Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
File: 4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa (raw, json)
Hash identifier: 9VbgZ0tSwSWgsjDtdN62zdoMiyzrzGGmj7FvhyVJI0Q=
Subject key identifier: 83:22:46:9F:9F:58:76:EC:88:5D:81:49:C2:31:BD:9A:C3:E1:0E:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 505956ECCD85F8927CD87F3B35C686C988648E0B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
Signing time: Mon 11 May 2026 01:50:41 +0000
ROA not before: Mon 11 May 2026 01:50:41 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:59:56:ec:cd:85:f8:92:7c:d8:7f:3b:35:c6:86:c9:88:64:8e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:41 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=e5aa7f1c997f1e8d040e36e3991e5687c8271844daa18ca76a9433c2569f4d4c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ac:ce:56:3c:cf:26:6e:28:0c:da:eb:bd:0a:
a9:ad:e7:65:92:3c:f8:9d:bf:8c:25:aa:4d:9b:0f:
b9:32:48:83:08:3c:5c:b3:72:53:91:14:c9:8a:99:
12:b7:fc:65:fa:bf:b1:11:78:c4:fb:fc:4e:2a:09:
b0:ac:c4:d5:ac:aa:bc:ad:44:c1:78:13:25:f7:00:
a1:ce:86:96:bf:13:7d:98:6f:63:c4:cb:6c:61:b5:
b4:0c:91:14:cd:0c:b5:0b:93:f0:29:83:f1:66:1f:
ff:e3:9d:ad:7a:2a:ad:23:5f:f8:21:50:02:9c:15:
6f:b3:43:02:70:c9:3a:6e:97:b1:33:ca:5f:48:6e:
44:f3:d1:bf:23:2c:12:e4:4a:a1:4c:4f:4b:36:80:
7d:10:43:a6:33:a9:63:9d:f9:08:d5:02:8f:80:f2:
61:f7:7f:ae:f4:29:a4:4b:13:af:21:b7:a9:2b:f1:
39:50:96:a7:61:f6:b9:3a:a9:60:ba:13:6d:bb:6a:
6a:ba:dc:b7:7c:43:ca:7a:73:19:af:cf:20:42:d8:
72:04:78:b6:d8:22:95:8f:4f:e7:2d:10:a7:97:4d:
3d:18:67:7b:e9:41:8d:0b:86:1c:69:94:5c:a3:68:
34:ca:0c:e9:e1:a2:56:6c:27:00:8c:d3:5b:53:8a:
d2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:22:46:9F:9F:58:76:EC:88:5D:81:49:C2:31:BD:9A:C3:E1:0E:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
14:9a:b8:2d:e4:fd:16:cd:ff:45:3c:02:6b:e5:69:31:6e:d4:
ad:f1:e9:ec:60:96:cd:08:d3:90:b7:2c:b4:55:06:77:b0:0b:
3a:91:83:2a:65:6b:52:98:96:28:b3:08:c6:3c:ea:6a:1e:64:
a1:92:6f:72:9b:94:27:bb:e1:f4:ee:8c:e3:17:e6:e4:f0:85:
e9:a2:76:2d:72:de:4c:f5:c8:b9:33:e4:86:f3:bf:cf:58:cb:
b5:00:69:7a:53:37:e2:62:bf:77:55:9a:0d:9d:ca:80:04:f8:
9c:2e:09:4e:a5:f7:f2:96:1f:b7:91:7c:2d:36:2a:54:be:1a:
c7:4e:05:9e:f9:54:85:6b:7d:5e:e8:6d:e3:c2:2b:ad:be:3e:
5b:27:16:68:ed:9e:3d:16:3b:bc:42:74:68:0b:4b:15:9e:d9:
3f:c8:a5:27:b3:83:5e:6c:c2:2e:d2:ce:92:30:69:4c:9c:93:
43:fa:33:cf:e8:2e:d4:a7:46:78:0a:45:65:ee:58:ce:77:c6:
e8:87:0d:ff:4a:d5:79:0c:ca:ef:79:95:67:5b:6e:2f:8f:80:
31:84:af:c1:4d:c5:7b:f8:14:25:88:17:af:6e:8f:7b:03:5e:
31:20:6e:c9:1b:02:65:34:d1:fe:04:79:0b:7a:3b:f0:77:be:
fa:b7:9c:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUFlW7M2F+JJ82H87NcaGyYhkjgswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwNDFaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1YWE3ZjFjOTk3ZjFlOGQwNDBlMzZlMzk5MWU1Njg3YzgyNzE4NDRkYWEx
OGNhNzZhOTQzM2MyNTY5ZjRkNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOSszlY8zyZuKAza670Kqa3nZZI8+J2/jCWqTZsPuTJIgwg8XLNyU5EUyYqZ
Erf8Zfq/sRF4xPv8TioJsKzE1ayqvK1EwXgTJfcAoc6Glr8TfZhvY8TLbGG1tAyR
FM0MtQuT8CmD8WYf/+OdrXoqrSNf+CFQApwVb7NDAnDJOm6XsTPKX0huRPPRvyMs
EuRKoUxPSzaAfRBDpjOpY535CNUCj4DyYfd/rvQppEsTryG3qSvxOVCWp2H2uTqp
YLoTbbtqarrct3xDynpzGa/PIELYcgR4ttgilY9P5y0Qp5dNPRhne+lBjQuGHGmU
XKNoNMoM6eGiVmwnAIzTW1OK0o8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDIkaf
n1h27IhdgUnCMb2aw+EOCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGJhNTRlNGYtMDI5NC00ZTgzLTgwMzctN2QyNjZjMzdmMGM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQAUmrgt5P0Wzf9FPAJr5WkxbtSt8ensYJbNCNOQ
tyy0VQZ3sAs6kYMqZWtSmJYoswjGPOpqHmShkm9ym5Qnu+H07ozjF+bk8IXponYt
ct5M9ci5M+SG87/PWMu1AGl6UzfiYr93VZoNncqABPicLglOpffylh+3kXwtNipU
vhrHTgWe+VSFa31e6G3jwiutvj5bJxZo7Z49Fju8QnRoC0sVntk/yKUns4NebMIu
0s6SMGlMnJND+jPP6C7Up0Z4CkVl7ljOd8bohw3/StV5DMrveZVnW24vj4AxhK/B
TcV7+BQliBevbo97A14xIG7JGwJlNNH+BHkLejvwd776t5yr
-----END CERTIFICATE-----
Generated at Tue May 12 23:38:30 2026 by rpki-client