Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/446c7294-15f2-4794-9a7f-77119799815e.roa
File: 446c7294-15f2-4794-9a7f-77119799815e.roa (raw, json)
Hash identifier: GC4HnHUdZjUr6DXEDNmazhqa6ucvv8YQwbaS9FgZdZo=
Subject key identifier: 4F:5F:3E:81:DE:9F:E6:49:7A:2F:9C:5F:CC:E6:A9:79:ED:9E:92:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D063733F2043BEE6D2CFA2692AD30F8EF722313
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/446c7294-15f2-4794-9a7f-77119799815e.roa
Signing time: Mon 04 May 2026 15:21:00 +0000
ROA not before: Mon 04 May 2026 15:21:00 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:06:37:33:f2:04:3b:ee:6d:2c:fa:26:92:ad:30:f8:ef:72:23:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:21:00 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=93ad5793cdfc9b21d9b8910adc840f975f51d7b1d26bbb77a52575c0968120a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ed:5f:73:36:37:0c:2e:bb:69:0b:12:58:8b:
e0:95:89:70:d7:9d:c4:58:05:5b:16:49:0e:fc:74:
0b:e7:68:01:f0:ab:9b:88:ae:c5:43:e9:d0:67:80:
83:89:90:a3:c4:8a:29:07:1d:52:c1:86:6e:39:65:
f9:8a:c7:e9:6a:28:12:45:50:1e:2b:af:8a:d6:ff:
6c:d6:cd:d8:84:c3:0f:4d:39:0f:95:7e:0d:9c:28:
75:53:21:40:8c:74:55:b9:3c:cf:04:5a:9d:15:07:
85:6a:c1:3f:20:f0:a6:16:32:26:fa:eb:2d:39:5d:
5a:11:28:a8:54:ca:f8:e9:6e:75:0a:46:1a:6a:7f:
e0:15:ef:ce:b8:fd:7d:18:eb:58:34:1f:07:b8:a3:
2e:15:83:03:aa:61:60:d8:7a:47:56:95:5f:76:e3:
a2:09:5b:6e:12:8d:31:31:30:7f:1b:c4:93:25:1b:
fa:05:71:65:17:34:14:e1:e0:71:7d:dd:47:ed:36:
30:fe:fd:14:33:25:89:8a:eb:ec:03:e4:e6:72:d1:
c1:68:0e:9c:4d:26:39:69:1f:9c:dc:ef:4a:27:1e:
33:b6:85:68:3d:7a:68:12:44:df:b7:9a:93:ce:44:
25:e1:ef:84:c3:0f:91:55:93:83:f3:cc:6d:64:22:
d5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:5F:3E:81:DE:9F:E6:49:7A:2F:9C:5F:CC:E6:A9:79:ED:9E:92:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/446c7294-15f2-4794-9a7f-77119799815e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
bd:6e:16:20:4d:5f:79:5f:98:db:5f:d3:ac:2d:df:95:8d:1c:
7d:c9:56:72:4f:40:85:86:1d:6f:20:7f:2d:0d:44:2b:e5:a9:
6b:ab:44:3c:f7:73:b1:11:fd:42:61:68:78:0b:be:5c:5f:f8:
7b:d4:03:17:34:b7:ba:47:b8:51:31:32:c6:0c:ab:6f:9b:d6:
6b:fd:59:0f:fa:c5:1c:ab:25:34:f3:a5:65:6d:14:99:22:6d:
47:a1:5e:fc:74:4a:0d:70:9e:20:e2:85:4d:c2:e9:b1:58:b8:
da:0b:96:4c:11:de:de:21:20:df:63:21:78:99:b3:df:00:03:
e9:4d:f6:7c:bf:09:39:62:ee:86:81:05:2f:2b:98:6b:bb:a4:
47:03:e7:3a:90:2e:47:fd:79:cd:cc:fb:db:b1:a9:b3:a6:95:
0f:aa:b3:0c:74:be:85:95:a2:f1:77:1b:8a:8b:85:39:a9:36:
dc:1c:0b:33:5f:21:96:78:9f:10:c4:50:50:11:9e:da:60:75:
0d:cd:7f:57:24:3d:31:f8:e2:20:5c:b8:de:d5:3c:03:ab:4e:
0b:5c:c9:3c:d4:0e:fa:e3:7c:37:4d:a9:1b:6b:a0:85:8e:10:
27:1f:4d:f9:43:c1:f1:39:10:62:f7:2b:6b:02:9c:07:fa:ed:
ae:b9:84:dd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHQY3M/IEO+5tLPomkq0w+O9yIxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIxMDBaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzYWQ1NzkzY2RmYzliMjFkOWI4OTEwYWRjODQwZjk3NWY1MWQ3YjFkMjZi
YmI3N2E1MjU3NWMwOTY4MTIwYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjtX3M2Nwwuu2kLEliL4JWJcNedxFgFWxZJDvx0C+doAfCrm4iuxUPp0GeA
g4mQo8SKKQcdUsGGbjll+YrH6WooEkVQHiuvitb/bNbN2ITDD005D5V+DZwodVMh
QIx0Vbk8zwRanRUHhWrBPyDwphYyJvrrLTldWhEoqFTK+OludQpGGmp/4BXvzrj9
fRjrWDQfB7ijLhWDA6phYNh6R1aVX3bjoglbbhKNMTEwfxvEkyUb+gVxZRc0FOHg
cX3dR+02MP79FDMliYrr7APk5nLRwWgOnE0mOWkfnNzvSiceM7aFaD16aBJE37ea
k85EJeHvhMMPkVWTg/PMbWQi1cMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRPXz6B
3p/mSXovnF/M5ql57Z6SyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ2YzcyOTQtMTVmMi00Nzk0LTlhN2YtNzcxMTk3OTk4MTVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNg
wDANBgkqhkiG9w0BAQsFAAOCAQEAvW4WIE1feV+Y21/TrC3flY0cfclWck9AhYYd
byB/LQ1EK+Wpa6tEPPdzsRH9QmFoeAu+XF/4e9QDFzS3uke4UTEyxgyrb5vWa/1Z
D/rFHKslNPOlZW0UmSJtR6Fe/HRKDXCeIOKFTcLpsVi42guWTBHe3iEg32MheJmz
3wAD6U32fL8JOWLuhoEFLyuYa7ukRwPnOpAuR/15zcz727Gps6aVD6qzDHS+hZWi
8XcbiouFOak23BwLM18hlnifEMRQUBGe2mB1Dc1/VyQ9MfjiIFy43tU8A6tOC1zJ
PNQO+uN8N02pG2ughY4QJx9N+UPB8TkQYvcrawKcB/rtrrmE3Q==
-----END CERTIFICATE-----
Generated at Tue May 12 22:59:06 2026 by rpki-client