8826-a8f7c3464f71.roa (raw, json)
Hash identifier: Im1+GTuMwySA3gBT8MpB8701EK/wwmmSZlFc+ZBRIXc=
Subject key identifier: 45:2E:AC:65:09:88:A5:C9:BA:CE:97:07:3A:4A:0C:6C:03:36:1B:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 629AC1A94E847589F1023F9A2F0C986279CEF300
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fb7dc84-f094-4f1c-8826-a8f7c3464f71.roa
Signing time: Sun 31 May 2026 01:10:59 +0000
ROA not before: Sun 31 May 2026 01:10:59 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Jun 2026 13:55:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:9a:c1:a9:4e:84:75:89:f1:02:3f:9a:2f:0c:98:62:79:ce:f3:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:10:59 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=80a0f857133a71fdce6e1e42daacc4a8a2bfa993ba202c4e48cd5030a6c6b712, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c7:8d:2e:53:7c:fe:c1:66:08:72:26:f6:8c:
4b:7a:56:cc:72:c9:1b:d4:59:24:77:19:c3:6c:3e:
4d:02:6c:cd:ff:4e:01:8e:90:95:f3:e2:e7:c9:3c:
6d:ae:54:5f:e9:81:10:fa:8b:95:78:b8:7e:fb:ea:
92:75:a2:5b:e3:08:46:f1:4b:e9:99:5e:b0:0b:f5:
84:5b:54:9a:68:2c:75:3c:76:76:5d:aa:c0:28:db:
e9:3a:ba:5b:ac:57:3b:a5:ce:5d:65:68:2d:fc:17:
74:ec:83:54:2a:88:e9:88:e8:50:ae:7d:43:11:67:
e0:34:1e:02:9e:fb:f7:b0:39:68:48:20:b4:db:72:
e7:ea:16:94:f7:b2:6e:c6:c8:a1:36:09:e0:b8:37:
ff:19:f6:3c:f9:84:de:10:ff:95:11:57:03:dc:b5:
c9:a6:b1:75:c7:06:da:23:d7:e9:0b:a6:dd:7f:e4:
23:fc:8d:19:7c:de:79:d3:c1:af:94:c6:14:f9:83:
70:5e:8a:7d:98:ae:4c:5e:53:b2:14:6c:50:69:83:
34:5a:b5:82:47:58:b6:74:e8:be:e5:7c:46:50:cf:
8a:85:1b:5b:1b:c8:7c:a8:51:0d:50:9b:9f:09:85:
49:78:0a:a5:47:6e:fa:a0:0e:62:1d:27:ff:6c:14:
74:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2E:AC:65:09:88:A5:C9:BA:CE:97:07:3A:4A:0C:6C:03:36:1B:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fb7dc84-f094-4f1c-8826-a8f7c3464f71.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:5000::/40
Signature Algorithm: sha256WithRSAEncryption
44:75:0e:18:b4:01:44:91:2e:7a:f4:25:7f:a4:e3:0f:18:6c:
fb:af:d1:de:a6:3b:c4:6c:ef:d8:d8:82:1e:bc:29:ba:ff:f2:
cc:2b:14:f4:20:3a:fd:0a:af:5d:74:24:3a:23:88:52:a7:ff:
bf:22:68:95:f7:63:96:a6:cf:bc:74:e0:13:1d:cf:50:33:37:
b3:6c:d6:98:b6:0e:45:9a:1e:fa:d3:4c:ea:9c:55:0f:60:f9:
e3:b7:6c:19:5b:38:9a:a7:12:2a:74:f5:ba:9a:cb:91:89:fb:
22:2e:96:57:de:66:89:01:34:e2:1b:54:51:51:f3:2c:f4:2b:
9e:f7:14:5c:79:a0:76:3d:92:0c:4d:89:f3:f1:14:dc:0c:99:
02:09:bb:b7:c0:02:13:9c:7c:9f:64:0e:bd:76:2e:60:4a:fc:
a6:62:a6:5e:96:a5:90:12:29:04:01:c9:cd:ec:fb:99:2a:e0:
bb:6d:69:0f:f6:21:4f:2a:e5:70:32:68:b2:59:ec:dc:7d:64:
cb:ac:43:89:31:44:cd:f5:ee:70:08:d6:a2:3e:56:f6:31:a5:
97:b1:88:d7:c4:a6:e2:81:df:f7:44:dd:a9:14:cb:c4:4c:f7:
61:f1:72:6f:bd:6f:bf:bf:e3:81:d6:f0:2d:7d:1d:db:24:c5:
16:d2:4e:c6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYprBqU6EdYnxAj+aLwyYYnnO8wAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTEwNTlaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwYTBmODU3MTMzYTcxZmRjZTZlMWU0MmRhYWNjNGE4YTJiZmE5OTNiYTIw
MmM0ZTQ4Y2Q1MDMwYTZjNmI3MTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3HjS5TfP7BZghyJvaMS3pWzHLJG9RZJHcZw2w+TQJszf9OAY6QlfPi58k8
ba5UX+mBEPqLlXi4fvvqknWiW+MIRvFL6ZlesAv1hFtUmmgsdTx2dl2qwCjb6Tq6
W6xXO6XOXWVoLfwXdOyDVCqI6YjoUK59QxFn4DQeAp7797A5aEggtNty5+oWlPey
bsbIoTYJ4Lg3/xn2PPmE3hD/lRFXA9y1yaaxdccG2iPX6Qum3X/kI/yNGXzeedPB
r5TGFPmDcF6KfZiuTF5TshRsUGmDNFq1gkdYtnTovuV8RlDPioUbWxvIfKhRDVCb
nwmFSXgKpUdu+qAOYh0n/2wUdPMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRFLqxl
CYilybrOlwc6SgxsAzYb5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWZiN2RjODQtZjA5NC00ZjFjLTg4MjYtYThmN2MzNDY0ZjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H1Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBEdQ4YtAFEkS569CV/pOMPGGz7r9HepjvEbO/Y
2IIevCm6//LMKxT0IDr9Cq9ddCQ6I4hSp/+/ImiV92OWps+8dOATHc9QMzezbNaY
tg5Fmh7600zqnFUPYPnjt2wZWziapxIqdPW6msuRifsiLpZX3maJATTiG1RRUfMs
9Cue9xRceaB2PZIMTYnz8RTcDJkCCbu3wAITnHyfZA69di5gSvymYqZelqWQEikE
AcnN7PuZKuC7bWkP9iFPKuVwMmiyWezcfWTLrEOJMUTN9e5wCNaiPlb2MaWXsYjX
xKbigd/3RN2pFMvETPdh8XJvvW+/v+OB1vAtfR3bJMUW0k7G
-----END CERTIFICATE-----
Generated at Mon Jun 15 17:49:21 2026 by rpki-client