Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa
File: 075bdd7a-ba79-4543-9f8e-ac092351419b.roa (raw, json)
Hash identifier: 1/E3bboiKe1aR6tCUAySqpuLZhXeCoCVp6n1GJ1wjH8=
Subject key identifier: C4:76:F4:CC:E3:21:BD:DA:3C:E9:BC:20:CF:76:8E:E2:3E:3F:52:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09E3E71F3FB85ADE9E2E4CAE6C52E5834B89ED68
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa
Signing time: Sat 02 May 2026 01:20:05 +0000
ROA not before: Sat 02 May 2026 01:20:05 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:e3:e7:1f:3f:b8:5a:de:9e:2e:4c:ae:6c:52:e5:83:4b:89:ed:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:20:05 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=d4ab1a4ce0b62e21ddbbe2010e9bbf0908236e83b7ff868b03c908af7d922dac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:c1:f1:70:e2:e9:46:67:b5:50:f6:69:e2:
b0:07:98:44:5d:66:bc:74:65:e7:d8:7a:94:45:40:
7f:14:0d:da:80:89:7c:ff:4c:7d:1a:5b:37:33:05:
71:54:03:e8:9e:36:34:2f:43:bb:c4:54:99:29:38:
1e:1d:80:1d:2f:7c:e3:ad:03:a1:df:39:cd:ea:bd:
69:19:b4:93:57:de:f5:a2:2d:5f:d1:63:78:4f:32:
bf:34:0e:96:92:a1:40:f9:53:9d:1d:7e:57:10:b1:
77:27:57:13:2e:1b:d8:72:ff:ac:95:09:3c:2d:33:
12:1b:08:b7:6c:8b:ff:83:d7:82:51:5d:de:3f:f7:
ac:bd:8f:22:93:58:c5:b8:76:47:f3:e5:c9:8f:8d:
43:39:6c:f4:a6:a3:93:98:d8:55:6d:ea:74:01:8b:
72:33:9c:e0:73:01:75:61:dd:30:6b:5c:1d:53:58:
9c:22:8d:c8:2e:bb:c4:de:90:86:c8:01:f5:e9:fa:
b1:85:a8:74:79:fb:0b:b1:cd:ff:8b:39:7b:6f:e1:
4e:4d:cb:7a:e4:ae:90:ac:d3:56:d7:3d:92:12:d6:
93:10:9f:65:51:c3:58:b2:7f:7a:b2:84:d1:eb:52:
88:78:bc:6a:6a:b4:ea:94:dc:ba:0f:43:44:80:c5:
f3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:76:F4:CC:E3:21:BD:DA:3C:E9:BC:20:CF:76:8E:E2:3E:3F:52:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c2:d3:73:6e:39:68:5f:b3:64:c5:88:b6:32:13:d8:9f:77:54:
8a:7b:ec:4c:55:d7:d1:4c:9b:0c:d5:37:79:0e:5a:c7:85:13:
c6:b0:8c:06:41:9b:0b:51:e4:f1:ab:a4:e9:dd:69:4e:d5:15:
61:10:34:ca:0d:4a:10:11:a5:06:16:55:c4:f1:e8:03:bd:55:
91:a3:83:62:59:eb:c8:cf:0b:b6:fa:37:06:bf:e5:b9:13:58:
49:68:81:54:14:03:00:5a:c5:ec:24:b3:60:d3:a0:b6:6e:20:
bb:23:0e:67:85:b2:c7:e6:67:d9:58:d3:93:47:7b:f0:49:b7:
e7:e0:78:3f:ae:70:51:94:61:5f:a4:10:61:91:76:c5:32:aa:
00:2c:99:f4:4e:a4:90:27:19:e8:91:52:1a:e3:36:6b:53:47:
65:1a:e2:1a:10:05:a0:b4:91:06:6b:84:c6:2b:49:cc:1d:a9:
3a:23:18:36:d6:de:57:6d:11:a3:24:54:b4:8b:99:e9:a9:5f:
fe:c5:d3:fd:83:41:2a:96:dc:91:94:a6:54:b5:3d:94:26:cc:
21:42:2b:34:0d:3d:65:5e:44:c4:21:0d:db:4c:25:41:6d:65:
71:13:47:d5:4b:52:da:38:50:8f:ac:02:72:cf:1a:51:ec:62:
2e:5f:8d:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCePnHz+4Wt6eLkyubFLlg0uJ7WgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTIwMDVaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0YWIxYTRjZTBiNjJlMjFkZGJiZTIwMTBlOWJiZjA5MDgyMzZlODNiN2Zm
ODY4YjAzYzkwOGFmN2Q5MjJkYWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXCwfFw4ulGZ7VQ9mnisAeYRF1mvHRl59h6lEVAfxQN2oCJfP9MfRpbNzMF
cVQD6J42NC9Du8RUmSk4Hh2AHS98460Dod85zeq9aRm0k1fe9aItX9FjeE8yvzQO
lpKhQPlTnR1+VxCxdydXEy4b2HL/rJUJPC0zEhsIt2yL/4PXglFd3j/3rL2PIpNY
xbh2R/PlyY+NQzls9Kajk5jYVW3qdAGLcjOc4HMBdWHdMGtcHVNYnCKNyC67xN6Q
hsgB9en6sYWodHn7C7HN/4s5e2/hTk3LeuSukKzTVtc9khLWkxCfZVHDWLJ/erKE
0etSiHi8amq06pTcug9DRIDF89kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTEdvTM
4yG92jzpvCDPdo7iPj9SuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDc1YmRkN2EtYmE3OS00NTQzLTlmOGUtYWMwOTIzNTE0MTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gpg
MA0GCSqGSIb3DQEBCwUAA4IBAQDC03NuOWhfs2TFiLYyE9ifd1SKe+xMVdfRTJsM
1Td5DlrHhRPGsIwGQZsLUeTxq6Tp3WlO1RVhEDTKDUoQEaUGFlXE8egDvVWRo4Ni
WevIzwu2+jcGv+W5E1hJaIFUFAMAWsXsJLNg06C2biC7Iw5nhbLH5mfZWNOTR3vw
Sbfn4Hg/rnBRlGFfpBBhkXbFMqoALJn0TqSQJxnokVIa4zZrU0dlGuIaEAWgtJEG
a4TGK0nMHak6Ixg21t5XbRGjJFS0i5npqV/+xdP9g0EqltyRlKZUtT2UJswhQis0
DT1lXkTEIQ3bTCVBbWVxE0fVS1LaOFCPrAJyzxpR7GIuX43Z
-----END CERTIFICATE-----
Generated at Tue May 12 23:40:07 2026 by rpki-client