Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/528c97d8-1890-4c86-9eee-907363f046e1.roa
File: 528c97d8-1890-4c86-9eee-907363f046e1.roa (raw, json)
Hash identifier: BNJuEuQbxl7Hwpd06t/Neg4jY0wg660MUi6uKSJzSk4=
Subject key identifier: 67:D6:4C:49:4A:17:4C:0F:2C:5B:C3:E9:1F:39:B1:EA:5D:4E:C0:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74A4F3FB3354352E283A7266DA0C2481AE746C90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/528c97d8-1890-4c86-9eee-907363f046e1.roa
Signing time: Mon 04 May 2026 15:30:39 +0000
ROA not before: Mon 04 May 2026 15:30:39 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:a4:f3:fb:33:54:35:2e:28:3a:72:66:da:0c:24:81:ae:74:6c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:39 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=15bf04f0f1e204e934e06899ea05effb40f55e158f5f496117494d9cb2f57f1e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d0:a6:18:78:0b:9d:86:e5:67:bb:24:69:6f:
dd:96:46:88:3a:b4:e6:56:8b:5a:e4:5b:76:a8:51:
58:88:b5:19:d5:bf:96:f6:64:d1:df:40:81:bf:01:
9e:6d:53:f6:ea:8b:76:57:7f:ec:bc:b1:ad:fa:22:
5b:eb:95:9b:8f:e2:89:f9:2f:53:99:89:2f:02:4e:
b7:04:ba:1d:5d:fc:0e:11:46:3d:1c:e7:6d:96:fe:
d6:5a:fe:c0:c0:d4:10:14:5c:d8:a6:e1:dd:2d:b1:
e5:43:50:7b:fe:03:8f:7d:63:4e:f7:78:c0:20:37:
b9:36:e8:5e:8e:94:5e:90:78:b3:e1:df:04:87:cf:
0d:cf:e2:db:f5:12:fd:8e:7d:12:f4:a2:21:9e:1b:
d3:7b:f8:ce:54:ed:a6:6a:d4:dd:6c:3b:41:3c:9f:
b6:cf:43:08:ab:77:60:23:8f:20:33:0a:4b:62:29:
ae:17:99:7c:b9:28:ad:86:7f:70:fb:5f:e5:2b:74:
4d:2f:97:a7:3d:88:d9:28:d9:3a:5c:9f:33:4a:a8:
1b:44:11:ec:e2:a8:d6:eb:1b:9f:44:3c:16:69:97:
93:97:e5:7f:30:28:c7:31:d0:27:9d:0b:00:29:a4:
d5:42:f8:bb:57:a5:c2:5e:12:ee:b8:5d:9e:d7:3a:
27:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D6:4C:49:4A:17:4C:0F:2C:5B:C3:E9:1F:39:B1:EA:5D:4E:C0:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/528c97d8-1890-4c86-9eee-907363f046e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:6000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:91:eb:e3:21:53:50:04:b7:e4:f9:6a:d2:de:89:7c:39:42:
3a:5b:75:fe:fb:ce:7e:e7:44:41:0f:62:6f:52:01:90:1c:58:
5f:a5:a3:ef:5a:3f:81:5b:0d:da:45:d1:2a:bf:ad:b6:87:ff:
83:da:20:2a:77:2a:d7:75:a4:74:8d:2e:0c:ff:71:60:f8:94:
25:21:e0:52:45:ee:18:cf:a2:82:4d:48:c9:39:50:13:96:61:
00:a0:3e:f7:66:a0:97:18:35:78:0a:43:6c:78:63:ed:53:29:
12:b8:7c:a7:b3:8e:9e:0b:18:57:25:66:34:5e:4d:19:6e:94:
f3:8b:32:c2:ee:6a:35:bd:b5:18:00:0e:c3:3a:2b:dd:13:5f:
20:eb:24:b4:09:15:c7:ea:c6:df:be:2c:8b:eb:7c:02:ba:7e:
07:db:e5:21:77:4b:9a:a6:ed:f2:1f:f2:e2:c3:08:2d:c6:79:
f5:33:9d:c0:7c:73:84:4c:17:76:e2:5d:35:0c:3b:15:f1:e4:
03:ac:70:0b:09:93:3c:41:d9:5b:3a:43:b6:ac:ff:6a:fb:cd:
eb:58:9a:e3:60:aa:b5:d4:19:79:c6:32:9d:db:36:fd:0f:c2:
6d:6b:d3:a4:c5:d6:07:18:16:1f:1f:9f:a0:c1:eb:04:6a:5f:
83:e4:6d:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdKTz+zNUNS4oOnJm2gwkga50bJAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMzlaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1YmYwNGYwZjFlMjA0ZTkzNGUwNjg5OWVhMDVlZmZiNDBmNTVlMTU4ZjVm
NDk2MTE3NDk0ZDljYjJmNTdmMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDQphh4C52G5We7JGlv3ZZGiDq05laLWuRbdqhRWIi1GdW/lvZk0d9Agb8B
nm1T9uqLdld/7LyxrfoiW+uVm4/iifkvU5mJLwJOtwS6HV38DhFGPRznbZb+1lr+
wMDUEBRc2Kbh3S2x5UNQe/4Dj31jTvd4wCA3uTboXo6UXpB4s+HfBIfPDc/i2/US
/Y59EvSiIZ4b03v4zlTtpmrU3Ww7QTyfts9DCKt3YCOPIDMKS2IprheZfLkorYZ/
cPtf5St0TS+Xpz2I2SjZOlyfM0qoG0QR7OKo1usbn0Q8FmmXk5flfzAoxzHQJ50L
ACmk1UL4u1elwl4S7rhdntc6J1ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRn1kxJ
ShdMDyxbw+kfObHqXU7AgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI4Yzk3ZDgtMTg5MC00Yzg2LTllZWUtOTA3MzYzZjA0NmUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HNg
MA0GCSqGSIb3DQEBCwUAA4IBAQAbkevjIVNQBLfk+WrS3ol8OUI6W3X++85+50RB
D2JvUgGQHFhfpaPvWj+BWw3aRdEqv622h/+D2iAqdyrXdaR0jS4M/3Fg+JQlIeBS
Re4Yz6KCTUjJOVATlmEAoD73ZqCXGDV4CkNseGPtUykSuHyns46eCxhXJWY0Xk0Z
bpTzizLC7mo1vbUYAA7DOivdE18g6yS0CRXH6sbfviyL63wCun4H2+Uhd0uapu3y
H/Liwwgtxnn1M53AfHOETBd24l01DDsV8eQDrHALCZM8QdlbOkO2rP9q+83rWJrj
YKq11Bl5xjKd2zb9D8Jta9OkxdYHGBYfH5+gwesEal+D5G0K
-----END CERTIFICATE-----
Generated at Wed May 13 00:17:49 2026 by rpki-client