Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
File: 950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa (raw, json)
Hash identifier: wjagw4JhRU8E++Z8KrhaSIroO/OBHNCM4pIjKP1GrxQ=
Subject key identifier: B4:A7:A4:BD:FF:3D:8A:5E:73:92:14:36:92:0E:35:98:94:A3:AD:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D653746471761136559BF15691B2788762172CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
Signing time: Mon 04 May 2026 15:30:14 +0000
ROA not before: Mon 04 May 2026 15:30:14 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:a0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:65:37:46:47:17:61:13:65:59:bf:15:69:1b:27:88:76:21:72:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:14 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=5e5d56fe013983daf550705d0a47ff4f4c75f244ea2d54d6067fc73b2aff704e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:90:30:d4:24:5f:9b:74:8a:d9:79:d3:06:9e:
fe:ad:24:f1:c5:34:e0:ad:1f:a7:57:ec:77:10:98:
15:ed:b1:ca:d9:cf:b7:52:4d:e1:8b:a1:64:fb:7d:
14:c3:fb:ba:83:ed:00:fb:b9:9e:24:3f:af:ba:16:
28:ca:91:35:2e:a2:53:bf:01:88:43:0f:e9:06:50:
6d:f1:ba:6b:72:54:88:da:54:0d:00:90:ec:73:b0:
ed:a7:ae:e5:0b:0c:e6:c0:19:52:a6:ac:af:94:b4:
d4:bc:b0:04:9d:10:79:33:e3:e8:86:bd:11:63:b7:
5e:f7:7c:5b:c1:99:a6:d6:48:18:ac:a7:28:c0:8c:
11:25:1e:fd:dc:ab:e5:16:cd:4a:55:2b:ae:8f:1a:
a6:a1:11:48:c1:61:9f:9e:62:54:75:be:e1:0d:31:
04:3d:49:c3:fa:c7:25:da:b3:97:8d:30:9f:96:54:
ab:2c:d9:f1:97:8d:e9:9e:7e:4c:3e:ed:6a:9c:05:
da:7d:f0:48:e5:d8:90:80:ff:98:d2:53:ef:53:c3:
ca:05:25:0e:ff:ff:58:c8:41:f4:e5:1e:51:d8:86:
15:a8:79:8b:3c:8b:ef:31:c6:a8:db:3e:c1:e3:15:
12:d8:51:a6:d0:86:6a:96:35:68:b2:03:3b:f8:3e:
9d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A7:A4:BD:FF:3D:8A:5E:73:92:14:36:92:0E:35:98:94:A3:AD:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
4c:88:67:17:ed:05:c2:59:45:af:45:a6:7f:b4:27:66:b4:de:
58:13:2b:ef:23:55:0d:cf:0d:2b:1b:84:46:eb:8f:18:b6:e6:
9b:06:28:1e:41:96:89:b6:da:a8:2f:6a:26:f7:bd:33:5f:bc:
5d:60:ce:92:0e:37:7f:31:b8:33:1b:0b:18:9b:eb:e8:d3:ec:
cb:cd:46:f6:b2:00:94:e2:26:dc:28:ca:9b:4a:00:0e:0a:d5:
44:0a:c1:47:a6:a1:68:74:5f:d3:e1:8e:ab:b0:62:83:b3:69:
35:51:f3:30:4d:2d:20:7c:c4:9d:06:f6:dd:2d:76:a2:13:3d:
ca:2b:a3:f6:be:cb:a8:4c:e3:58:b3:69:8a:a8:04:35:c9:32:
48:ca:f2:ac:b7:05:69:81:95:70:a9:37:94:9c:ee:d9:02:3b:
7e:ac:e7:18:58:46:fa:9c:33:ba:92:f2:b0:b1:97:cf:03:35:
98:f8:60:42:05:f8:eb:91:f0:00:90:d7:78:75:0a:03:92:90:
4c:63:bb:96:b8:fc:49:d7:c8:91:03:ca:45:6e:9d:10:b8:d2:
e3:75:3e:3b:01:ee:dc:73:ff:78:b8:8f:9d:63:ac:d6:64:d6:
d8:81:70:be:49:67:cb:88:6e:16:e1:17:08:01:4e:c2:ee:c4:
dd:b0:a5:cd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDWU3RkcXYRNlWb8VaRsniHYhcsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMTRaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlNWQ1NmZlMDEzOTgzZGFmNTUwNzA1ZDBhNDdmZjRmNGM3NWYyNDRlYTJk
NTRkNjA2N2ZjNzNiMmFmZjcwNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSQMNQkX5t0itl50wae/q0k8cU04K0fp1fsdxCYFe2xytnPt1JN4YuhZPt9
FMP7uoPtAPu5niQ/r7oWKMqRNS6iU78BiEMP6QZQbfG6a3JUiNpUDQCQ7HOw7aeu
5QsM5sAZUqasr5S01LywBJ0QeTPj6Ia9EWO3Xvd8W8GZptZIGKynKMCMESUe/dyr
5RbNSlUrro8apqERSMFhn55iVHW+4Q0xBD1Jw/rHJdqzl40wn5ZUqyzZ8ZeN6Z5+
TD7tapwF2n3wSOXYkID/mNJT71PDygUlDv//WMhB9OUeUdiGFah5izyL7zHGqNs+
weMVEthRptCGapY1aLIDO/g+nX8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS0p6S9
/z2KXnOSFDaSDjWYlKOtxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTUwZTlkMzctYTliNS00Yzc4LWI2NWUtYzdiNDVjYTg1MWM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOg
wDANBgkqhkiG9w0BAQsFAAOCAQEATIhnF+0FwllFr0Wmf7QnZrTeWBMr7yNVDc8N
KxuERuuPGLbmmwYoHkGWibbaqC9qJve9M1+8XWDOkg43fzG4MxsLGJvr6NPsy81G
9rIAlOIm3CjKm0oADgrVRArBR6ahaHRf0+GOq7Big7NpNVHzME0tIHzEnQb23S12
ohM9yiuj9r7LqEzjWLNpiqgENckySMryrLcFaYGVcKk3lJzu2QI7fqznGFhG+pwz
upLysLGXzwM1mPhgQgX465HwAJDXeHUKA5KQTGO7lrj8SdfIkQPKRW6dELjS43U+
OwHu3HP/eLiPnWOs1mTW2IFwvklny4huFuEXCAFOwu7E3bClzQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:12 2026 by rpki-client