Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
File: 130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa (raw, json)
Hash identifier: Qj981LkwgxB8cahX78C0dC0ln/EFA8WXiCDSxZ/zF5k=
Subject key identifier: D5:92:27:BB:80:D4:8C:12:D5:C6:18:B4:A3:03:8B:09:F5:13:04:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1646A3A5FA783D15BCC2EFBF8422AB6F44D520FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
Signing time: Fri 08 May 2026 03:30:12 +0000
ROA not before: Fri 08 May 2026 03:30:12 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:46:a3:a5:fa:78:3d:15:bc:c2:ef:bf:84:22:ab:6f:44:d5:20:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:12 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=622c7c14ddd18191a04726418dbf54d489c3f5c88ae50425629ed2022e02d596, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:03:0a:56:45:44:50:3e:fa:37:54:14:8e:b8:
90:87:84:60:fd:dc:6b:95:27:5b:e8:53:9a:cf:80:
8c:2e:48:c0:8e:33:f9:03:71:8f:a1:cc:8a:4d:f2:
2e:c1:72:f6:80:f2:28:3c:e9:f6:bb:4e:29:dd:d1:
a6:50:d8:dc:26:71:95:0e:90:7e:22:58:76:ad:b9:
06:bb:18:67:01:c0:af:d9:bb:82:ab:77:4d:01:4d:
05:b4:59:1d:e6:c7:1e:e0:fc:9a:64:d8:4c:89:cd:
89:f4:9f:33:9f:a3:21:1a:cb:23:55:83:1b:58:e3:
42:73:e5:b9:73:1c:36:be:40:c8:b0:5c:5c:9c:5e:
3f:7e:53:0f:3c:df:cc:57:31:57:c2:10:b0:c5:3e:
e1:89:76:53:d0:8e:dd:fc:8c:cb:ef:0f:06:95:92:
9e:19:20:cf:c1:c8:a6:9a:fa:d5:d2:12:fd:00:b2:
4f:94:2d:6a:79:83:bb:b6:fa:a0:32:fa:e5:7e:1e:
7b:8d:68:d5:9d:27:c5:1f:d0:b5:70:a6:51:cd:4c:
d7:81:85:a2:70:ab:93:db:10:26:9b:ee:e7:55:76:
8b:8f:c1:25:ee:72:15:94:93:6f:bc:79:32:1f:5c:
14:a5:97:f2:50:10:ef:a1:72:45:c4:ce:bd:61:cb:
de:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:92:27:BB:80:D4:8C:12:D5:C6:18:B4:A3:03:8B:09:F5:13:04:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
76:54:fe:e3:ce:c4:14:9d:32:65:93:94:f1:7c:2d:fd:00:44:
d3:f7:af:e0:5a:86:c6:86:d0:42:cc:e2:5a:35:77:ea:6f:91:
ee:33:96:c6:88:12:0a:55:46:f8:a9:0d:98:77:44:a2:9b:1f:
46:e9:d7:e4:eb:7e:6f:5e:74:4c:66:55:0f:d0:1c:a4:98:0e:
1b:06:03:16:22:79:7f:4a:cd:3b:6e:88:3b:a4:5a:37:81:b8:
26:41:15:98:88:ee:da:b8:75:bf:61:05:12:64:df:34:6e:2e:
26:c1:c6:84:47:76:f1:c1:88:97:ef:9b:ae:26:4f:f1:65:8b:
a2:5f:8a:e5:66:25:9c:02:1c:b3:f0:f1:12:db:09:63:1f:db:
15:18:c0:4d:e6:86:02:1b:44:71:f1:8b:12:7f:fd:04:55:c0:
49:6e:5b:c2:ef:28:ab:bc:10:52:1e:4f:a9:01:3c:b1:00:29:
bc:f3:c7:4a:63:ba:ab:84:dc:a5:bf:3d:f5:6f:01:a2:d2:61:
0a:af:c0:49:7c:0a:84:72:4c:5e:2f:50:66:79:84:cc:59:47:
bf:49:34:04:79:ff:58:e6:ae:b9:7f:f0:e2:bc:42:4c:7f:a9:
6f:75:1f:99:9e:d7:ba:ba:7f:9d:b5:d2:0c:91:64:d2:90:5c:
8b:0f:49:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFkajpfp4PRW8wu+/hCKrb0TVIP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMTJaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMmM3YzE0ZGRkMTgxOTFhMDQ3MjY0MThkYmY1NGQ0ODljM2Y1Yzg4YWU1
MDQyNTYyOWVkMjAyMmUwMmQ1OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO0DClZFRFA++jdUFI64kIeEYP3ca5UnW+hTms+AjC5IwI4z+QNxj6HMik3y
LsFy9oDyKDzp9rtOKd3RplDY3CZxlQ6QfiJYdq25BrsYZwHAr9m7gqt3TQFNBbRZ
HebHHuD8mmTYTInNifSfM5+jIRrLI1WDG1jjQnPluXMcNr5AyLBcXJxeP35TDzzf
zFcxV8IQsMU+4Yl2U9CO3fyMy+8PBpWSnhkgz8HIppr61dIS/QCyT5QtanmDu7b6
oDL65X4ee41o1Z0nxR/QtXCmUc1M14GFonCrk9sQJpvu51V2i4/BJe5yFZSTb7x5
Mh9cFKWX8lAQ76FyRcTOvWHL3qMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVkie7
gNSMEtXGGLSjA4sJ9RME+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTMwYmI1MTgtY2EzNi00M2VkLWI4ZGQtMDM0NWY1YzFiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQB2VP7jzsQUnTJlk5TxfC39AETT96/gWobGhtBC
zOJaNXfqb5HuM5bGiBIKVUb4qQ2Yd0Simx9G6dfk635vXnRMZlUP0BykmA4bBgMW
Inl/Ss07bog7pFo3gbgmQRWYiO7auHW/YQUSZN80bi4mwcaER3bxwYiX75uuJk/x
ZYuiX4rlZiWcAhyz8PES2wljH9sVGMBN5oYCG0Rx8YsSf/0EVcBJblvC7yirvBBS
Hk+pATyxACm888dKY7qrhNylvz31bwGi0mEKr8BJfAqEckxeL1BmeYTMWUe/STQE
ef9Y5q65f/DivEJMf6lvdR+Znte6un+dtdIMkWTSkFyLD0lt
-----END CERTIFICATE-----
Generated at Tue May 12 23:32:29 2026 by rpki-client