Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
File: 5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa (raw, json)
Hash identifier: t5vsa5M0UjviuzQaFRusF15H84rVEFF6ggNxA0AWVsA=
Subject key identifier: EA:6F:61:C4:02:EB:A0:82:32:05:E5:86:7D:63:97:CA:C1:4B:3E:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DC0D9CCD03645A6E2DAEB964FA35C120DF74B47
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
Signing time: Mon 11 May 2026 01:50:39 +0000
ROA not before: Mon 11 May 2026 01:50:39 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:c0:d9:cc:d0:36:45:a6:e2:da:eb:96:4f:a3:5c:12:0d:f7:4b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:39 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=2715ba64435fee4ce79c5da90ddcf1f7f718ccea27148a2077ef6f95c00a990a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:66:20:d0:fc:58:53:eb:f3:46:9a:26:d7:06:
75:39:37:9c:14:29:34:14:07:c2:74:eb:b2:ec:bf:
69:90:7b:a8:cc:6f:9b:02:df:62:a8:bb:b9:85:c9:
1e:7f:60:61:7b:1f:c3:da:8e:de:cf:d0:95:34:2e:
0b:08:fc:ab:d1:a4:f3:d4:b6:b5:c5:e3:c0:3a:d8:
74:14:79:71:10:c4:39:aa:42:ef:41:bd:8e:22:77:
42:62:a8:d4:f2:4d:c2:89:a4:91:13:31:42:f8:75:
73:9e:f8:4e:48:be:9e:a0:73:06:63:ba:91:21:0a:
61:f1:69:4d:ac:f3:b9:e0:bb:5f:03:5d:c9:00:e7:
e7:db:a5:9a:1a:bd:4a:52:80:ba:e0:6e:ce:95:9c:
7b:19:35:ce:3d:a8:a8:d0:16:18:5e:c9:d4:64:cc:
14:4d:cf:f7:31:ca:d8:d0:6a:2d:4d:d7:95:27:cf:
dd:aa:5a:7a:64:89:4c:0e:d3:25:16:9b:4b:e1:48:
fe:bc:d2:0c:17:34:02:7d:b7:82:c2:2a:42:fd:b9:
6f:c8:52:35:cb:47:63:00:3b:5a:bf:d3:a1:ab:44:
14:fa:3a:e4:6c:d3:eb:a9:7c:97:9c:83:45:6d:c1:
39:91:2a:a3:6f:d2:a6:83:76:af:1d:70:a6:d7:0d:
b6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:6F:61:C4:02:EB:A0:82:32:05:E5:86:7D:63:97:CA:C1:4B:3E:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b5:16:48:ce:4f:11:9e:e5:05:ed:f7:25:10:bd:c1:c2:74:c8:
f8:55:aa:45:7d:4b:3b:c5:7f:ee:ce:1c:54:9c:5c:16:0c:bc:
f4:c6:51:a0:0e:47:50:7b:b8:45:36:cd:26:43:59:d9:c9:cf:
5d:1f:a6:84:03:ee:fb:ba:49:c1:5b:2d:8d:b4:3b:f6:d1:a1:
a8:4b:85:38:b0:f8:40:68:43:ba:f1:e8:1f:9b:76:d1:23:49:
70:1b:f3:8c:b3:d0:89:19:7e:c9:19:dd:4a:e9:ce:5f:2b:ea:
a4:50:3e:7f:8a:0d:2c:3e:4a:90:5d:83:2c:c7:9c:4b:9e:7e:
8b:a5:b7:56:c3:16:28:d0:4c:57:b1:40:4d:31:f4:60:7c:2e:
5f:26:32:71:84:aa:7d:40:07:b0:bb:ad:20:ef:72:1c:f3:b2:
21:f4:c3:53:ad:e3:c7:b5:d9:e7:e8:07:48:e6:f3:8b:26:77:
3b:bc:1c:4c:92:ac:b4:0c:c4:f8:c2:90:67:a9:c2:18:ac:16:
81:43:99:ef:7c:90:72:29:a7:ad:d5:07:98:18:b1:8c:c5:b1:
a3:9d:c9:ef:41:1c:67:ff:80:78:c2:09:c3:5d:6f:62:49:f6:
be:df:34:50:88:6d:77:95:55:75:9e:65:0a:24:ce:60:b9:1b:
90:07:22:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULcDZzNA2Rabi2uuWT6NcEg33S0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMzlaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3MTViYTY0NDM1ZmVlNGNlNzljNWRhOTBkZGNmMWY3ZjcxOGNjZWEyNzE0
OGEyMDc3ZWY2Zjk1YzAwYTk5MGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpmIND8WFPr80aaJtcGdTk3nBQpNBQHwnTrsuy/aZB7qMxvmwLfYqi7uYXJ
Hn9gYXsfw9qO3s/QlTQuCwj8q9Gk89S2tcXjwDrYdBR5cRDEOapC70G9jiJ3QmKo
1PJNwomkkRMxQvh1c574Tki+nqBzBmO6kSEKYfFpTazzueC7XwNdyQDn59ulmhq9
SlKAuuBuzpWcexk1zj2oqNAWGF7J1GTMFE3P9zHK2NBqLU3XlSfP3apaemSJTA7T
JRabS+FI/rzSDBc0An23gsIqQv25b8hSNctHYwA7Wr/ToatEFPo65GzT66l8l5yD
RW3BOZEqo2/SpoN2rx1wptcNtt0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqb2HE
AuuggjIF5YZ9Y5fKwUs+tTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI4Zjk4MzItZGY5Yi00ZmM4LTk0ZGEtNWU4ODNlMGQ2ZTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA
MA0GCSqGSIb3DQEBCwUAA4IBAQC1FkjOTxGe5QXt9yUQvcHCdMj4VapFfUs7xX/u
zhxUnFwWDLz0xlGgDkdQe7hFNs0mQ1nZyc9dH6aEA+77uknBWy2NtDv20aGoS4U4
sPhAaEO68egfm3bRI0lwG/OMs9CJGX7JGd1K6c5fK+qkUD5/ig0sPkqQXYMsx5xL
nn6LpbdWwxYo0ExXsUBNMfRgfC5fJjJxhKp9QAewu60g73Ic87Ih9MNTrePHtdnn
6AdI5vOLJnc7vBxMkqy0DMT4wpBnqcIYrBaBQ5nvfJByKaet1QeYGLGMxbGjncnv
QRxn/4B4wgnDXW9iSfa+3zRQiG13lVV1nmUKJM5guRuQByKg
-----END CERTIFICATE-----
Generated at Tue May 12 22:36:00 2026 by rpki-client