Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/716a6c84-1e33-4881-b86c-cbc8a06c5f9c.roa
File: 716a6c84-1e33-4881-b86c-cbc8a06c5f9c.roa (raw, json)
Hash identifier: s7q7B3jGkvFuAG69jn6NyyecjE/pyD7HbUBj1694i0s=
Subject key identifier: 8C:A7:52:72:70:4D:B7:35:C0:EB:2D:D2:2B:DE:A7:50:E7:A5:ED:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0320B96A29E3A415C751EE011A7E36068D81BB7F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/716a6c84-1e33-4881-b86c-cbc8a06c5f9c.roa
Signing time: Sat 02 May 2026 01:20:07 +0000
ROA not before: Sat 02 May 2026 01:20:07 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:20:b9:6a:29:e3:a4:15:c7:51:ee:01:1a:7e:36:06:8d:81:bb:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:20:07 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=30830f6f7cf541b167aada0bb7eca05294d70c2c10b9ec8b0184e5be6cbc4b77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:dd:98:69:a7:92:c5:5f:d1:e1:b4:33:ea:70:
26:64:da:2e:a2:eb:d4:69:dd:4b:e6:be:cd:7c:f9:
87:f1:95:3f:c0:1b:56:59:0f:7c:d6:d8:05:b5:9a:
ef:34:75:32:62:34:61:de:29:6b:65:48:53:6f:c7:
53:24:d5:59:42:83:9c:5d:2a:05:eb:f2:80:4a:01:
0f:d0:6d:94:b9:da:e5:27:aa:e7:0c:21:18:47:63:
ca:bf:c2:09:e2:2a:4e:d5:fd:05:d1:50:32:63:5a:
6d:fb:d1:bc:27:ab:bc:6f:2e:34:58:c6:af:19:77:
d8:22:81:80:f6:a2:b9:a2:85:66:01:d7:34:6c:21:
a1:8e:f2:08:90:47:15:d3:b2:f5:d5:42:13:2a:64:
e5:5f:19:d3:2f:59:cc:5d:b6:0e:c7:2d:36:47:a7:
52:b9:bf:08:84:bc:d9:49:bc:db:a9:bd:12:13:ad:
09:9e:d9:10:61:39:d7:dc:54:4f:21:60:64:87:18:
01:b1:7e:21:bb:e0:9a:3b:4c:4a:f6:e3:1e:9a:f5:
ca:fb:2e:a2:b1:de:51:6b:f6:d0:2a:ec:f2:bd:85:
2e:35:39:b1:97:06:55:1c:49:c6:54:78:9b:cb:24:
83:2b:6c:b6:63:14:58:18:7e:44:85:78:f4:60:ca:
d7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A7:52:72:70:4D:B7:35:C0:EB:2D:D2:2B:DE:A7:50:E7:A5:ED:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/716a6c84-1e33-4881-b86c-cbc8a06c5f9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
02:7a:da:d3:ae:82:81:29:97:7f:a3:7f:51:64:9b:3b:5b:e9:
a4:40:71:8d:2b:60:85:e9:75:08:30:91:1f:02:c3:ec:5c:00:
e1:d2:37:c7:b1:c4:1c:17:ee:13:40:1c:39:82:4b:97:e2:53:
ab:4d:5e:b5:b7:81:1b:65:c1:27:2b:9a:ed:64:74:9c:0f:02:
b5:11:8f:bc:63:fd:8f:d4:80:ac:65:c7:a8:26:77:43:d5:9e:
10:7c:fa:ee:a6:be:ef:52:53:65:d0:22:48:79:02:35:9a:0d:
2d:3d:c6:04:fc:a1:21:1c:b0:d6:e5:2d:e1:a7:3f:eb:22:b3:
14:22:41:08:48:1a:8f:56:b4:49:bd:4b:8e:35:35:fe:30:26:
1c:c2:fe:ac:fd:74:54:4a:67:51:25:03:53:34:1a:6b:43:3e:
ab:1a:e4:07:55:a8:31:16:8e:b1:7a:5b:8a:7b:22:3c:44:12:
36:02:b6:a6:c0:8f:14:f0:1e:0c:74:3d:35:ac:e6:09:b7:53:
cf:99:7c:4b:88:1c:4c:e8:09:70:cc:b8:c2:b5:70:95:8d:d5:
e9:25:9e:9e:37:83:77:5d:1e:df:4c:9e:83:73:8b:f1:1d:62:
71:cc:4f:18:a5:e3:b7:7b:ff:6e:a0:9c:63:8a:7b:b3:4b:9b:
01:6c:67:a4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAyC5ainjpBXHUe4BGn42Bo2Bu38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTIwMDdaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwODMwZjZmN2NmNTQxYjE2N2FhZGEwYmI3ZWNhMDUyOTRkNzBjMmMxMGI5
ZWM4YjAxODRlNWJlNmNiYzRiNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvdmGmnksVf0eG0M+pwJmTaLqLr1GndS+a+zXz5h/GVP8AbVlkPfNbYBbWa
7zR1MmI0Yd4pa2VIU2/HUyTVWUKDnF0qBevygEoBD9BtlLna5Seq5wwhGEdjyr/C
CeIqTtX9BdFQMmNabfvRvCervG8uNFjGrxl32CKBgPaiuaKFZgHXNGwhoY7yCJBH
FdOy9dVCEypk5V8Z0y9ZzF22DsctNkenUrm/CIS82Um826m9EhOtCZ7ZEGE519xU
TyFgZIcYAbF+IbvgmjtMSvbjHpr1yvsuorHeUWv20Crs8r2FLjU5sZcGVRxJxlR4
m8skgytstmMUWBh+RIV49GDK12kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSMp1Jy
cE23NcDrLdIr3qdQ56XtBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzE2YTZjODQtMWUzMy00ODgxLWI4NmMtY2JjOGEwNmM1ZjljLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GqQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAAnra066CgSmXf6N/UWSbO1vppEBxjStghel1
CDCRHwLD7FwA4dI3x7HEHBfuE0AcOYJLl+JTq01etbeBG2XBJyua7WR0nA8CtRGP
vGP9j9SArGXHqCZ3Q9WeEHz67qa+71JTZdAiSHkCNZoNLT3GBPyhIRyw1uUt4ac/
6yKzFCJBCEgaj1a0Sb1LjjU1/jAmHML+rP10VEpnUSUDUzQaa0M+qxrkB1WoMRaO
sXpbinsiPEQSNgK2psCPFPAeDHQ9NazmCbdTz5l8S4gcTOgJcMy4wrVwlY3V6SWe
njeDd10e30yeg3OL8R1iccxPGKXjt3v/bqCcY4p7s0ubAWxnpA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:18 2026 by rpki-client