Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79337548-762c-432b-bf7a-72bf34db9509.roa
File: 79337548-762c-432b-bf7a-72bf34db9509.roa (raw, json)
Hash identifier: tk8PbpGJzzg7SPljtKzCGiC+pF/EROxkZ536FoqhHyY=
Subject key identifier: 17:DC:CA:B6:BC:70:90:32:A8:CC:ED:D1:E6:C8:07:3A:83:87:47:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2389DD60A7A6D16D39A898C6BC39FED4A44A92DB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79337548-762c-432b-bf7a-72bf34db9509.roa
Signing time: Mon 04 May 2026 15:30:11 +0000
ROA not before: Mon 04 May 2026 15:30:11 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:89:dd:60:a7:a6:d1:6d:39:a8:98:c6:bc:39:fe:d4:a4:4a:92:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:11 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=4a77fecd3ca3421a88ce9479d610134ea3f48213c83563df112ecd1a078545d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d1:b6:84:5b:72:fa:d5:0b:26:e4:dd:d9:2a:
7d:3a:22:07:f9:d2:6d:e8:13:89:b8:a0:f0:d4:66:
d3:46:15:ab:7e:02:ca:0f:f3:e5:4f:ca:d6:4f:cb:
31:ed:80:e4:60:90:06:a9:55:b8:76:dc:72:f2:83:
a2:55:fc:52:d0:60:cd:5a:2f:0f:a1:2a:9b:7e:a9:
9b:c0:cb:b4:45:a5:3f:60:68:ec:3a:5a:d2:96:55:
15:1e:d0:44:4d:8b:ed:5d:71:37:72:d4:8c:14:c2:
c4:12:c3:b7:55:29:af:84:6d:5e:a1:ce:49:21:86:
06:dc:65:76:dd:e8:b2:8a:0d:86:ce:78:ad:87:01:
49:db:da:e1:c1:a6:45:46:21:28:99:e5:9d:7c:33:
c1:54:a1:30:f6:46:8f:10:ca:9d:51:17:14:3d:93:
50:ca:f9:79:aa:6e:d3:9e:dd:8b:b0:d6:dd:22:52:
c0:40:2e:8f:32:90:c9:8f:44:64:ce:25:d8:c7:7d:
91:f6:d6:cc:33:f8:6b:40:fa:c0:74:e9:7c:78:9e:
1f:6f:f8:8a:65:b4:6c:0f:4b:e6:44:9d:68:28:aa:
8c:54:bb:92:07:26:3e:a0:c1:70:02:c6:f7:42:45:
a9:9a:df:bd:d9:a3:ff:6c:7e:9b:20:13:d4:f3:f7:
b5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DC:CA:B6:BC:70:90:32:A8:CC:ED:D1:E6:C8:07:3A:83:87:47:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79337548-762c-432b-bf7a-72bf34db9509.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c080::/46
Signature Algorithm: sha256WithRSAEncryption
3a:67:21:a7:bd:6f:0f:cc:c0:bc:0e:d1:06:6c:32:92:59:89:
ae:2e:0e:9b:ff:b5:ce:80:66:1a:fd:4a:76:b9:6d:90:27:ef:
c8:a3:30:cc:de:df:c5:ce:42:02:d8:59:5f:29:ca:3d:34:fb:
57:d1:e2:3b:b0:b5:8c:c2:73:8f:04:47:03:e2:4d:a1:a7:d1:
3a:de:4d:97:87:30:07:6f:28:05:c3:fe:b5:d0:7d:a9:db:5f:
f5:58:53:a5:29:81:48:7b:d4:88:5c:5d:4d:46:bc:08:d6:c4:
72:69:8d:d1:b9:8c:da:9f:78:f1:2a:ba:84:8f:c4:0d:cf:20:
f7:a6:4e:0f:7d:da:a6:41:b2:84:5e:c5:37:5c:de:68:0c:67:
e9:82:c0:ef:73:32:a2:43:97:c4:e4:a5:71:03:ba:88:3d:f6:
df:03:58:92:ff:4c:47:dc:17:9b:1b:90:e6:45:e8:93:a4:b3:
f8:56:3d:e5:52:6c:c9:3d:26:14:b0:35:60:19:63:8c:b0:97:
24:15:63:ee:9c:21:fc:2e:15:93:88:dc:1c:ba:fa:4f:2f:57:
97:71:b1:66:98:dd:f5:1e:73:b0:68:7c:44:ca:f9:68:b6:f8:
b0:b9:52:67:89:17:9a:d0:71:b0:b5:04:dd:0f:b4:7f:c5:05:
03:59:a1:96
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUI4ndYKem0W05qJjGvDn+1KRKktswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMTFaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhNzdmZWNkM2NhMzQyMWE4OGNlOTQ3OWQ2MTAxMzRlYTNmNDgyMTNjODM1
NjNkZjExMmVjZDFhMDc4NTQ1ZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPRtoRbcvrVCybk3dkqfToiB/nSbegTibig8NRm00YVq34Cyg/z5U/K1k/L
Me2A5GCQBqlVuHbccvKDolX8UtBgzVovD6Eqm36pm8DLtEWlP2Bo7Dpa0pZVFR7Q
RE2L7V1xN3LUjBTCxBLDt1Upr4RtXqHOSSGGBtxldt3osooNhs54rYcBSdva4cGm
RUYhKJnlnXwzwVShMPZGjxDKnVEXFD2TUMr5eapu057di7DW3SJSwEAujzKQyY9E
ZM4l2Md9kfbWzDP4a0D6wHTpfHieH2/4imW0bA9L5kSdaCiqjFS7kgcmPqDBcALG
90JFqZrfvdmj/2x+myAT1PP3tYkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQX3Mq2
vHCQMqjM7dHmyAc6g4dHMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzkzMzc1NDgtNzYyYy00MzJiLWJmN2EtNzJiZjM0ZGI5NTA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
gDANBgkqhkiG9w0BAQsFAAOCAQEAOmchp71vD8zAvA7RBmwyklmJri4Om/+1zoBm
Gv1KdrltkCfvyKMwzN7fxc5CAthZXynKPTT7V9HiO7C1jMJzjwRHA+JNoafROt5N
l4cwB28oBcP+tdB9qdtf9VhTpSmBSHvUiFxdTUa8CNbEcmmN0bmM2p948Sq6hI/E
Dc8g96ZOD33apkGyhF7FN1zeaAxn6YLA73MyokOXxOSlcQO6iD323wNYkv9MR9wX
mxuQ5kXok6Sz+FY95VJsyT0mFLA1YBljjLCXJBVj7pwh/C4Vk4jcHLr6Ty9Xl3Gx
Zpjd9R5zsGh8RMr5aLb4sLlSZ4kXmtBxsLUE3Q+0f8UFA1mhlg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:39:07 2026 by rpki-client