Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
File: 8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa (raw, json)
Hash identifier: 8Oj4HvB5Ei4w8XBGUcdPFNou+jxIci4MCvwQByx3R68=
Subject key identifier: 88:A9:88:91:82:3E:AA:F1:ED:43:F8:D1:3E:A2:FB:3D:E7:11:A6:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 017639CC5A2D5DE5B2BBC1E7FD6D18809FC00623
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
Signing time: Mon 04 May 2026 15:20:09 +0000
ROA not before: Mon 04 May 2026 15:20:09 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:76:39:cc:5a:2d:5d:e5:b2:bb:c1:e7:fd:6d:18:80:9f:c0:06:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:09 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=699e5fc6479554916db00965a683d11c1be800998a93e4f67bb57dd71d8c7ee3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2a:63:09:0e:0a:b3:a0:0d:f3:45:aa:b5:d3:
bf:5b:9f:1d:34:77:86:0f:bd:99:39:91:68:da:87:
48:1f:83:d8:c3:be:27:d2:7a:c8:8d:16:4d:3f:05:
33:b6:d9:14:42:57:95:cc:83:e1:f9:c3:8f:81:b9:
c6:72:98:3a:14:78:5b:13:09:6b:0d:34:41:e8:1a:
b5:90:d3:d4:89:b8:b9:a2:06:0d:83:e5:41:d1:aa:
e4:94:93:ce:51:23:9d:3e:99:81:a0:0a:35:b6:2b:
2a:48:4f:95:02:e4:1b:26:9d:84:ea:cd:a0:14:a8:
8f:a7:81:32:f4:af:d5:a2:c9:a5:2c:58:46:ed:ee:
9f:27:00:0b:6b:fb:f3:c0:e7:10:04:e7:b3:cf:54:
23:75:93:00:21:c7:ab:6c:15:b1:99:4f:fb:3a:d8:
ab:5b:36:f3:a2:7e:1d:5d:de:2c:b6:56:3c:5f:f7:
be:bb:59:e8:2e:b2:cc:35:42:ed:c9:b7:37:7c:af:
c4:e2:58:53:ba:14:b1:3f:5f:da:9b:18:91:63:ee:
0c:8f:7c:f8:03:05:e4:3b:a8:1b:e3:35:e9:be:bc:
d4:1f:fa:f6:99:bd:01:0a:2e:6d:9e:d0:7d:83:f8:
1f:16:b6:da:ac:68:5d:9c:9c:16:06:47:e5:0e:0c:
85:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A9:88:91:82:3E:AA:F1:ED:43:F8:D1:3E:A2:FB:3D:E7:11:A6:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9040::/46
Signature Algorithm: sha256WithRSAEncryption
68:93:52:3e:47:c8:6b:4c:74:52:b9:12:d0:1d:bf:a1:bb:e7:
64:41:56:e6:5f:0e:87:fa:ed:35:2f:5c:90:cb:d4:ec:fb:32:
45:ea:ce:04:d1:de:b3:c1:51:36:d3:70:d3:b5:e2:1f:5e:ff:
b8:08:e5:21:1e:60:0a:da:92:de:17:a9:22:54:af:08:67:df:
40:9c:1a:31:34:ad:58:cd:8e:1f:06:6a:72:1e:2d:d4:6d:c3:
6b:2b:d8:2c:e2:04:1b:03:0b:c4:9c:0f:89:db:7d:4c:cc:05:
2a:cf:2a:04:2a:b3:c9:77:91:30:25:81:6d:f0:61:1d:ec:38:
ab:97:c2:8c:e2:dd:15:eb:a2:7b:65:50:70:63:ce:b7:7c:1a:
2c:b4:a6:5d:7b:e3:83:65:a7:b3:82:a7:dd:34:6c:a3:fb:64:
04:47:ca:f6:17:37:75:bd:2d:b5:43:50:36:d0:b8:5b:6e:48:
a5:29:54:8a:70:2c:12:69:ee:20:7b:a7:39:1b:34:fe:e7:35:
47:b8:3b:ac:05:0c:ba:f9:94:68:1b:d1:5e:7a:75:ef:08:df:
0f:48:be:58:38:9d:2a:8c:f2:ed:ca:ce:e7:f3:c1:ab:7f:66:
51:1d:19:c6:b1:74:c9:20:25:9d:f5:21:6e:4a:5e:1b:fd:34:
27:12:24:d4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAXY5zFotXeWyu8Hn/W0YgJ/ABiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwMDlaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5OWU1ZmM2NDc5NTU0OTE2ZGIwMDk2NWE2ODNkMTFjMWJlODAwOTk4YTkz
ZTRmNjdiYjU3ZGQ3MWQ4YzdlZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEqYwkOCrOgDfNFqrXTv1ufHTR3hg+9mTmRaNqHSB+D2MO+J9J6yI0WTT8F
M7bZFEJXlcyD4fnDj4G5xnKYOhR4WxMJaw00QegatZDT1Im4uaIGDYPlQdGq5JST
zlEjnT6ZgaAKNbYrKkhPlQLkGyadhOrNoBSoj6eBMvSv1aLJpSxYRu3unycAC2v7
88DnEATns89UI3WTACHHq2wVsZlP+zrYq1s286J+HV3eLLZWPF/3vrtZ6C6yzDVC
7cm3N3yvxOJYU7oUsT9f2psYkWPuDI98+AMF5DuoG+M16b681B/69pm9AQoubZ7Q
fYP4Hxa22qxoXZycFgZH5Q4MhVMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSIqYiR
gj6q8e1D+NE+ovs95xGmtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODUxOGI4MWQtYzcwMC00ZDNmLThlZjQtNWFiZThkMzQ4ZDNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAaJNSPkfIa0x0UrkS0B2/obvnZEFW5l8Oh/rt
NS9ckMvU7PsyRerOBNHes8FRNtNw07XiH17/uAjlIR5gCtqS3hepIlSvCGffQJwa
MTStWM2OHwZqch4t1G3DayvYLOIEGwMLxJwPidt9TMwFKs8qBCqzyXeRMCWBbfBh
Hew4q5fCjOLdFeuie2VQcGPOt3waLLSmXXvjg2Wns4Kn3TRso/tkBEfK9hc3db0t
tUNQNtC4W25IpSlUinAsEmnuIHunORs0/uc1R7g7rAUMuvmUaBvRXnp17wjfD0i+
WDidKozy7crO5/PBq39mUR0ZxrF0ySAlnfUhbkpeG/00JxIk1A==
-----END CERTIFICATE-----
Generated at Tue May 12 23:15:18 2026 by rpki-client