Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/519d09a8-f5d8-40f5-a212-2c561f9747a9.roa
File: 519d09a8-f5d8-40f5-a212-2c561f9747a9.roa (raw, json)
Hash identifier: Qms3JfjlPbwSVzy9IbdqC/Eyi8KMx7a9sl9aFir1FaQ=
Subject key identifier: D1:66:05:EA:68:B2:BF:24:C4:1F:1C:2D:4B:D0:2B:CE:7A:CD:98:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6610BBD7BA5EBB270350FBEF83415BA855A44591
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/519d09a8-f5d8-40f5-a212-2c561f9747a9.roa
Signing time: Mon 23 Mar 2026 21:08:04 +0000
ROA not before: Mon 23 Mar 2026 21:08:04 +0000
ROA not after: Sun 21 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:10:bb:d7:ba:5e:bb:27:03:50:fb:ef:83:41:5b:a8:55:a4:45:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 23 21:08:04 2026 GMT
Not After : Jun 21 23:59:59 2026 GMT
Subject: serialNumber=b177fe44474037ee35138581859f5d5b4c7844f38860ad33d68f2a917dbaa557, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a7:58:b2:7b:f1:08:35:92:48:8b:05:23:e0:
da:af:8a:29:45:d9:40:5e:fa:7c:03:4a:35:1c:0b:
a5:b9:43:26:ff:ae:6e:20:78:e0:aa:a9:09:fb:d8:
08:5f:ca:99:46:4f:c0:4b:93:da:ae:87:d1:25:20:
33:11:22:5e:bb:5c:71:3d:ec:e7:68:2b:87:e4:31:
48:9c:d9:91:53:fc:70:3a:0a:4e:78:94:1e:8a:d5:
67:3a:ca:eb:87:63:9a:82:14:ec:c8:a0:b2:a1:d9:
e9:22:e8:87:fe:ad:23:90:71:22:52:a7:1a:fa:6d:
c9:e4:0a:3c:a6:3b:4a:4f:3c:7f:e1:e8:26:8c:7f:
7d:20:47:91:34:5f:d6:11:63:ef:49:c8:c7:d8:2c:
21:49:3c:92:20:63:79:47:98:b1:c6:9b:b1:dc:79:
4a:0a:59:6f:32:76:17:e9:6f:16:c3:a9:77:7f:f2:
be:7d:77:88:e6:26:28:b6:7a:de:48:c4:92:dc:d3:
1a:b4:0a:98:8a:50:82:53:df:ef:32:ab:6f:f3:49:
6d:22:5e:5a:f4:a8:57:42:c0:c8:ec:49:f6:1e:0e:
0d:2c:fe:e2:72:e1:01:bb:4f:69:63:7b:29:92:0f:
fc:d7:c4:c5:49:1b:8c:18:7f:20:a1:02:a6:eb:c3:
55:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:66:05:EA:68:B2:BF:24:C4:1F:1C:2D:4B:D0:2B:CE:7A:CD:98:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/519d09a8-f5d8-40f5-a212-2c561f9747a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:8000::/36
Signature Algorithm: sha256WithRSAEncryption
08:a4:fc:ea:98:7b:96:4c:23:a2:98:9d:0c:8c:ea:6d:2a:fd:
9c:e7:34:c3:33:78:f7:b4:00:5d:00:ea:55:f0:0c:e0:46:94:
01:1f:47:34:38:aa:47:81:a7:9a:bc:6a:66:ad:c6:5e:3c:76:
d3:96:95:6d:c0:7c:7a:41:8d:bf:f1:1e:c7:fe:ef:2f:ef:d1:
19:b1:3c:25:dc:06:78:8e:06:d3:b4:d7:32:a4:5d:60:05:3d:
3c:62:7e:d8:43:23:f1:63:c2:8b:7a:51:ca:36:9f:99:10:7a:
b5:e9:af:0e:c9:bb:7d:14:50:bf:0a:24:27:ce:4d:59:2a:b3:
03:7d:ea:48:bd:57:e0:61:66:df:b5:e1:27:4c:14:7c:52:ee:
b7:4b:3b:4c:ef:90:3b:fa:d1:f4:ad:f1:67:1c:95:be:8d:6e:
24:bf:89:2c:df:5e:79:6b:bf:2d:f1:52:a6:94:13:30:63:f5:
c5:7c:b1:f8:a0:b7:e7:a6:9e:07:9a:7b:d2:52:85:ce:c2:ae:
ab:e7:51:63:cc:18:e6:f1:a7:bd:dc:3e:9c:bf:a6:b1:e0:4a:
7f:48:15:60:46:37:b9:b3:a9:c0:37:00:a1:6f:3f:d5:c1:4c:
73:9c:8e:2f:45:9f:db:32:d8:6d:30:66:e2:88:52:10:72:42:
ee:8e:a2:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZhC717peuycDUPvvg0FbqFWkRZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMjMyMTA4MDRaFw0yNjA2MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxNzdmZTQ0NDc0MDM3ZWUzNTEzODU4MTg1OWY1ZDViNGM3ODQ0ZjM4ODYw
YWQzM2Q2OGYyYTkxN2RiYWE1NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANunWLJ78Qg1kkiLBSPg2q+KKUXZQF76fANKNRwLpblDJv+ubiB44KqpCfvY
CF/KmUZPwEuT2q6H0SUgMxEiXrtccT3s52grh+QxSJzZkVP8cDoKTniUHorVZzrK
64djmoIU7MigsqHZ6SLoh/6tI5BxIlKnGvptyeQKPKY7Sk88f+HoJox/fSBHkTRf
1hFj70nIx9gsIUk8kiBjeUeYscabsdx5SgpZbzJ2F+lvFsOpd3/yvn13iOYmKLZ6
3kjEktzTGrQKmIpQglPf7zKrb/NJbSJeWvSoV0LAyOxJ9h4ODSz+4nLhAbtPaWN7
KZIP/NfExUkbjBh/IKECpuvDVdUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRZgXq
aLK/JMQfHC1L0CvOes2YPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTE5ZDA5YTgtZjVkOC00MGY1LWEyMTItMmM1NjFmOTc0N2E5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BiA
MA0GCSqGSIb3DQEBCwUAA4IBAQAIpPzqmHuWTCOimJ0MjOptKv2c5zTDM3j3tABd
AOpV8AzgRpQBH0c0OKpHgaeavGpmrcZePHbTlpVtwHx6QY2/8R7H/u8v79EZsTwl
3AZ4jgbTtNcypF1gBT08Yn7YQyPxY8KLelHKNp+ZEHq16a8Oybt9FFC/CiQnzk1Z
KrMDfepIvVfgYWbfteEnTBR8Uu63SztM75A7+tH0rfFnHJW+jW4kv4ks3155a78t
8VKmlBMwY/XFfLH4oLfnpp4HmnvSUoXOwq6r51FjzBjm8ae93D6cv6ax4Ep/SBVg
Rje5s6nANwChbz/VwUxznI4vRZ/bMthtMGbiiFIQckLujqJB
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:12:38 2026 by rpki-client