Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
File: c65e11fa-ec6d-4214-88c5-464a024d8957.roa (raw, json)
Hash identifier: /TLeMyzE1hx7mBuEunKcjHvfxUOtRMg4wutpHHgfyWA=
Subject key identifier: F4:1B:0E:70:7E:DF:3E:AC:98:9A:3A:2B:33:DB:68:32:3C:20:0D:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F5F513872A6C6E8C70D755CE42FE7661ACB8FE0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
Signing time: Mon 04 May 2026 15:20:42 +0000
ROA not before: Mon 04 May 2026 15:20:42 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:5f:51:38:72:a6:c6:e8:c7:0d:75:5c:e4:2f:e7:66:1a:cb:8f:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:42 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=6e14ccaab2036fb65da1e3d6609162a86baa825a5c7a6066f58633fd5391a750, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:f5:e8:8e:b9:c6:a2:f8:fb:4b:d2:d2:6b:
4b:b6:65:e2:8a:03:4c:41:73:08:38:c9:56:f2:7b:
3f:9e:44:72:7c:95:f2:9c:49:08:0b:5e:0a:b8:1b:
4f:d0:ff:7f:10:af:06:15:70:dd:20:d9:1b:b5:69:
40:51:f8:22:b6:06:5d:da:e0:82:69:d5:6f:08:1d:
b2:e7:1c:8c:0f:7a:5b:05:d7:12:eb:39:d5:36:98:
db:d5:02:f6:28:1b:79:05:c7:2f:5d:81:de:76:97:
32:7c:c0:fc:b8:46:e9:88:cd:31:71:6f:d9:f8:2a:
90:d0:a8:65:a1:32:e6:d7:dd:2f:9e:54:bb:dc:ae:
02:8c:66:0c:b7:c1:e7:e9:1c:ff:7d:78:79:3a:9b:
5e:61:e5:47:10:05:df:18:1f:0f:90:b4:0b:ab:96:
7e:b7:73:d5:16:6c:43:8e:b7:d1:84:f4:31:01:12:
ac:c7:15:9d:cd:09:a3:4f:f3:8a:bf:65:c1:54:67:
b7:c9:93:02:00:3d:ba:39:8e:5c:10:1d:57:06:d0:
e2:5b:30:91:2d:97:5d:ce:15:bf:1e:a9:07:c3:c4:
8d:f8:d6:09:d7:51:44:ad:71:df:51:bb:47:17:a8:
72:10:c7:cf:ae:23:a4:00:94:4e:86:9d:47:b4:28:
dc:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:1B:0E:70:7E:DF:3E:AC:98:9A:3A:2B:33:DB:68:32:3C:20:0D:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4000::/40
Signature Algorithm: sha256WithRSAEncryption
2f:94:4b:cb:26:c2:3e:c9:81:93:22:d4:54:87:0e:c2:8f:2d:
33:88:f2:ac:a1:0a:fa:7f:42:7c:20:19:68:b5:56:0a:87:11:
88:92:15:fb:fa:fc:27:54:e4:03:dd:82:e3:c4:57:65:18:25:
82:64:ad:95:1b:fa:9b:f1:d6:af:d2:5c:68:c6:d9:43:a3:00:
63:e0:7f:bd:61:30:30:84:50:a1:c5:6c:b4:ee:1e:e9:42:28:
80:a7:eb:c2:04:9b:56:b6:27:61:77:2d:e2:5b:7c:08:de:f8:
11:d1:0e:f4:0c:55:52:b7:f1:7a:2b:5f:d0:c9:09:a8:70:4e:
e3:b8:09:3f:81:ef:b0:b3:6e:fe:3c:fa:2f:e1:ae:12:60:62:
cc:57:56:0f:c3:2f:4e:de:97:9b:7f:46:15:d6:ff:b2:97:bc:
9a:c3:f6:e2:98:cd:c6:e9:f0:76:83:53:17:eb:1c:49:6f:f3:
5b:28:23:c5:b2:81:b4:1d:fe:08:4d:b4:bc:44:86:db:b3:83:
6e:15:eb:26:74:96:65:6d:1e:f9:47:6a:25:76:ee:85:2e:f2:
78:63:59:6d:1f:06:ed:2e:a9:4d:7d:d0:12:b7:37:96:87:0b:
ea:8e:8d:22:e2:28:25:fa:f8:83:d8:fa:3b:4a:cd:6a:f9:d2:
b0:22:c3:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT19ROHKmxujHDXVc5C/nZhrLj+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwNDJaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlMTRjY2FhYjIwMzZmYjY1ZGExZTNkNjYwOTE2MmE4NmJhYTgyNWE1Yzdh
NjA2NmY1ODYzM2ZkNTM5MWE3NTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7+9eiOucai+PtL0tJrS7Zl4ooDTEFzCDjJVvJ7P55EcnyV8pxJCAteCrgb
T9D/fxCvBhVw3SDZG7VpQFH4IrYGXdrggmnVbwgdsuccjA96WwXXEus51TaY29UC
9igbeQXHL12B3naXMnzA/LhG6YjNMXFv2fgqkNCoZaEy5tfdL55Uu9yuAoxmDLfB
5+kc/314eTqbXmHlRxAF3xgfD5C0C6uWfrdz1RZsQ4630YT0MQESrMcVnc0Jo0/z
ir9lwVRnt8mTAgA9ujmOXBAdVwbQ4lswkS2XXc4Vvx6pB8PEjfjWCddRRK1x31G7
RxeochDHz64jpACUToadR7Qo3BcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0Gw5w
ft8+rJiaOisz22gyPCANSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzY1ZTExZmEtZWM2ZC00MjE0LTg4YzUtNDY0YTAyNGQ4OTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFA
MA0GCSqGSIb3DQEBCwUAA4IBAQAvlEvLJsI+yYGTItRUhw7Cjy0ziPKsoQr6f0J8
IBlotVYKhxGIkhX7+vwnVOQD3YLjxFdlGCWCZK2VG/qb8dav0lxoxtlDowBj4H+9
YTAwhFChxWy07h7pQiiAp+vCBJtWtidhdy3iW3wI3vgR0Q70DFVSt/F6K1/QyQmo
cE7juAk/ge+ws27+PPov4a4SYGLMV1YPwy9O3pebf0YV1v+yl7yaw/bimM3G6fB2
g1MX6xxJb/NbKCPFsoG0Hf4ITbS8RIbbs4NuFesmdJZlbR75R2oldu6FLvJ4Y1lt
HwbtLqlNfdAStzeWhwvqjo0i4igl+viD2Po7Ss1q+dKwIsNd
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:35 2026 by rpki-client