Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
File: 1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa (raw, json)
Hash identifier: jZm7DiFM8RuqD+bx4ALLjMwS7P/OZo5Crw1sfnN98nI=
Subject key identifier: D7:AC:20:23:8D:D9:BE:78:E4:D3:62:4B:FF:49:CF:02:29:16:4E:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 476565ED3EECEDD74A043328C4B8AA2EB5B950C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
Signing time: Mon 04 May 2026 15:30:38 +0000
ROA not before: Mon 04 May 2026 15:30:38 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:65:65:ed:3e:ec:ed:d7:4a:04:33:28:c4:b8:aa:2e:b5:b9:50:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:38 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=df62c8b50693c419c28970700b3a6ce799edab2579b222930dd4de9f1d006f5b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a4:06:12:69:f9:ee:c1:65:6c:53:6a:d2:4e:
a5:83:7d:72:61:9d:7f:ed:27:ee:4f:db:da:5c:3b:
e8:c3:0d:c5:6d:ba:25:1c:06:59:54:d1:37:6a:6c:
ee:c7:49:33:b2:9d:0a:0c:22:64:fc:70:24:93:3a:
b4:17:59:46:45:e9:70:30:cc:e8:f8:cf:31:19:f7:
ca:ad:77:d4:99:98:a6:24:10:14:7f:f0:57:13:46:
74:ac:99:1d:79:24:5a:52:0e:fd:eb:f7:0b:86:2f:
67:f7:19:6c:f9:ce:10:74:c0:20:ed:23:a4:0d:a3:
5f:74:62:bd:8f:c5:bd:8e:39:42:b5:22:db:67:dc:
54:ab:08:c9:ce:9d:1e:c6:da:74:39:68:1c:d3:a3:
43:e7:67:b6:db:4c:23:27:17:c0:87:d1:fd:ed:c0:
6d:5c:ab:86:c6:1f:ce:0d:84:6e:bb:b6:aa:3f:61:
40:81:ec:1f:1b:e4:66:92:23:17:e9:40:08:e5:ac:
60:ed:da:a5:dc:12:dd:71:38:c3:8b:38:b6:12:4d:
00:6b:5d:44:72:23:f5:5a:5c:07:63:67:8b:5e:3d:
6b:a3:ba:b0:39:f6:b2:9f:db:59:ce:c6:6d:a5:aa:
92:d8:c7:67:6e:4d:f6:28:e9:91:b6:41:e8:a3:4f:
62:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:AC:20:23:8D:D9:BE:78:E4:D3:62:4B:FF:49:CF:02:29:16:4E:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
7b:ff:2c:75:47:ac:34:00:68:49:9e:86:70:37:7c:9e:62:b1:
c3:6e:f1:da:90:a5:32:f2:db:db:c8:db:82:5d:b9:c5:2d:98:
3d:a1:e2:11:01:a9:c5:95:93:b6:13:0a:f4:53:c0:63:3e:c8:
3e:bb:2f:02:3c:59:37:e8:be:df:f3:44:61:b9:94:04:8c:c1:
d1:2a:e5:9d:aa:a4:e1:13:b5:3c:68:c0:55:f9:59:2b:d7:70:
ec:27:6f:ba:58:4c:48:c1:d9:99:c9:d4:03:80:21:fb:89:70:
72:9e:02:bd:b7:c6:e3:e8:77:29:98:8f:63:e8:5a:1e:6a:26:
2e:16:10:a9:32:06:7a:cb:30:dc:29:44:84:bf:3f:39:9f:09:
47:6e:98:98:6e:a9:21:03:c3:61:1a:76:9d:ea:d1:47:3d:ae:
50:ed:b0:d4:22:55:ad:e6:41:dc:2e:1a:f5:9e:42:1b:ff:2b:
83:0a:c0:52:ba:f6:2a:14:5b:3e:ef:4b:0c:2c:d6:b3:fe:26:
5f:b2:df:1a:dd:59:7d:16:9f:0b:35:59:56:15:43:da:4c:af:
a4:0a:d8:44:88:12:7f:1a:f4:48:1a:e0:34:75:72:1b:04:f8:
5f:eb:1a:fd:6b:ca:90:51:0a:07:ce:cd:99:30:83:ee:5f:a2:
e9:22:7c:24
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR2Vl7T7s7ddKBDMoxLiqLrW5UMgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMzhaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmNjJjOGI1MDY5M2M0MTljMjg5NzA3MDBiM2E2Y2U3OTllZGFiMjU3OWIy
MjI5MzBkZDRkZTlmMWQwMDZmNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKukBhJp+e7BZWxTatJOpYN9cmGdf+0n7k/b2lw76MMNxW26JRwGWVTRN2ps
7sdJM7KdCgwiZPxwJJM6tBdZRkXpcDDM6PjPMRn3yq131JmYpiQQFH/wVxNGdKyZ
HXkkWlIO/ev3C4YvZ/cZbPnOEHTAIO0jpA2jX3RivY/FvY45QrUi22fcVKsIyc6d
HsbadDloHNOjQ+dntttMIycXwIfR/e3AbVyrhsYfzg2Ebru2qj9hQIHsHxvkZpIj
F+lACOWsYO3apdwS3XE4w4s4thJNAGtdRHIj9VpcB2Nni149a6O6sDn2sp/bWc7G
baWqktjHZ25N9ijpkbZB6KNPYu8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTXrCAj
jdm+eOTTYkv/Sc8CKRZOTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTczMGZiMGYtYWZkMi00YTQwLWIyMTgtN2QwZGYyYjJhMWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
wDANBgkqhkiG9w0BAQsFAAOCAQEAe/8sdUesNABoSZ6GcDd8nmKxw27x2pClMvLb
28jbgl25xS2YPaHiEQGpxZWTthMK9FPAYz7IPrsvAjxZN+i+3/NEYbmUBIzB0Srl
naqk4RO1PGjAVflZK9dw7CdvulhMSMHZmcnUA4Ah+4lwcp4CvbfG4+h3KZiPY+ha
HmomLhYQqTIGessw3ClEhL8/OZ8JR26YmG6pIQPDYRp2nerRRz2uUO2w1CJVreZB
3C4a9Z5CG/8rgwrAUrr2KhRbPu9LDCzWs/4mX7LfGt1ZfRafCzVZVhVD2kyvpArY
RIgSfxr0SBrgNHVyGwT4X+sa/WvKkFEKB87NmTCD7l+i6SJ8JA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:29 2026 by rpki-client