Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
File: 02484022-c79f-4464-827b-2127faff0b06.roa (raw, json)
Hash identifier: ar3+4u7Jc35a74ReLHdQ2MY+xAyTEB3dHUP7jkKh4UI=
Subject key identifier: B6:3E:81:D9:33:C2:66:CF:50:57:0C:49:1C:87:C1:4B:08:23:50:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A4F0A921C7E360295C131ECC34FA4AB225A02ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
Signing time: Mon 11 May 2026 01:50:42 +0000
ROA not before: Mon 11 May 2026 01:50:42 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:4f:0a:92:1c:7e:36:02:95:c1:31:ec:c3:4f:a4:ab:22:5a:02:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:42 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=21b7d20b54aba60f70140f81287d565c15a6c8de3d243a50d09f93afa9743307, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:03:37:b4:dc:ae:94:e1:bf:e5:01:37:90:43:
76:37:57:17:75:8e:f8:b6:f7:e3:eb:8f:5f:45:b6:
9b:65:fb:50:a5:a7:4b:1e:e2:5a:bb:33:9d:12:5b:
52:f3:39:12:74:1a:55:22:3b:67:31:47:f8:83:fe:
69:c2:24:30:e2:5d:0b:35:9e:72:31:83:c0:85:48:
4c:c8:6b:89:aa:5e:83:14:49:46:2d:2a:e3:e4:ae:
45:f2:7e:67:68:a4:cf:79:eb:e8:2b:f9:7c:4a:b4:
38:bd:6f:5d:d2:11:95:96:15:76:04:c1:d9:cd:67:
2c:c3:ec:ab:01:87:04:9d:f7:64:61:2c:b2:a1:d5:
ed:a2:77:64:af:1f:46:ba:8c:1b:6b:b4:1d:34:4f:
0a:d0:c9:aa:f5:fc:c9:ca:7b:e8:e4:00:6a:40:b7:
04:b3:46:18:df:eb:7b:2b:40:e2:bd:b6:43:21:7b:
db:e6:6c:bb:76:46:83:3b:be:c2:87:58:b1:6a:03:
b2:33:a9:f3:6e:f8:49:07:c1:7f:94:f7:76:58:c2:
ed:0b:fa:7f:73:5d:19:92:a4:f8:fd:e8:a9:90:ef:
4c:f2:26:9d:c6:76:78:3e:7f:b4:4e:fa:69:8b:47:
42:c4:56:ca:a7:34:00:57:d3:c4:93:c9:ff:e6:b9:
8b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3E:81:D9:33:C2:66:CF:50:57:0C:49:1C:87:C1:4B:08:23:50:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030::/32
Signature Algorithm: sha256WithRSAEncryption
75:a9:27:2f:54:c6:c0:fe:96:94:bb:e4:7a:44:ae:11:9f:9e:
8c:5c:18:e4:08:1b:2d:cd:9c:db:f6:2f:66:9b:47:ac:d4:a8:
e9:4b:cf:5f:8b:ef:b9:8a:2d:4a:27:b0:53:2c:40:9f:aa:27:
31:10:c6:7f:04:4a:b0:ee:61:35:c2:98:fb:38:64:23:5f:ad:
32:1a:f8:64:a7:26:28:2c:17:44:1b:b7:29:fe:fd:3f:28:67:
88:d6:a7:ea:94:77:28:1e:35:85:90:c3:61:7c:d1:a9:25:58:
3f:fb:e6:74:7c:aa:28:50:60:fa:20:16:c6:a3:f7:f1:fc:df:
57:36:10:03:be:8c:80:40:e5:7a:d8:7c:8a:7d:c1:d0:74:97:
a9:5c:27:95:22:b8:98:68:27:6f:ad:64:69:0b:00:ab:b1:44:
3d:54:c1:86:13:58:16:bd:50:70:5d:b6:34:bb:f1:c7:44:32:
da:7c:a7:d8:f6:0b:73:7e:21:04:28:a2:7d:16:44:40:e6:73:
b2:0c:1d:a2:26:ea:a3:f6:7d:3b:8e:70:7f:d0:25:19:22:79:
3b:73:b0:05:52:63:dc:c3:2f:14:6e:af:48:d5:c7:9f:92:3e:
59:aa:1b:28:1c:24:d1:5c:42:ab:fc:0b:95:f9:11:bc:36:9d:
d2:61:51:d4
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUGk8Kkhx+NgKVwTHsw0+kqyJaAu0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwNDJaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxYjdkMjBiNTRhYmE2MGY3MDE0MGY4MTI4N2Q1NjVjMTVhNmM4ZGUzZDI0
M2E1MGQwOWY5M2FmYTk3NDMzMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUDN7TcrpThv+UBN5BDdjdXF3WO+Lb34+uPX0W2m2X7UKWnSx7iWrsznRJb
UvM5EnQaVSI7ZzFH+IP+acIkMOJdCzWecjGDwIVITMhriapegxRJRi0q4+SuRfJ+
Z2ikz3nr6Cv5fEq0OL1vXdIRlZYVdgTB2c1nLMPsqwGHBJ33ZGEssqHV7aJ3ZK8f
RrqMG2u0HTRPCtDJqvX8ycp76OQAakC3BLNGGN/reytA4r22QyF72+Zsu3ZGgzu+
wodYsWoDsjOp8274SQfBf5T3dljC7Qv6f3NdGZKk+P3oqZDvTPImncZ2eD5/tE76
aYtHQsRWyqc0AFfTxJPJ/+a5i60CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS2PoHZ
M8Jmz1BXDEkch8FLCCNQ9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDI0ODQwMjItYzc5Zi00NDY0LTgyN2ItMjEyN2ZhZmYwYjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DAw
DQYJKoZIhvcNAQELBQADggEBAHWpJy9UxsD+lpS75HpErhGfnoxcGOQIGy3NnNv2
L2abR6zUqOlLz1+L77mKLUonsFMsQJ+qJzEQxn8ESrDuYTXCmPs4ZCNfrTIa+GSn
JigsF0Qbtyn+/T8oZ4jWp+qUdygeNYWQw2F80aklWD/75nR8qihQYPogFsaj9/H8
31c2EAO+jIBA5XrYfIp9wdB0l6lcJ5UiuJhoJ2+tZGkLAKuxRD1UwYYTWBa9UHBd
tjS78cdEMtp8p9j2C3N+IQQoon0WREDmc7IMHaIm6qP2fTuOcH/QJRkieTtzsAVS
Y9zDLxRur0jVx5+SPlmqGygcJNFcQqv8C5X5Ebw2ndJhUdQ=
-----END CERTIFICATE-----
Generated at Tue May 12 22:59:07 2026 by rpki-client