Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
File: 53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa (raw, json)
Hash identifier: gVsvwqFFxi7EnjJd5Qe4VcU9DeQG/l/va2uda1juOyw=
Subject key identifier: 76:95:A4:53:0E:F4:8A:CC:F5:90:56:FA:8A:84:F2:09:A9:29:95:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3216E459AD7E0F1ECFE08DC0CAA238E5384A8C22
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
Signing time: Mon 11 May 2026 01:40:08 +0000
ROA not before: Mon 11 May 2026 01:40:08 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:16:e4:59:ad:7e:0f:1e:cf:e0:8d:c0:ca:a2:38:e5:38:4a:8c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:40:08 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=060b009a759454f575fe92a2eef4c8d568595b70169abb9dfd5a445097a5629a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8b:84:29:9f:e7:36:e0:d8:bb:71:a6:08:9b:
35:70:bd:c1:f4:81:bf:1e:da:47:a1:93:53:b7:c0:
ce:6b:c4:57:5f:a3:40:e5:cf:46:0b:29:75:64:c1:
2d:51:a0:b2:37:db:0c:0f:40:0c:e2:6e:31:a1:23:
72:c7:ff:3a:ab:50:b8:1a:f9:34:3c:a8:9d:98:01:
ab:91:57:91:da:47:b2:70:d4:a5:29:9c:df:7c:8a:
40:d7:a4:c0:f4:b5:c0:ae:05:b3:d8:1c:59:4b:6e:
39:8a:45:6a:ed:b1:7a:50:76:97:3d:59:b1:b2:f0:
95:fd:6b:11:6a:da:c9:d5:56:2c:14:e7:d4:e0:8a:
94:0e:6d:c8:1e:71:79:17:75:2e:2c:0b:61:a0:5e:
7b:16:9b:30:db:3e:a7:f7:8b:9b:c8:f1:f9:7b:e2:
bd:3e:b2:a4:47:e2:11:ec:96:22:d7:cf:0a:a9:2e:
26:fb:bb:83:60:d3:cc:d6:bc:eb:71:09:c6:36:34:
63:87:d4:2e:f7:45:b3:ca:03:be:f9:42:48:66:df:
a6:8c:08:73:01:51:84:66:d9:f9:ac:63:a1:2b:bc:
6d:66:d7:c8:2a:9e:b1:f4:42:64:30:6a:f7:32:1c:
81:10:ca:93:46:4f:31:6a:e6:8e:e1:42:e4:8e:7a:
4e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:95:A4:53:0E:F4:8A:CC:F5:90:56:FA:8A:84:F2:09:A9:29:95:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/40
Signature Algorithm: sha256WithRSAEncryption
6a:c5:f9:69:18:50:2c:ad:00:b3:29:9f:e1:1b:10:fd:43:f3:
b5:7f:db:55:f2:ae:a8:2d:d1:fd:46:19:9a:db:0f:0d:a4:32:
26:0c:f2:61:0d:91:6a:2a:f4:18:39:90:3b:6d:f4:45:c3:9c:
c2:e3:eb:60:a3:6b:80:d8:f0:9f:6c:bb:fd:bd:e0:ee:d5:9b:
c3:f3:f0:02:d4:08:5e:b6:40:c3:a5:3a:04:8e:04:e5:e5:8a:
72:19:cd:c3:ef:d9:ef:2f:47:a7:64:93:88:63:cc:a4:60:ca:
3d:e8:37:c6:cc:83:7d:84:8e:73:b6:da:bc:01:5f:c3:fc:bf:
ff:90:0c:5d:68:97:68:b7:4f:f3:b4:07:4a:b9:63:04:e4:70:
cf:f9:cd:b3:69:00:e7:d6:3a:30:27:ef:28:59:52:e4:ad:f9:
f6:bd:f5:17:f2:0f:4e:6b:27:68:88:ed:87:20:d2:85:ff:1f:
72:46:76:e6:19:e7:d9:b5:ed:5f:91:af:e6:44:44:13:80:90:
50:ca:92:82:db:e6:8c:19:d8:79:c2:d5:22:42:cd:18:d8:b8:
ba:ca:28:7a:ee:19:1d:86:ec:c5:43:07:b1:da:d6:37:80:ea:
99:46:8a:98:8a:39:83:68:35:a0:49:0c:e7:d3:26:4e:4e:23:
c8:06:74:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMhbkWa1+Dx7P4I3AyqI45ThKjCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTQwMDhaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2MGIwMDlhNzU5NDU0ZjU3NWZlOTJhMmVlZjRjOGQ1Njg1OTViNzAxNjlh
YmI5ZGZkNWE0NDUwOTdhNTYyOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeLhCmf5zbg2LtxpgibNXC9wfSBvx7aR6GTU7fAzmvEV1+jQOXPRgspdWTB
LVGgsjfbDA9ADOJuMaEjcsf/OqtQuBr5NDyonZgBq5FXkdpHsnDUpSmc33yKQNek
wPS1wK4Fs9gcWUtuOYpFau2xelB2lz1ZsbLwlf1rEWraydVWLBTn1OCKlA5tyB5x
eRd1LiwLYaBeexabMNs+p/eLm8jx+XvivT6ypEfiEeyWItfPCqkuJvu7g2DTzNa8
63EJxjY0Y4fULvdFs8oDvvlCSGbfpowIcwFRhGbZ+axjoSu8bWbXyCqesfRCZDBq
9zIcgRDKk0ZPMWrmjuFC5I56TlECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2laRT
DvSKzPWQVvqKhPIJqSmVqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTNmZGQzNTQtMGViOC00MDRiLTgyMDMtYjVlODIxMWIyYjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYg
MA0GCSqGSIb3DQEBCwUAA4IBAQBqxflpGFAsrQCzKZ/hGxD9Q/O1f9tV8q6oLdH9
Rhma2w8NpDImDPJhDZFqKvQYOZA7bfRFw5zC4+tgo2uA2PCfbLv9veDu1ZvD8/AC
1AhetkDDpToEjgTl5YpyGc3D79nvL0enZJOIY8ykYMo96DfGzIN9hI5zttq8AV/D
/L//kAxdaJdot0/ztAdKuWME5HDP+c2zaQDn1jowJ+8oWVLkrfn2vfUX8g9Oaydo
iO2HINKF/x9yRnbmGefZte1fka/mREQTgJBQypKC2+aMGdh5wtUiQs0Y2Li6yih6
7hkdhuzFQwex2tY3gOqZRoqYijmDaDWgSQzn0yZOTiPIBnQh
-----END CERTIFICATE-----
Generated at Wed May 13 01:05:42 2026 by rpki-client