Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa
File: 37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa (raw, json)
Hash identifier: H97Y34P8/Hm+AsYfy2r3zmee0Esju/Wit+ZpzK8vPbQ=
Subject key identifier: FF:63:2B:16:7D:28:44:9D:D5:2A:B4:0D:AA:C1:E2:2B:5C:BD:ED:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62774E142C9B8A46FD9E33938DF682213719596A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa
Signing time: Mon 11 May 2026 01:50:41 +0000
ROA not before: Mon 11 May 2026 01:50:41 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:77:4e:14:2c:9b:8a:46:fd:9e:33:93:8d:f6:82:21:37:19:59:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:41 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=2bf03233c1ca2d5695cd1a7c40aef0d8c6467401b587ffcb0921c1eaf33f4f7e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0f:d5:7f:14:f8:3e:3f:ac:55:28:3f:1d:e0:
af:64:aa:31:a6:3b:ea:03:3d:5b:bb:32:a4:3b:5f:
5b:24:5a:28:02:b7:11:f9:80:24:a2:80:34:69:cb:
6c:71:0b:44:6b:50:f5:15:55:4d:6e:2e:8f:6e:fd:
db:de:3c:aa:bb:d2:d1:2c:6d:71:16:98:82:19:8e:
82:70:4e:a7:77:91:ee:62:1c:86:08:1e:39:ea:75:
3d:83:1d:01:ab:39:43:06:b9:7b:f2:c2:0d:3b:14:
55:ba:35:f8:28:7d:76:a0:08:80:c3:84:48:80:f4:
e6:a6:22:2e:01:32:f0:7d:de:b3:1c:0f:28:e6:f8:
3a:27:c7:58:a0:c4:b6:ec:0d:63:a7:b0:79:58:bc:
e0:d3:bc:ac:b3:88:34:5b:f9:7b:d4:ad:23:d7:d9:
27:20:48:59:38:ca:ba:e7:60:ae:e8:ca:56:ed:ec:
71:2b:13:ad:66:86:17:49:12:17:0f:09:a5:b5:0e:
64:c6:3f:ff:5e:53:1b:32:88:ac:46:8c:11:63:44:
0f:39:1b:4d:20:8c:7c:aa:28:a8:89:f1:8d:2a:8d:
ea:ff:b3:e6:36:6d:3b:c3:8c:ef:e5:f4:93:13:96:
cf:ca:38:7b:2f:c4:ff:91:eb:94:81:df:e4:36:3c:
2a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:63:2B:16:7D:28:44:9D:D5:2A:B4:0D:AA:C1:E2:2B:5C:BD:ED:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/48
Signature Algorithm: sha256WithRSAEncryption
5e:ba:67:81:39:01:05:a2:16:0f:61:02:92:99:8c:91:69:ef:
61:c2:f9:42:58:d9:26:68:7a:f3:54:5c:97:81:82:89:dc:7e:
d0:e1:61:46:7e:b1:44:4d:93:f3:a0:04:70:e8:0a:7b:55:0f:
32:37:de:05:80:53:0b:03:f6:f5:be:60:7f:28:a3:f3:ee:7f:
83:57:12:7a:fe:4b:22:48:83:38:76:0b:75:14:56:76:ac:4c:
c5:00:7e:bc:c1:b7:7c:44:7f:7a:c0:84:91:09:7c:8b:51:ac:
fb:a2:2f:c1:4b:8f:98:3a:51:e6:1b:e8:9e:1f:65:14:46:d2:
2b:10:6b:be:95:b9:92:fd:83:df:1a:73:7b:99:1b:ad:f1:bf:
67:62:3c:cf:22:7b:c0:6b:c8:50:4f:00:62:04:27:3b:67:db:
6b:1d:65:16:86:30:fd:03:66:8a:86:bd:64:e6:18:57:87:c8:
ac:0f:26:f2:9c:28:b3:6a:74:52:4d:a3:04:4c:5c:8a:05:60:
93:56:59:f2:26:75:9d:f1:ec:99:48:a7:1b:b1:32:68:dd:b4:
ea:5b:f4:c2:fd:76:4b:b0:a9:34:a0:d6:f5:01:cd:4b:2b:b4:
1a:f0:1c:83:37:7e:cb:2b:08:b6:44:80:7c:7b:0d:68:4f:f4:
2e:eb:bc:95
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYndOFCybikb9njOTjfaCITcZWWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwNDFaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiZjAzMjMzYzFjYTJkNTY5NWNkMWE3YzQwYWVmMGQ4YzY0Njc0MDFiNTg3
ZmZjYjA5MjFjMWVhZjMzZjRmN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkP1X8U+D4/rFUoPx3gr2SqMaY76gM9W7sypDtfWyRaKAK3EfmAJKKANGnL
bHELRGtQ9RVVTW4uj2792948qrvS0SxtcRaYghmOgnBOp3eR7mIchggeOep1PYMd
Aas5Qwa5e/LCDTsUVbo1+Ch9dqAIgMOESID05qYiLgEy8H3esxwPKOb4OifHWKDE
tuwNY6eweVi84NO8rLOINFv5e9StI9fZJyBIWTjKuudgrujKVu3scSsTrWaGF0kS
Fw8JpbUOZMY//15TGzKIrEaMEWNEDzkbTSCMfKooqInxjSqN6v+z5jZtO8OM7+X0
kxOWz8o4ey/E/5HrlIHf5DY8KuUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT/YysW
fShEndUqtA2qweIrXL3thzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdiMDBjNjMtNGQ0OC00NmEyLWEyYWMtYzZkM2JmNjk1M2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HaA
ADANBgkqhkiG9w0BAQsFAAOCAQEAXrpngTkBBaIWD2ECkpmMkWnvYcL5QljZJmh6
81Rcl4GCidx+0OFhRn6xRE2T86AEcOgKe1UPMjfeBYBTCwP29b5gfyij8+5/g1cS
ev5LIkiDOHYLdRRWdqxMxQB+vMG3fER/esCEkQl8i1Gs+6IvwUuPmDpR5hvonh9l
FEbSKxBrvpW5kv2D3xpze5kbrfG/Z2I8zyJ7wGvIUE8AYgQnO2fbax1lFoYw/QNm
ioa9ZOYYV4fIrA8m8pwos2p0Uk2jBExcigVgk1ZZ8iZ1nfHsmUinG7EyaN206lv0
wv12S7CpNKDW9QHNSyu0GvAcgzd+yysItkSAfHsNaE/0Luu8lQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:33 2026 by rpki-client