Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
File: 88e98e26-39c9-4a1c-82e8-cc63267ca942.roa (raw, json)
Hash identifier: EwiA7kdqVh6UkhAxh6wJzshFCvp9EDyjNn+XBH3ViWQ=
Subject key identifier: A2:CE:06:61:38:90:04:3B:3F:B4:2B:78:23:95:39:9D:7E:A0:37:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2902B4D966490F67660470167D0059EE526EDC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
Signing time: Mon 04 May 2026 15:20:55 +0000
ROA not before: Mon 04 May 2026 15:20:55 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:02:b4:d9:66:49:0f:67:66:04:70:16:7d:00:59:ee:52:6e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:55 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=45cfc0ccce76e71363f7bcd662ffd6ee4602693f7c21f8434dde5cc3b0f8a1c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ec:05:e2:1f:b2:0d:11:64:89:ba:d0:45:b1:
dd:bd:22:ce:84:2d:a8:98:62:6c:bb:22:28:02:d2:
ab:4d:aa:3e:8d:10:bc:31:cc:4f:23:f3:35:c0:99:
41:7d:12:6a:da:5d:83:67:cc:9e:1b:04:63:47:10:
c9:20:21:de:3d:f6:40:8c:2f:12:3e:a8:e0:a7:8d:
60:cf:96:1e:18:24:eb:5a:89:95:2c:54:1e:35:ea:
9d:de:17:4a:88:10:6a:73:6f:90:49:bb:31:92:cf:
e6:ad:77:ae:32:52:fa:98:a1:4e:95:3a:df:9f:9b:
df:e5:92:f3:81:af:1e:7b:e8:43:9e:1e:42:b5:c9:
b2:22:bc:ec:06:61:42:ed:0a:87:6b:5a:a3:ec:48:
7e:be:57:c6:c6:7a:63:0f:2d:b9:0d:25:b9:5c:85:
8d:a9:5c:cb:60:28:1c:b2:25:b7:ee:0a:ee:f7:f5:
1f:1b:2e:44:0a:32:82:40:2a:9e:8c:f8:d0:05:fd:
bf:85:96:e7:b8:e1:4c:20:9e:b7:8c:2d:56:e0:5f:
71:43:3d:2f:bb:34:39:45:10:e1:ee:bf:61:6d:88:
42:2f:e2:b3:7e:6f:12:1c:83:5b:49:64:a8:bb:52:
b5:37:1a:4a:59:32:43:a2:b7:39:c5:62:13:37:36:
37:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:CE:06:61:38:90:04:3B:3F:B4:2B:78:23:95:39:9D:7E:A0:37:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8020::/46
Signature Algorithm: sha256WithRSAEncryption
1f:3e:4d:ca:6a:68:46:ac:05:c3:0d:8b:46:51:55:d4:f7:49:
30:85:bc:55:b5:ae:ce:a6:58:64:3d:d5:6b:3f:fa:b4:be:96:
47:22:5c:0b:7f:09:e6:6b:71:4c:90:7e:4e:37:6f:b3:90:a3:
f1:da:ac:12:0f:e7:7b:24:7e:c0:68:19:ed:f8:b5:23:bc:0a:
48:6e:0f:fb:b8:43:5e:18:9d:cb:72:cf:29:48:ab:71:b5:23:
1d:52:d0:f1:09:67:ed:8d:09:64:f1:63:5d:45:8a:ad:a3:35:
61:8c:3b:81:e3:f1:24:ea:ab:5d:44:d3:c6:32:fe:1e:df:fe:
dd:eb:2d:93:bc:14:0a:e1:b0:15:5b:cf:ce:98:50:99:01:a6:
8b:9a:78:21:20:60:07:31:d8:94:88:ae:9b:ec:fc:63:43:e7:
c8:47:3f:27:1b:cd:87:d3:4b:28:f0:73:cb:43:b5:fe:a4:5b:
a1:fb:9d:32:11:d8:dc:92:8c:d1:19:b0:98:48:ae:99:99:2e:
01:91:2f:a2:bb:83:ee:81:4e:0e:08:49:be:fc:49:b8:81:f6:
a1:51:ff:54:82:49:d9:76:c3:4e:5a:8c:d1:54:e2:77:fc:9e:
a6:0b:e3:29:6d:74:66:97:ee:54:fc:4c:6b:01:84:42:18:20:
f3:c4:83:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITKQK02WZJD2dmBHAWfQBZ7lJu3DANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI2MDUwNDE1MjA1NVoXDTI2MDgwMjIzNTk1OVowejFJMEcGA1UE
BRNANDVjZmMwY2NjZTc2ZTcxMzYzZjdiY2Q2NjJmZmQ2ZWU0NjAyNjkzZjdjMjFm
ODQzNGRkZTVjYzNiMGY4YTFjMjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvewF4h+yDRFkibrQRbHdvSLOhC2omGJsuyIoAtKrTao+jRC8McxPI/M1wJlB
fRJq2l2DZ8yeGwRjRxDJICHePfZAjC8SPqjgp41gz5YeGCTrWomVLFQeNeqd3hdK
iBBqc2+QSbsxks/mrXeuMlL6mKFOlTrfn5vf5ZLzga8ee+hDnh5CtcmyIrzsBmFC
7QqHa1qj7Eh+vlfGxnpjDy25DSW5XIWNqVzLYCgcsiW37gru9/UfGy5ECjKCQCqe
jPjQBf2/hZbnuOFMIJ63jC1W4F9xQz0vuzQ5RRDh7r9hbYhCL+Kzfm8SHINbSWSo
u1K1NxpKWTJDorc5xWITNzY3xQIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFKLOBmE4
kAQ7P7QreCOVOZ1+oDf2MB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC84
OGU5OGUyNi0zOWM5LTRhMWMtODJlOC1jYzYzMjY3Y2E5NDIucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgXQc4Ag
MA0GCSqGSIb3DQEBCwUAA4IBAQAfPk3KamhGrAXDDYtGUVXU90kwhbxVta7Oplhk
PdVrP/q0vpZHIlwLfwnma3FMkH5ON2+zkKPx2qwSD+d7JH7AaBnt+LUjvApIbg/7
uENeGJ3Lcs8pSKtxtSMdUtDxCWftjQlk8WNdRYqtozVhjDuB4/Ek6qtdRNPGMv4e
3/7d6y2TvBQK4bAVW8/OmFCZAaaLmnghIGAHMdiUiK6b7PxjQ+fIRz8nG82H00so
8HPLQ7X+pFuh+50yEdjckozRGbCYSK6ZmS4BkS+iu4PugU4OCEm+/Em4gfahUf9U
gknZdsNOWozRVOJ3/J6mC+MpbXRml+5U/ExrAYRCGCDzxIOe
-----END CERTIFICATE-----
Generated at Wed May 13 00:09:02 2026 by rpki-client