Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e8f7de4-db4c-48d4-b38b-387a8380d716.roa
File: 0e8f7de4-db4c-48d4-b38b-387a8380d716.roa (raw, json)
Hash identifier: /UUX83l2eDshFRJaAK9sVasTOdxGBt4+JGR8ZMJeYfQ=
Subject key identifier: 88:86:40:65:81:6B:E9:5F:CE:AB:D9:11:78:13:4D:92:26:9E:1D:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27EFF0C07D42307254677ED92227281AD3F6F98C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e8f7de4-db4c-48d4-b38b-387a8380d716.roa
Signing time: Sat 02 May 2026 01:20:04 +0000
ROA not before: Sat 02 May 2026 01:20:04 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:ef:f0:c0:7d:42:30:72:54:67:7e:d9:22:27:28:1a:d3:f6:f9:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:20:04 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=9942faa22f0e2e32c49ab8f41ab4d0ed68903fa75b66e5202232d515edaa2af2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:01:18:45:be:63:3b:4e:d8:88:59:35:8e:fd:
60:90:82:0d:54:51:01:d4:08:f6:21:e5:a6:06:85:
58:78:3b:0f:a6:c0:cf:d9:eb:4e:83:25:b4:20:ed:
94:5f:71:3c:85:d7:01:01:bc:ee:47:eb:aa:76:5c:
0b:5c:20:da:c1:e3:34:64:cb:fb:0d:86:c6:e8:9d:
3d:4d:c5:cd:ff:60:0c:23:dc:98:80:2b:a3:d8:ed:
9e:5d:f5:e2:62:dc:6b:7c:35:ca:44:22:de:1e:e7:
3d:d6:5e:9d:83:68:2f:58:05:53:a3:30:83:3f:13:
88:ea:9b:0e:6f:b5:ca:91:19:d9:15:1f:0b:0f:b9:
04:84:1e:88:25:6b:b3:96:9e:94:24:10:90:7e:d4:
ae:2a:03:96:e0:2d:95:cd:8c:59:fd:89:08:47:ca:
a0:82:a8:3d:48:81:e0:9d:e1:e7:2c:c7:52:cf:59:
82:7a:91:b2:f4:fd:66:5d:80:8e:99:cf:ed:03:cc:
fa:42:4d:0b:bb:e8:e8:be:cf:5e:ee:ea:ac:49:b6:
72:22:d4:88:61:a2:7c:e0:d5:58:29:de:40:1c:98:
1a:98:ff:ac:52:cf:36:3a:0a:bc:f7:35:f0:6d:0c:
65:8a:c2:d5:1d:dd:92:2f:73:ca:a8:7f:d6:25:85:
5b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:86:40:65:81:6B:E9:5F:CE:AB:D9:11:78:13:4D:92:26:9E:1D:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e8f7de4-db4c-48d4-b38b-387a8380d716.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
86:02:a3:02:b3:0e:f7:7d:3e:b7:05:38:73:30:06:2f:59:6e:
b3:a6:75:eb:d0:04:28:02:76:79:a4:ba:a1:70:8b:a9:a4:c1:
56:83:5e:6b:b2:16:a3:14:a4:d8:96:5b:22:67:68:e4:11:95:
0c:c6:29:ae:a2:a0:e2:c1:d3:79:5f:53:6d:1b:fc:81:58:ba:
cd:14:eb:0b:e1:ca:d9:5d:8a:a3:25:88:68:05:57:53:a3:60:
dd:2f:1f:b4:50:c5:af:4a:a2:bd:22:3d:98:ba:77:e7:72:d5:
a3:16:77:48:9a:92:fa:a9:fb:d3:5f:5b:45:12:fb:99:36:06:
32:9b:b7:ef:78:0f:8e:77:0c:e8:69:87:c9:35:2e:91:6a:20:
90:be:28:4d:75:91:74:c2:33:12:cf:99:7f:96:8d:0d:c0:a7:
0c:1c:73:ee:c0:0c:fe:a0:0a:b7:75:35:e2:a8:b3:fe:c0:52:
fa:3a:70:b0:f0:a2:bb:6f:3f:33:29:20:16:56:45:ab:c5:ea:
9e:c2:bb:28:e5:a2:af:16:e8:d4:5f:c5:5a:8f:63:99:b4:62:
d9:5b:4d:a4:99:17:67:4a:51:78:9f:3c:4b:bc:ce:59:42:85:
21:fd:ee:32:45:a1:dd:eb:47:a1:17:0f:dd:88:27:b7:3c:68:
bd:32:e5:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ+/wwH1CMHJUZ37ZIicoGtP2+YwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTIwMDRaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NDJmYWEyMmYwZTJlMzJjNDlhYjhmNDFhYjRkMGVkNjg5MDNmYTc1YjY2
ZTUyMDIyMzJkNTE1ZWRhYTJhZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0BGEW+YztO2IhZNY79YJCCDVRRAdQI9iHlpgaFWHg7D6bAz9nrToMltCDt
lF9xPIXXAQG87kfrqnZcC1wg2sHjNGTL+w2GxuidPU3Fzf9gDCPcmIAro9jtnl31
4mLca3w1ykQi3h7nPdZenYNoL1gFU6Mwgz8TiOqbDm+1ypEZ2RUfCw+5BIQeiCVr
s5aelCQQkH7UrioDluAtlc2MWf2JCEfKoIKoPUiB4J3h5yzHUs9ZgnqRsvT9Zl2A
jpnP7QPM+kJNC7vo6L7PXu7qrEm2ciLUiGGifODVWCneQByYGpj/rFLPNjoKvPc1
8G0MZYrC1R3dki9zyqh/1iWFWzsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSIhkBl
gWvpX86r2RF4E02SJp4dlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU4ZjdkZTQtZGI0Yy00OGQ0LWIzOGItMzg3YTgzODBkNzE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GrA
MA0GCSqGSIb3DQEBCwUAA4IBAQCGAqMCsw73fT63BThzMAYvWW6zpnXr0AQoAnZ5
pLqhcIuppMFWg15rshajFKTYllsiZ2jkEZUMximuoqDiwdN5X1NtG/yBWLrNFOsL
4crZXYqjJYhoBVdTo2DdLx+0UMWvSqK9Ij2YunfnctWjFndImpL6qfvTX1tFEvuZ
NgYym7fveA+OdwzoaYfJNS6RaiCQvihNdZF0wjMSz5l/lo0NwKcMHHPuwAz+oAq3
dTXiqLP+wFL6OnCw8KK7bz8zKSAWVkWrxeqewrso5aKvFujUX8Vaj2OZtGLZW02k
mRdnSlF4nzxLvM5ZQoUh/e4yRaHd60ehFw/diCe3PGi9MuUH
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:01 2026 by rpki-client