Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
File: 87659113-4050-43f4-ade6-cfd7a3483d5c.roa (raw, json)
Hash identifier: x/lshr1WBq2+iS44rIOFvJiQy6ntiKVGCNlyBzQ5zwU=
Subject key identifier: E6:29:32:97:2F:85:57:84:56:22:C0:1A:C3:EE:74:88:9F:08:E9:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DDA1687B8AC1E55BD5ACFF6E7FC7DCCA30C046E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
Signing time: Tue 19 May 2026 05:20:18 +0000
ROA not before: Tue 19 May 2026 05:20:18 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 22:35:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:da:16:87:b8:ac:1e:55:bd:5a:cf:f6:e7:fc:7d:cc:a3:0c:04:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:18 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f5c859a0ecfde91644aed7d6932a091dfb4618880b49f0c89c60d6110d39a2eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7b:16:d7:64:23:ea:49:2c:3f:d6:21:aa:68:
86:62:55:7e:bd:25:ae:4e:79:8a:5a:39:90:91:e1:
c0:85:6a:43:ba:c1:82:a4:32:f6:4b:ec:6c:31:a5:
69:f4:57:be:ad:af:85:a8:c8:8d:8e:c4:da:77:f2:
ec:00:02:9c:67:bb:4b:59:ee:58:1c:29:7f:f2:d3:
dc:a9:9e:54:be:7f:36:94:75:92:6c:cf:13:e2:94:
4b:00:35:48:b7:fe:74:09:06:ae:cd:24:0d:08:d7:
e4:58:bd:f7:47:37:05:f3:94:8a:61:33:d5:c7:14:
4c:74:a0:3f:2f:63:bb:41:86:51:61:99:7f:b2:42:
5f:55:c5:0c:7b:23:25:a4:06:b8:7c:2f:db:64:15:
5d:22:59:f1:83:46:60:e2:38:00:f0:39:85:34:ac:
dc:d9:8e:d7:57:e7:5c:55:15:ab:91:ce:89:a6:1e:
31:17:32:dc:44:57:df:eb:7e:eb:5a:1b:d4:b5:e1:
01:f9:b2:2d:c3:54:dd:8d:03:75:e5:34:e8:f6:a8:
45:a1:e4:ff:7d:1c:04:79:4f:20:4c:3e:80:4e:e6:
da:90:3e:cf:c2:51:d7:2f:89:d7:dc:75:33:6a:b9:
67:89:ad:e7:c8:d8:93:9d:16:dc:77:cf:11:3d:12:
c0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:29:32:97:2F:85:57:84:56:22:C0:1A:C3:EE:74:88:9F:08:E9:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:8000::/40
Signature Algorithm: sha256WithRSAEncryption
61:55:94:fd:50:73:67:05:a5:8d:cd:47:86:b8:49:66:06:33:
fd:40:de:fa:e4:76:02:79:53:d8:01:71:87:3d:76:78:36:32:
93:e2:0f:31:d0:39:f0:f3:f7:ff:a4:e8:d0:e2:2d:09:c0:7d:
2b:06:3f:9c:9e:49:44:a9:b6:20:4a:59:cd:c9:1a:38:c2:53:
e6:69:a6:dd:a5:e8:20:78:71:4e:40:7b:31:e7:d8:71:35:61:
52:40:00:a6:be:ba:fb:48:d1:ad:10:e7:25:3c:18:e8:82:39:
5a:f8:7a:1a:dd:ba:f5:ad:2e:51:09:ef:7b:d5:cb:9a:4a:63:
55:26:b4:14:1c:76:20:d2:aa:1e:57:40:ad:7f:44:30:75:35:
e0:7a:8c:72:d7:01:86:61:31:f1:24:04:70:c4:1a:07:a1:46:
1e:a8:49:59:95:ce:85:52:1a:dd:40:3a:51:60:a9:5b:4e:64:
05:30:b9:68:a0:d6:65:63:70:2b:c2:8c:92:14:eb:52:bd:5e:
98:a1:d7:ab:7f:65:0d:9d:84:0a:f9:69:05:5c:85:6e:a5:92:
74:f2:1f:52:70:de:c7:d1:1a:8c:47:80:7d:c9:b1:a2:31:1e:
90:0b:7e:b0:fb:01:20:b0:9a:d5:9f:f6:ad:4d:38:2b:82:74:
53:4d:63:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPdoWh7isHlW9Ws/25/x9zKMMBG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMThaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1Yzg1OWEwZWNmZGU5MTY0NGFlZDdkNjkzMmEwOTFkZmI0NjE4ODgwYjQ5
ZjBjODljNjBkNjExMGQzOWEyZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOR7FtdkI+pJLD/WIapohmJVfr0lrk55ilo5kJHhwIVqQ7rBgqQy9kvsbDGl
afRXvq2vhajIjY7E2nfy7AACnGe7S1nuWBwpf/LT3KmeVL5/NpR1kmzPE+KUSwA1
SLf+dAkGrs0kDQjX5Fi990c3BfOUimEz1ccUTHSgPy9ju0GGUWGZf7JCX1XFDHsj
JaQGuHwv22QVXSJZ8YNGYOI4APA5hTSs3NmO11fnXFUVq5HOiaYeMRcy3ERX3+t+
61ob1LXhAfmyLcNU3Y0DdeU06PaoRaHk/30cBHlPIEw+gE7m2pA+z8JR1y+J19x1
M2q5Z4mt58jYk50W3HfPET0SwEcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTmKTKX
L4VXhFYiwBrD7nSInwjptDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODc2NTkxMTMtNDA1MC00M2Y0LWFkZTYtY2ZkN2EzNDgzZDVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HiA
MA0GCSqGSIb3DQEBCwUAA4IBAQBhVZT9UHNnBaWNzUeGuElmBjP9QN765HYCeVPY
AXGHPXZ4NjKT4g8x0Dnw8/f/pOjQ4i0JwH0rBj+cnklEqbYgSlnNyRo4wlPmaabd
peggeHFOQHsx59hxNWFSQACmvrr7SNGtEOclPBjogjla+Hoa3br1rS5RCe971cua
SmNVJrQUHHYg0qoeV0Ctf0QwdTXgeoxy1wGGYTHxJARwxBoHoUYeqElZlc6FUhrd
QDpRYKlbTmQFMLlooNZlY3ArwoySFOtSvV6Yoderf2UNnYQK+WkFXIVupZJ08h9S
cN7H0RqMR4B9ybGiMR6QC36w+wEgsJrVn/atTTgrgnRTTWNd
-----END CERTIFICATE-----
Generated at Thu May 28 03:03:12 2026 by rpki-client