Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
File: 7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa (raw, json)
Hash identifier: 0y9DiLNtC38lTVyIrJ7pOQeu3Mb/UwZvfzdjYRdiMIU=
Subject key identifier: 30:44:FD:BC:5D:E1:EE:0D:97:F5:15:12:10:3B:A5:CB:B8:3B:FD:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09D10D0DED59C437ADE1970EDCFBC650F4C82E0E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
Signing time: Wed 06 May 2026 00:00:08 +0000
ROA not before: Wed 06 May 2026 00:00:08 +0000
ROA not after: Tue 04 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:d1:0d:0d:ed:59:c4:37:ad:e1:97:0e:dc:fb:c6:50:f4:c8:2e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 6 00:00:08 2026 GMT
Not After : Aug 4 23:59:59 2026 GMT
Subject: serialNumber=b825bba75cc6a3e7261f2abd49b6aacdaa5a37460605142c2cff7fd39688dd71, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:6e:a8:47:e0:af:6d:a7:df:36:a2:27:50:
a7:cb:7e:13:97:89:3e:f8:b5:ea:21:df:70:56:2b:
ef:96:67:c2:2d:b7:8e:ee:88:63:cc:68:7b:cb:f1:
d8:20:8f:45:f9:9f:f8:76:69:da:83:45:ef:a4:37:
dc:d2:93:de:d9:43:a7:44:8c:17:50:a1:3d:72:c7:
0c:38:09:c4:36:b1:7f:d2:35:8a:07:db:ce:e0:f5:
38:3b:3b:d9:b3:e5:c3:b9:82:dc:ee:bc:23:ef:0e:
eb:00:3a:64:50:a1:97:ae:12:92:bb:47:bd:4a:42:
fc:d2:c9:44:55:28:09:bb:2f:46:76:c7:2d:8d:12:
95:d9:03:d3:7d:89:cd:79:23:b8:b8:01:ed:93:2b:
41:c3:34:95:67:c3:20:ad:e8:3b:eb:1a:6f:e3:25:
df:a2:bb:1d:db:0d:93:06:43:98:c1:2e:29:ea:ea:
34:d7:43:1b:92:ed:e3:33:dc:e6:75:55:46:46:08:
50:fe:c4:9f:a3:6d:75:cc:ad:5c:1c:3c:ea:9d:a4:
60:31:b2:47:9f:77:c1:25:8e:9a:6d:08:bf:14:d3:
1b:2a:e2:af:40:db:50:79:ff:0a:30:99:55:78:42:
c4:ef:f9:0d:4f:82:7f:d9:d7:be:ad:ad:81:49:37:
82:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:44:FD:BC:5D:E1:EE:0D:97:F5:15:12:10:3B:A5:CB:B8:3B:FD:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/42
Signature Algorithm: sha256WithRSAEncryption
14:ab:c8:0d:86:3e:6e:60:9d:fb:55:0b:6f:2a:71:cb:12:f0:
5a:3a:37:04:fd:8a:4b:27:b8:d9:49:06:68:bf:8f:b7:96:fc:
f0:7f:03:d5:f5:86:5a:b3:c8:84:0f:d8:a6:d6:9a:0f:ad:4f:
3f:16:31:cb:c6:34:4d:3c:ad:0c:3c:d4:b2:43:3d:ea:59:9b:
6f:cc:6a:06:e7:d6:9f:80:e0:b7:d8:35:89:0b:cf:73:09:6c:
ef:25:45:5a:91:69:83:76:89:1a:47:42:dd:b7:96:fe:81:b2:
f4:fa:04:76:da:b1:89:5f:15:97:8e:05:a1:97:d8:27:bd:82:
9b:04:b0:bd:ad:2b:e8:40:0a:75:ae:41:02:ac:d7:4e:38:30:
ca:2f:00:b6:1b:60:d6:79:7d:63:5e:f2:10:d0:a4:ce:c5:80:
6e:7e:54:72:9d:73:47:93:b0:02:cb:2e:d8:87:e9:de:b9:e0:
e4:68:43:c5:11:15:52:d2:1e:7f:93:5e:7a:40:09:eb:44:80:
e0:e4:2f:6d:d0:00:54:47:74:02:fd:cd:4e:52:b6:fb:d4:9d:
b5:84:f4:1b:d0:ef:71:e1:1a:51:3c:2b:78:39:0e:3b:da:28:
09:4a:ae:57:b7:f7:50:63:c0:0a:17:df:35:21:73:d1:e8:7c:
1d:5a:f6:07
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCdENDe1ZxDet4ZcO3PvGUPTILg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDYwMDAwMDhaFw0yNjA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4MjViYmE3NWNjNmEzZTcyNjFmMmFiZDQ5YjZhYWNkYWE1YTM3NDYwNjA1
MTQyYzJjZmY3ZmQzOTY4OGRkNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrpbqhH4K9tp982oidQp8t+E5eJPvi16iHfcFYr75Znwi23ju6IY8xoe8vx
2CCPRfmf+HZp2oNF76Q33NKT3tlDp0SMF1ChPXLHDDgJxDaxf9I1igfbzuD1ODs7
2bPlw7mC3O68I+8O6wA6ZFChl64SkrtHvUpC/NLJRFUoCbsvRnbHLY0SldkD032J
zXkjuLgB7ZMrQcM0lWfDIK3oO+sab+Ml36K7HdsNkwZDmMEuKerqNNdDG5Lt4zPc
5nVVRkYIUP7En6NtdcytXBw86p2kYDGyR593wSWOmm0IvxTTGyrir0DbUHn/CjCZ
VXhCxO/5DU+Cf9nXvq2tgUk3gv0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQwRP28
XeHuDZf1FRIQO6XLuDv9MDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2YzNDUyY2MtYTJmYi00NWNhLTk2MTctOGRiNDViZDNjNTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBioF0BsA
ADANBgkqhkiG9w0BAQsFAAOCAQEAFKvIDYY+bmCd+1ULbypxyxLwWjo3BP2KSye4
2UkGaL+Pt5b88H8D1fWGWrPIhA/YptaaD61PPxYxy8Y0TTytDDzUskM96lmbb8xq
BufWn4Dgt9g1iQvPcwls7yVFWpFpg3aJGkdC3beW/oGy9PoEdtqxiV8Vl44FoZfY
J72CmwSwva0r6EAKda5BAqzXTjgwyi8Athtg1nl9Y17yENCkzsWAbn5Ucp1zR5Ow
Assu2Ifp3rng5GhDxREVUtIef5NeekAJ60SA4OQvbdAAVEd0Av3NTlK2+9SdtYT0
G9DvceEaUTwreDkOO9ooCUquV7f3UGPAChffNSFz0eh8HVr2Bw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:32 2026 by rpki-client