Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
File: 8553b3da-6a47-43ee-87d3-5259a23c371b.roa (raw, json)
Hash identifier: oSkH/WLtvE4Hsi3qsy4M7oT9LUnlr5dX+WvHGEQ3Vog=
Subject key identifier: 31:5A:0B:30:6F:2E:42:F5:48:D0:C7:F3:3E:0B:84:0A:CC:C4:08:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4822546DD28E278EC0CCC38E96FEE3594D609207
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
Signing time: Tue 19 May 2026 05:31:19 +0000
ROA not before: Tue 19 May 2026 05:31:19 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jun 2026 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:22:54:6d:d2:8e:27:8e:c0:cc:c3:8e:96:fe:e3:59:4d:60:92:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:19 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b0e0f9d14a929fdc4bec1c6451e321fafeab3d877d24857c86f3460678ab9610, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:95:bf:5b:6d:38:81:10:0a:44:b2:6f:8a:76:
ea:a2:b9:c5:74:58:cf:4c:a1:52:b2:50:18:4d:27:
8b:41:9d:b9:5a:52:76:64:33:4a:0f:d6:bd:2e:ce:
c8:2d:cc:ae:7c:01:5c:1e:11:65:75:91:66:06:b7:
61:3c:08:af:53:80:b0:62:ca:2b:ee:9a:7c:69:2d:
70:45:51:da:71:e0:7f:9a:04:1e:48:02:f2:2d:1c:
db:fb:98:6e:9b:14:9b:fc:ff:e6:a5:ec:84:fc:fa:
28:50:1b:c3:88:1b:3c:84:f6:8f:03:01:99:63:8a:
8d:74:e1:a8:d9:8b:18:0e:10:ba:fa:af:10:03:a8:
38:cf:f5:c7:cd:04:60:5c:00:ee:d3:68:b8:e7:aa:
b2:08:59:9f:24:fa:0a:6d:f9:1f:e7:b4:73:32:96:
74:80:e1:31:ff:24:7f:cb:d1:df:fd:ff:e2:d8:d5:
61:02:92:57:f8:db:56:73:6e:6a:d1:0a:66:ba:e4:
46:50:1d:fe:fb:90:3c:3e:2f:f8:b0:fb:55:24:28:
d2:f8:a6:fc:20:30:25:62:59:71:8c:bd:f1:51:fe:
79:bb:ff:17:03:ac:48:2e:b5:3a:db:00:fd:3a:b1:
91:fa:ad:44:fc:56:d9:56:b1:78:40:de:b9:33:2d:
27:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:5A:0B:30:6F:2E:42:F5:48:D0:C7:F3:3E:0B:84:0A:CC:C4:08:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:2000::/40
Signature Algorithm: sha256WithRSAEncryption
66:e2:30:75:3b:06:d7:70:c6:34:f0:c4:32:fa:e8:6c:f5:c7:
34:9a:a7:b1:16:46:b8:c3:e6:09:c5:55:d3:a0:97:e7:c2:c4:
89:35:b0:7a:40:92:b6:49:8d:87:ad:9c:09:06:d2:8f:10:71:
64:70:d1:a0:3e:e8:70:1c:ca:6c:31:06:9e:14:6a:dd:99:5d:
7b:41:81:d7:10:40:55:96:f1:6f:dc:ba:b4:4f:ad:33:03:80:
3b:63:a0:d4:3b:fc:99:e9:c3:83:a5:e0:d3:3d:af:ed:fb:06:
83:ad:29:24:51:07:fc:e5:31:61:4b:14:63:3a:07:3f:14:6b:
02:2e:25:f2:c1:64:35:7b:34:0d:85:ff:ff:c2:af:d3:cc:c5:
4d:4e:e4:b0:31:c1:5c:fe:8d:7e:33:df:88:10:94:8d:e7:fd:
76:4d:e2:67:0e:9f:7b:01:b4:c3:f5:b2:ec:ba:d3:14:88:1d:
ca:c3:a0:3c:ff:bf:f7:e9:cd:ec:4b:ac:30:81:d0:e1:5b:ea:
58:36:4f:60:a9:90:42:fe:c8:21:2b:f4:d5:cd:58:28:e2:fe:
10:04:a0:9c:28:28:b3:66:14:cd:6e:3c:3c:e1:3a:27:a5:ed:
40:47:b1:13:b2:85:e4:f6:0e:36:c3:58:7a:98:b1:3b:c1:9f:
7a:e6:2c:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSCJUbdKOJ47AzMOOlv7jWU1gkgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwZTBmOWQxNGE5MjlmZGM0YmVjMWM2NDUxZTMyMWZhZmVhYjNkODc3ZDI0
ODU3Yzg2ZjM0NjA2NzhhYjk2MTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeVv1ttOIEQCkSyb4p26qK5xXRYz0yhUrJQGE0ni0GduVpSdmQzSg/WvS7O
yC3MrnwBXB4RZXWRZga3YTwIr1OAsGLKK+6afGktcEVR2nHgf5oEHkgC8i0c2/uY
bpsUm/z/5qXshPz6KFAbw4gbPIT2jwMBmWOKjXThqNmLGA4QuvqvEAOoOM/1x80E
YFwA7tNouOeqsghZnyT6Cm35H+e0czKWdIDhMf8kf8vR3/3/4tjVYQKSV/jbVnNu
atEKZrrkRlAd/vuQPD4v+LD7VSQo0vim/CAwJWJZcYy98VH+ebv/FwOsSC61OtsA
/TqxkfqtRPxW2VaxeEDeuTMtJ+sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQxWgsw
by5C9UjQx/M+C4QKzMQImjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODU1M2IzZGEtNmE0Ny00M2VlLTg3ZDMtNTI1OWEyM2MzNzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEg
MA0GCSqGSIb3DQEBCwUAA4IBAQBm4jB1OwbXcMY08MQy+uhs9cc0mqexFka4w+YJ
xVXToJfnwsSJNbB6QJK2SY2HrZwJBtKPEHFkcNGgPuhwHMpsMQaeFGrdmV17QYHX
EEBVlvFv3Lq0T60zA4A7Y6DUO/yZ6cODpeDTPa/t+waDrSkkUQf85TFhSxRjOgc/
FGsCLiXywWQ1ezQNhf//wq/TzMVNTuSwMcFc/o1+M9+IEJSN5/12TeJnDp97AbTD
9bLsutMUiB3Kw6A8/7/36c3sS6wwgdDhW+pYNk9gqZBC/sghK/TVzVgo4v4QBKCc
KCizZhTNbjw84Tonpe1AR7ETsoXk9g42w1h6mLE7wZ965ixB
-----END CERTIFICATE-----
Generated at Mon Jun 1 08:24:03 2026 by rpki-client