Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3401cced-770c-4585-9f39-cb17444bbb38.roa
File: 3401cced-770c-4585-9f39-cb17444bbb38.roa (raw, json)
Hash identifier: kUd87pYse/sr4KOyBPlDXdHM2U0r1RLnNZKsjGTEQZU=
Subject key identifier: 85:03:33:6B:8B:7F:6F:34:EA:1F:E9:1E:23:A0:31:44:1A:FE:AE:53
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21A55FB8675CEF9DFBE87A35382BA386AA5F9B74
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3401cced-770c-4585-9f39-cb17444bbb38.roa
Signing time: Mon 04 May 2026 15:20:02 +0000
ROA not before: Mon 04 May 2026 15:20:02 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:a5:5f:b8:67:5c:ef:9d:fb:e8:7a:35:38:2b:a3:86:aa:5f:9b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:02 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=e7cf027cf826f8202d6b6f423bd8b2575a15311a1165e978e233973967a97a89, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ff:7c:29:9f:23:71:d9:0d:6a:9d:ab:00:17:
23:8c:a0:1e:d9:7d:56:f1:d4:8b:80:8c:0e:1d:68:
6c:08:37:ee:99:51:35:34:c8:47:a2:36:84:9d:74:
9b:7a:3a:8e:ce:cf:39:9a:45:53:44:89:72:63:89:
f3:3a:04:7c:60:08:94:78:af:d9:d5:8b:9f:ca:07:
ce:f1:bc:06:2d:8f:6a:47:af:77:5a:cc:e5:44:1f:
07:b5:3a:15:da:dd:28:bb:7b:91:90:37:2b:be:da:
89:49:e0:e1:f0:31:6c:3d:b7:4e:96:37:f8:2b:1c:
49:a4:c3:cd:5b:9a:48:db:e4:fe:e0:6a:a3:57:67:
31:96:38:f9:38:00:35:40:5b:36:47:f0:f1:1b:ea:
22:d0:bd:42:02:e0:0e:c6:fd:6e:bb:07:d7:59:99:
39:2e:ab:5e:d9:2d:34:3b:bb:83:9b:bb:93:d3:0d:
dc:6f:44:ed:75:ff:9a:5e:7a:27:7e:dd:a9:c5:82:
90:a6:d0:b0:31:13:2a:55:1a:c0:e4:76:9b:5d:8c:
64:36:7d:78:23:1a:f3:72:2f:75:50:ef:f7:33:a8:
8d:51:42:bd:c2:11:b5:30:3f:b9:dd:2a:31:f5:4e:
74:b5:ad:cc:c2:a4:1c:ca:aa:d4:0c:42:6f:c6:eb:
0a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:03:33:6B:8B:7F:6F:34:EA:1F:E9:1E:23:A0:31:44:1A:FE:AE:53
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3401cced-770c-4585-9f39-cb17444bbb38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032::/32
Signature Algorithm: sha256WithRSAEncryption
13:80:71:15:9c:52:97:a6:0d:24:9e:76:fc:e0:01:eb:9e:fb:
d5:2c:9c:ea:45:91:ad:6e:9b:77:63:f7:45:3c:d9:82:63:97:
34:2f:a8:db:b8:93:c8:5a:5b:c4:51:af:a2:2d:d2:67:59:3c:
8c:9f:bf:74:b0:c2:5f:54:f1:e9:4f:ff:7e:dc:fc:3b:e8:99:
ab:e2:b0:c0:b3:5e:1a:b1:ad:28:a5:7a:98:e7:50:46:38:11:
86:9f:a7:74:21:2d:25:ef:70:f2:64:17:f8:b3:c0:17:24:ad:
e3:7c:85:b4:7f:33:7c:38:8c:3f:c9:b3:07:bb:e0:d0:41:16:
41:d2:9b:06:b8:6d:14:21:50:8c:50:7f:8c:4e:6b:06:c3:08:
93:63:00:e9:9a:f4:23:b3:85:c4:fa:ec:06:f9:c9:4f:0a:a5:
fa:43:91:d3:12:c0:85:8a:7d:4e:39:d3:ef:df:27:7e:33:f3:
08:57:2f:35:06:a7:ed:34:d2:71:44:33:19:39:fb:c6:29:bb:
f0:08:b2:c1:9f:07:ea:8c:6f:58:32:ea:9e:76:1b:0f:0c:8e:
39:67:1b:8f:d3:44:b8:b4:09:9e:bc:68:39:51:d0:01:4c:cd:
04:1f:cf:8f:ba:27:0c:39:72:be:54:15:3f:db:51:bf:34:15:
4b:b9:66:b9
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUIaVfuGdc75376Ho1OCujhqpfm3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwMDJaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3Y2YwMjdjZjgyNmY4MjAyZDZiNmY0MjNiZDhiMjU3NWExNTMxMWExMTY1
ZTk3OGUyMzM5NzM5NjdhOTdhODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANT/fCmfI3HZDWqdqwAXI4ygHtl9VvHUi4CMDh1obAg37plRNTTIR6I2hJ10
m3o6js7POZpFU0SJcmOJ8zoEfGAIlHiv2dWLn8oHzvG8Bi2Pakevd1rM5UQfB7U6
FdrdKLt7kZA3K77aiUng4fAxbD23TpY3+CscSaTDzVuaSNvk/uBqo1dnMZY4+TgA
NUBbNkfw8RvqItC9QgLgDsb9brsH11mZOS6rXtktNDu7g5u7k9MN3G9E7XX/ml56
J37dqcWCkKbQsDETKlUawOR2m12MZDZ9eCMa83IvdVDv9zOojVFCvcIRtTA/ud0q
MfVOdLWtzMKkHMqq1AxCb8brCi0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSFAzNr
i39vNOof6R4joDFEGv6uUzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzQwMWNjZWQtNzcwYy00NTg1LTlmMzktY2IxNzQ0NGJiYjM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DIw
DQYJKoZIhvcNAQELBQADggEBABOAcRWcUpemDSSedvzgAeue+9UsnOpFka1um3dj
90U82YJjlzQvqNu4k8haW8RRr6It0mdZPIyfv3Swwl9U8elP/37c/DvomavisMCz
XhqxrSilepjnUEY4EYafp3QhLSXvcPJkF/izwBckreN8hbR/M3w4jD/Jswe74NBB
FkHSmwa4bRQhUIxQf4xOawbDCJNjAOma9COzhcT67Ab5yU8KpfpDkdMSwIWKfU45
0+/fJ34z8whXLzUGp+000nFEMxk5+8Ypu/AIssGfB+qMb1gy6p52Gw8MjjlnG4/T
RLi0CZ68aDlR0AFMzQQfz4+6Jww5cr5UFT/bUb80FUu5Zrk=
-----END CERTIFICATE-----
Generated at Wed May 13 00:18:35 2026 by rpki-client