Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
File: 83b951c2-f827-4554-9466-de8fd6e7ecec.roa (raw, json)
Hash identifier: DUDlEdfSABXYqDoD9WjhVOnnZonumllUPOU0TDHG094=
Subject key identifier: CB:3C:C6:4D:93:29:5C:0E:1D:D1:01:7E:D3:C5:22:8E:E7:A4:84:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C37136570CB8AAD6EB50759B2F7F276A2286C04
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
Signing time: Fri 08 May 2026 03:20:36 +0000
ROA not before: Fri 08 May 2026 03:20:36 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:37:13:65:70:cb:8a:ad:6e:b5:07:59:b2:f7:f2:76:a2:28:6c:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:36 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=cdca3ffd53c06bd7fad371fcc2c74f727abac93d9f71859f650cfef5768762f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4b:00:0a:89:f1:75:16:a0:da:01:a2:a9:e9:
7b:68:06:be:76:c6:0f:31:f5:13:2f:08:a0:19:0b:
30:50:13:bb:af:44:f5:2e:97:33:8e:2b:40:7a:55:
2b:55:76:4a:4c:1d:ef:53:ea:aa:e3:59:f2:5f:cb:
62:5c:62:ce:cf:35:15:af:cd:4e:fb:2d:b9:5a:db:
ac:ef:8b:86:a8:d3:f3:83:aa:bb:aa:8e:76:68:6a:
8d:69:4e:e0:48:cb:20:37:14:cb:fd:fe:a6:1d:7a:
cd:50:cf:31:85:e1:f7:e6:39:7f:6c:dc:7f:de:99:
06:2d:77:77:d6:9d:23:81:13:5f:2a:8b:ee:64:6d:
83:58:aa:d0:38:8d:08:56:04:c7:cc:1c:31:94:42:
ef:bd:57:c8:75:7a:44:c8:ef:5f:93:91:12:03:4b:
23:00:d2:2e:e7:ee:01:44:06:25:48:58:5f:46:97:
29:85:4f:42:72:2d:aa:cf:2d:d0:b6:4f:f8:f0:f1:
c3:0b:5e:f8:0e:06:03:ba:08:c1:fe:14:06:a1:0a:
14:fd:7b:c2:49:18:35:37:bc:33:01:00:e0:b7:f0:
fe:c3:56:82:e7:c4:c2:2a:af:7c:f5:78:ce:74:15:
54:6b:08:1b:17:26:8d:31:60:d3:60:95:11:19:f3:
65:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3C:C6:4D:93:29:5C:0E:1D:D1:01:7E:D3:C5:22:8E:E7:A4:84:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:ab:eb:24:74:b2:f0:6e:07:e0:20:fa:50:88:2e:60:72:30:
ee:22:5c:17:fa:91:35:fa:aa:01:f9:15:f5:57:7d:04:c6:33:
f1:62:d7:e8:80:44:14:b0:c3:ae:f7:cb:7b:27:e0:ce:2d:e5:
0b:fa:1e:60:65:1f:9b:5b:df:e3:83:e8:6d:2e:e2:69:63:33:
62:f9:a1:e7:be:bf:76:ef:d9:e6:9e:cf:58:4d:12:6b:8e:3c:
fa:89:94:89:ae:8b:a6:0f:7d:6a:46:90:53:b5:c9:7a:d4:f9:
7d:7d:48:9c:11:74:a0:21:04:a8:26:83:e4:c5:fd:eb:01:01:
99:d2:31:2b:a1:73:6b:57:49:de:04:54:e3:35:b8:39:18:75:
af:b7:1b:50:01:6c:7a:79:a6:02:76:77:3c:d8:75:1f:30:88:
8c:0e:9e:1f:c7:a4:ca:fe:d4:48:7e:71:81:c6:fa:1d:03:b9:
71:53:f2:d4:d5:06:0c:b9:66:ab:5e:8d:5d:f9:48:f5:9d:9b:
8e:0e:9a:e1:78:75:bd:3e:5c:d7:6f:df:2d:f6:e7:7e:d6:d3:
bc:82:99:42:16:c7:cc:bb:ce:bc:12:d4:66:ca:49:14:1c:a7:
47:23:cb:cf:e9:a1:f1:97:df:cb:15:26:5a:cf:fb:45:03:a1:
28:29:f4:39
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXDcTZXDLiq1utQdZsvfydqIobAQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMzZaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkY2EzZmZkNTNjMDZiZDdmYWQzNzFmY2MyYzc0ZjcyN2FiYWM5M2Q5Zjcx
ODU5ZjY1MGNmZWY1NzY4NzYyZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlLAAqJ8XUWoNoBoqnpe2gGvnbGDzH1Ey8IoBkLMFATu69E9S6XM44rQHpV
K1V2Skwd71PqquNZ8l/LYlxizs81Fa/NTvstuVrbrO+LhqjT84Oqu6qOdmhqjWlO
4EjLIDcUy/3+ph16zVDPMYXh9+Y5f2zcf96ZBi13d9adI4ETXyqL7mRtg1iq0DiN
CFYEx8wcMZRC771XyHV6RMjvX5OREgNLIwDSLufuAUQGJUhYX0aXKYVPQnItqs8t
0LZP+PDxwwte+A4GA7oIwf4UBqEKFP17wkkYNTe8MwEA4Lfw/sNWgufEwiqvfPV4
znQVVGsIGxcmjTFg02CVERnzZdsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLPMZN
kylcDh3RAX7TxSKO56SE2TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODNiOTUxYzItZjgyNy00NTU0LTk0NjYtZGU4ZmQ2ZTdlY2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAfq+skdLLwbgfgIPpQiC5gcjDuIlwX+pE1+qoB
+RX1V30ExjPxYtfogEQUsMOu98t7J+DOLeUL+h5gZR+bW9/jg+htLuJpYzNi+aHn
vr9279nmns9YTRJrjjz6iZSJroumD31qRpBTtcl61Pl9fUicEXSgIQSoJoPkxf3r
AQGZ0jEroXNrV0neBFTjNbg5GHWvtxtQAWx6eaYCdnc82HUfMIiMDp4fx6TK/tRI
fnGBxvodA7lxU/LU1QYMuWarXo1d+Uj1nZuODprheHW9PlzXb98t9ud+1tO8gplC
FsfMu868EtRmykkUHKdHI8vP6aHxl9/LFSZaz/tFA6EoKfQ5
-----END CERTIFICATE-----
Generated at Tue May 12 22:58:54 2026 by rpki-client