Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
File: 7cde858d-62b0-4607-8c80-6907e7e92d59.roa (raw, json)
Hash identifier: MGznUA1LO/vEfaFDm91KSJVOMPB9tU8NUyKQrGcw22I=
Subject key identifier: C0:EA:67:73:BC:92:B7:F6:D4:C9:BD:65:3C:60:2A:F2:09:46:B1:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 377CB7B8099448BE8C5D6A771522598E1E5462E2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
Signing time: Fri 08 May 2026 03:20:05 +0000
ROA not before: Fri 08 May 2026 03:20:05 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:7c:b7:b8:09:94:48:be:8c:5d:6a:77:15:22:59:8e:1e:54:62:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:05 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=0bc164a3f5f8f192421905ac1cdbeb416f15f42322c9953ea8535ecb4658c0c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:32:b6:71:6b:ba:31:d2:94:76:32:5c:91:a3:
99:33:01:99:d8:34:50:97:7f:1e:1e:9f:c3:98:dd:
b0:65:48:ae:03:da:18:b8:00:da:ea:89:3a:36:f2:
51:9b:1b:43:dd:6f:b6:5c:31:e4:c7:6a:dc:f9:93:
d4:76:5b:0b:fe:88:a9:a1:9b:c7:06:dc:b8:87:32:
a6:d8:cb:03:c4:16:68:be:5c:ea:f0:1a:15:c7:1d:
91:40:d1:97:03:0c:ef:26:5a:f9:ab:ed:0f:42:43:
f8:e0:72:8d:81:da:a0:45:6d:7d:82:6d:6d:3c:97:
84:a5:c8:3c:6e:8b:35:af:01:08:22:67:57:08:b0:
91:2b:1d:4c:7c:2c:4f:0c:c2:19:ef:48:0c:98:60:
85:45:49:e2:ff:40:1c:1e:b1:c3:93:84:29:54:aa:
70:b3:ed:1e:b4:76:fb:cc:90:fd:0f:bb:a7:3e:58:
84:19:af:51:64:bf:2b:87:fa:12:2e:b2:77:75:46:
8d:84:6f:70:44:ec:b8:87:32:ee:43:54:a4:0d:be:
5a:bd:16:7b:ae:91:0f:38:b8:85:80:1f:68:a2:19:
da:97:51:c9:72:c2:6b:08:a9:33:72:21:9a:b3:b6:
8e:f3:da:61:c7:cc:f6:b4:38:2a:fd:c7:2c:99:84:
24:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:EA:67:73:BC:92:B7:F6:D4:C9:BD:65:3C:60:2A:F2:09:46:B1:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
03:df:fd:16:a1:8c:67:4d:f5:f9:6f:33:72:de:fc:c2:fb:a2:
ad:11:85:0b:e4:1c:29:2b:e6:b6:f2:64:9f:2a:fe:af:5a:d9:
92:87:32:f3:ad:54:ce:cc:66:bd:27:df:3a:21:a2:ca:12:75:
5d:d6:6a:4d:08:3b:43:07:d4:f0:69:dd:23:1e:cf:07:bf:02:
4c:d3:ca:20:51:c3:6a:a8:34:63:2d:5e:b6:8c:03:56:6b:02:
94:96:e9:1f:c1:56:9b:23:8b:fe:14:76:6b:48:4d:bc:68:5b:
20:85:8d:3a:8a:17:1c:3b:26:7c:69:1d:71:b9:10:04:0d:57:
75:72:3a:46:97:8d:67:20:fc:69:d2:8b:7a:b9:ff:5a:d7:15:
60:93:c6:0a:8f:63:7b:7e:33:a2:1a:25:e7:33:57:aa:57:b3:
89:4b:2c:c5:de:04:84:de:43:b5:e0:39:57:f7:5b:c0:a8:aa:
56:c7:df:20:74:be:da:a3:5b:15:3e:c1:72:73:d8:91:71:8f:
d1:17:6e:28:ff:4f:33:80:26:45:db:3d:34:0d:d2:1e:62:3c:
e9:69:f7:00:ab:d3:01:ec:f8:7a:e6:94:66:82:09:a1:0d:2c:
88:8e:3b:76:47:12:fe:ff:4f:2f:00:e8:b7:fc:fc:e0:cf:8a:
e9:f9:10:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN3y3uAmUSL6MXWp3FSJZjh5UYuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMDVaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiYzE2NGEzZjVmOGYxOTI0MjE5MDVhYzFjZGJlYjQxNmYxNWY0MjMyMmM5
OTUzZWE4NTM1ZWNiNDY1OGMwYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsytnFrujHSlHYyXJGjmTMBmdg0UJd/Hh6fw5jdsGVIrgPaGLgA2uqJOjby
UZsbQ91vtlwx5Mdq3PmT1HZbC/6IqaGbxwbcuIcyptjLA8QWaL5c6vAaFccdkUDR
lwMM7yZa+avtD0JD+OByjYHaoEVtfYJtbTyXhKXIPG6LNa8BCCJnVwiwkSsdTHws
TwzCGe9IDJhghUVJ4v9AHB6xw5OEKVSqcLPtHrR2+8yQ/Q+7pz5YhBmvUWS/K4f6
Ei6yd3VGjYRvcETsuIcy7kNUpA2+Wr0We66RDzi4hYAfaKIZ2pdRyXLCawipM3Ih
mrO2jvPaYcfM9rQ4Kv3HLJmEJKECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTA6mdz
vJK39tTJvWU8YCryCUaxXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NkZTg1OGQtNjJiMC00NjA3LThjODAtNjkwN2U3ZTkyZDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQAD3/0WoYxnTfX5bzNy3vzC+6KtEYUL5BwpK+a2
8mSfKv6vWtmShzLzrVTOzGa9J986IaLKEnVd1mpNCDtDB9Twad0jHs8HvwJM08og
UcNqqDRjLV62jANWawKUlukfwVabI4v+FHZrSE28aFsghY06ihccOyZ8aR1xuRAE
DVd1cjpGl41nIPxp0ot6uf9a1xVgk8YKj2N7fjOiGiXnM1eqV7OJSyzF3gSE3kO1
4DlX91vAqKpWx98gdL7ao1sVPsFyc9iRcY/RF24o/08zgCZF2z00DdIeYjzpafcA
q9MB7Ph65pRmggmhDSyIjjt2RxL+/08vAOi3/Pzgz4rp+RAj
-----END CERTIFICATE-----
Generated at Wed May 13 00:24:33 2026 by rpki-client