Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
File: 5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa (raw, json)
Hash identifier: VYdw3cpWO9xXnYiEJrHmL8zBOohh5oA9Ui7JKLeRg6c=
Subject key identifier: 3B:60:A1:D4:59:F1:3C:C1:DF:EC:2A:3A:F2:F1:4F:DC:D9:26:0F:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70B6DFDCAC40D15504E05F9AC83E638E0FB07FF3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
Signing time: Mon 27 Apr 2026 00:40:10 +0000
ROA not before: Mon 27 Apr 2026 00:40:10 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:b6:df:dc:ac:40:d1:55:04:e0:5f:9a:c8:3e:63:8e:0f:b0:7f:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:40:10 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=4061df7bc25d25853701cacaf0928b30d518753f017f801b7dd785c6b8e97e3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ce:d4:46:c5:2c:a9:ca:1e:b5:96:41:a5:51:
2f:22:55:8a:1f:e2:01:f8:78:16:09:a6:bf:6b:a1:
b5:98:e8:d4:ea:7d:cb:39:a0:6c:ed:83:9f:f9:7b:
61:da:58:2a:08:e6:86:41:43:10:1a:89:f5:ab:8b:
51:85:e4:57:a2:42:e4:48:00:b9:82:82:fd:e8:78:
23:7c:84:81:eb:92:62:60:1f:79:09:a7:30:c1:12:
3d:33:8a:52:68:fb:a9:45:3b:8d:b2:af:ea:fd:06:
df:c3:2c:10:ee:e2:cf:62:75:00:40:17:04:98:66:
b8:90:0a:74:62:87:94:50:da:15:bd:10:21:b8:33:
7f:10:a7:f0:d1:10:e2:78:c2:1f:cb:e3:8b:e1:9f:
39:cb:71:15:f4:56:0b:38:80:ca:aa:7e:a2:61:2c:
31:75:f3:c8:9e:6e:4d:f6:68:a7:e1:a2:03:4c:5e:
93:b4:f6:35:6b:a4:a5:b8:7b:28:81:27:d0:6b:c4:
68:42:66:2b:f6:3b:2d:07:34:75:d7:1a:02:92:7c:
0f:01:43:c6:77:b6:12:aa:1b:90:b9:64:2a:bb:74:
13:a0:c7:18:f8:ff:f1:55:21:9a:aa:62:3b:df:cd:
e8:95:54:11:65:07:7c:b3:97:be:59:68:4f:84:a9:
3a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:60:A1:D4:59:F1:3C:C1:DF:EC:2A:3A:F2:F1:4F:DC:D9:26:0F:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:e9:72:47:0e:2e:75:44:91:10:f4:e0:fc:2d:77:88:43:e3:
dd:1e:18:2a:1a:88:63:5b:bf:c2:2b:f4:e8:0a:13:68:55:60:
e0:96:1b:39:75:5c:ea:31:bc:b5:9a:ec:5f:0e:f2:ec:b8:ad:
21:6d:fd:02:f7:1a:c3:88:aa:6f:3e:49:1b:4b:19:fa:ab:d7:
23:ed:45:00:ab:04:b6:c7:9e:a9:cc:dd:08:70:ef:d4:74:39:
fb:2b:a1:27:96:ac:0a:f0:b5:9d:90:c6:51:04:ea:5c:bd:64:
1e:23:7e:b5:45:96:6a:a4:aa:19:a8:f5:d0:48:d9:b1:55:28:
d5:a3:a4:ea:50:f1:5d:78:fa:42:f2:c1:90:39:16:06:d5:ec:
4f:6a:91:f1:ad:1c:6c:4d:25:c4:97:ec:48:74:15:4c:d8:7a:
01:56:7b:77:43:11:ae:cf:d4:58:83:f6:48:39:00:70:91:d8:
b9:4b:61:97:fc:03:ba:dd:9b:3c:1d:1a:9d:fe:c8:39:9e:13:
90:4d:f8:c3:99:ff:6a:41:d6:9a:e8:4c:99:30:f4:22:8e:ad:
9f:03:f2:00:a7:7a:1f:85:50:e3:15:3a:fa:27:be:17:94:71:
a4:7a:d6:40:3e:b0:82:28:4f:39:4d:fc:e2:44:d2:d9:7d:6d:
41:44:08:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcLbf3KxA0VUE4F+ayD5jjg+wf/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDQwMTBaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNjFkZjdiYzI1ZDI1ODUzNzAxY2FjYWYwOTI4YjMwZDUxODc1M2YwMTdm
ODAxYjdkZDc4NWM2YjhlOTdlM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbO1EbFLKnKHrWWQaVRLyJVih/iAfh4Fgmmv2uhtZjo1Op9yzmgbO2Dn/l7
YdpYKgjmhkFDEBqJ9auLUYXkV6JC5EgAuYKC/eh4I3yEgeuSYmAfeQmnMMESPTOK
Umj7qUU7jbKv6v0G38MsEO7iz2J1AEAXBJhmuJAKdGKHlFDaFb0QIbgzfxCn8NEQ
4njCH8vji+GfOctxFfRWCziAyqp+omEsMXXzyJ5uTfZop+GiA0xek7T2NWukpbh7
KIEn0GvEaEJmK/Y7LQc0ddcaApJ8DwFDxne2EqobkLlkKrt0E6DHGPj/8VUhmqpi
O9/N6JVUEWUHfLOXvlloT4SpOgECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ7YKHU
WfE8wd/sKjry8U/c2SYPBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYzMDU0YjgtNTRlZS00YjhiLWFmYzgtNTMxZjI0ZDU5ZmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSA
MA0GCSqGSIb3DQEBCwUAA4IBAQC36XJHDi51RJEQ9OD8LXeIQ+PdHhgqGohjW7/C
K/ToChNoVWDglhs5dVzqMby1muxfDvLsuK0hbf0C9xrDiKpvPkkbSxn6q9cj7UUA
qwS2x56pzN0IcO/UdDn7K6EnlqwK8LWdkMZRBOpcvWQeI361RZZqpKoZqPXQSNmx
VSjVo6TqUPFdePpC8sGQORYG1exPapHxrRxsTSXEl+xIdBVM2HoBVnt3QxGuz9RY
g/ZIOQBwkdi5S2GX/AO63Zs8HRqd/sg5nhOQTfjDmf9qQdaa6EyZMPQijq2fA/IA
p3ofhVDjFTr6J74XlHGketZAPrCCKE85TfziRNLZfW1BRAgN
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:30 2026 by rpki-client