Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62d19016-7a77-4f9c-a163-b01636d2402b.roa
File: 62d19016-7a77-4f9c-a163-b01636d2402b.roa (raw, json)
Hash identifier: p0USAdcdsuxGJTb5VLwL9fr1VLtXXMoyR/yZWvacVIo=
Subject key identifier: D1:C2:0D:56:9E:AC:DB:85:60:9E:75:5F:63:99:82:C0:E1:AB:A2:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 359C65DB89280486E2CDA9747249170630A2AF20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62d19016-7a77-4f9c-a163-b01636d2402b.roa
Signing time: Sat 02 May 2026 01:30:44 +0000
ROA not before: Sat 02 May 2026 01:30:44 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:9c:65:db:89:28:04:86:e2:cd:a9:74:72:49:17:06:30:a2:af:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:44 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=84d61ef60f0f842fc606c37b8ea98d649326af4fac0589fa20d2820479dedb02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4e:9d:c2:32:3c:64:c6:d3:26:5c:ed:4f:a0:
3f:49:13:25:4d:9f:3d:5d:0f:88:08:e7:3f:0a:7d:
99:cf:b3:da:f1:ec:61:90:8a:d5:1b:4f:8e:e1:48:
2e:13:64:57:0b:54:44:16:6e:62:86:a6:12:42:27:
b1:f8:67:62:1c:20:6a:0b:de:6a:ac:97:6b:81:e4:
33:db:c9:0b:ee:6a:55:dc:8b:b4:0c:58:df:58:41:
55:9d:1f:94:2a:e5:17:4f:54:eb:93:62:a4:72:ea:
c6:55:b6:ec:9f:01:76:c0:d8:16:01:56:db:8f:8b:
20:da:a1:ca:28:65:9d:cd:1b:6e:42:69:1a:f9:9f:
8e:8c:29:2e:2b:e5:c7:95:c5:b9:fe:85:19:85:4c:
29:eb:d2:98:44:d2:64:5b:74:28:f7:cb:af:fe:1d:
25:60:84:94:c7:d2:0d:e2:81:f5:92:01:16:5f:2b:
62:b3:95:ef:cc:89:c0:8e:a9:13:f5:d7:9b:14:8f:
84:81:70:64:4e:01:dd:ab:84:26:5f:1a:de:39:3c:
b3:83:7d:98:fb:47:58:c3:3f:4e:ac:b9:dc:7d:f1:
ea:f2:54:5e:48:c5:68:40:f1:35:fd:a0:81:e7:3f:
86:c0:a0:78:07:fc:d8:15:00:2e:7d:5e:be:95:05:
b4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C2:0D:56:9E:AC:DB:85:60:9E:75:5F:63:99:82:C0:E1:AB:A2:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62d19016-7a77-4f9c-a163-b01636d2402b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:e040::/48
Signature Algorithm: sha256WithRSAEncryption
53:6a:59:4d:ac:35:fb:65:5a:15:9d:ec:44:fd:33:f5:ff:83:
9d:93:a5:9b:20:9b:2f:93:6d:bd:13:0c:e0:48:9c:e8:3f:51:
d0:75:c0:90:2c:dc:43:18:aa:31:ba:70:39:e1:55:30:8b:05:
39:0c:3b:23:ac:61:8f:37:92:dd:d8:a2:30:07:2d:a3:ea:9d:
a2:e9:c6:f6:aa:3c:1d:39:4a:26:b6:d4:b9:d0:f6:eb:07:c5:
79:a7:2f:19:71:e8:d5:f2:29:bd:07:ca:94:14:2b:63:b2:1c:
f5:b3:65:9b:6b:d1:44:8b:ad:6a:c2:55:c1:c9:25:0e:e7:11:
09:55:08:8e:df:9a:c6:d0:ca:68:1c:42:bc:b2:4c:4c:03:c2:
4d:bf:b0:cd:fd:79:9b:39:64:5e:5e:db:0c:8e:6b:2d:4b:96:
ad:d4:13:c5:77:ba:20:52:5e:62:be:35:3f:d1:32:86:9b:37:
81:2e:d7:c2:5e:94:e3:1b:4f:2a:a4:97:5f:19:a3:a4:c5:07:
24:78:1d:bf:28:3c:e1:6c:44:c5:19:40:63:67:d6:33:2a:39:
e3:67:f6:b5:c8:8a:31:ec:d6:db:a5:45:b0:d8:d8:17:4e:07:
bf:18:6b:c2:47:6a:65:70:a9:e6:fa:16:04:c3:c8:8e:4e:8d:
aa:5f:d3:64
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNZxl24koBIbizal0ckkXBjCiryAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwNDRaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0ZDYxZWY2MGYwZjg0MmZjNjA2YzM3YjhlYTk4ZDY0OTMyNmFmNGZhYzA1
ODlmYTIwZDI4MjA0NzlkZWRiMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlOncIyPGTG0yZc7U+gP0kTJU2fPV0PiAjnPwp9mc+z2vHsYZCK1RtPjuFI
LhNkVwtURBZuYoamEkInsfhnYhwgagveaqyXa4HkM9vJC+5qVdyLtAxY31hBVZ0f
lCrlF09U65NipHLqxlW27J8BdsDYFgFW24+LINqhyihlnc0bbkJpGvmfjowpLivl
x5XFuf6FGYVMKevSmETSZFt0KPfLr/4dJWCElMfSDeKB9ZIBFl8rYrOV78yJwI6p
E/XXmxSPhIFwZE4B3auEJl8a3jk8s4N9mPtHWMM/Tqy53H3x6vJUXkjFaEDxNf2g
gec/hsCgeAf82BUALn1evpUFtO8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTRwg1W
nqzbhWCedV9jmYLA4auibjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJkMTkwMTYtN2E3Ny00ZjljLWExNjMtYjAxNjM2ZDI0MDJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Grg
QDANBgkqhkiG9w0BAQsFAAOCAQEAU2pZTaw1+2VaFZ3sRP0z9f+DnZOlmyCbL5Nt
vRMM4Eic6D9R0HXAkCzcQxiqMbpwOeFVMIsFOQw7I6xhjzeS3diiMActo+qdounG
9qo8HTlKJrbUudD26wfFeacvGXHo1fIpvQfKlBQrY7Ic9bNlm2vRRIutasJVwckl
DucRCVUIjt+axtDKaBxCvLJMTAPCTb+wzf15mzlkXl7bDI5rLUuWrdQTxXe6IFJe
Yr41P9Eyhps3gS7Xwl6U4xtPKqSXXxmjpMUHJHgdvyg84WxExRlAY2fWMyo542f2
tciKMezW26VFsNjYF04HvxhrwkdqZXCp5voWBMPIjk6Nql/TZA==
-----END CERTIFICATE-----
Generated at Wed May 13 00:08:51 2026 by rpki-client