Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
File: 97700b94-3ec6-472c-97f5-b54fb1f56f76.roa (raw, json)
Hash identifier: 4nbdexvNbUyubocw3ylLWrgcI2ucsNHQgIWfP7GXAhg=
Subject key identifier: 3D:3B:08:71:29:E5:42:8A:38:38:7F:8E:9B:3F:04:92:3E:A4:22:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A3D4552DC54249160D40BD93D33877411DD35A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
Signing time: Mon 04 May 2026 15:30:39 +0000
ROA not before: Mon 04 May 2026 15:30:39 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:2040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:3d:45:52:dc:54:24:91:60:d4:0b:d9:3d:33:87:74:11:dd:35:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:39 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=e0c22ac17db5ee40fb800f605e5a0270922e876c2fe27bc8438c0437ba7fd125, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:29:1d:ae:c4:ee:d1:b7:5c:cd:83:b8:27:c4:
ae:ed:c4:10:d1:02:ec:cd:1e:cf:f4:9e:8c:a5:24:
cf:63:a8:bb:8d:e2:42:89:49:95:fc:22:42:24:f3:
5a:8a:b4:0c:07:92:3d:ac:e2:8c:51:2d:e7:56:b7:
1d:5b:c9:e3:e0:f8:a7:d0:e6:2c:fb:5e:6b:97:66:
cb:3c:13:fe:bb:c9:97:d3:f3:d8:a0:0f:c9:74:f9:
55:ac:67:a0:e2:79:75:a0:26:6f:6d:d7:a0:11:ea:
46:39:49:b4:0c:2b:76:b1:82:63:44:8d:83:70:6c:
3e:1b:71:c0:f3:60:1c:f9:fa:fa:5f:b6:4d:09:e0:
79:c2:8b:a9:19:c6:20:7f:cd:3b:06:23:f0:82:1e:
1b:2f:2f:8f:a8:09:fc:04:3c:ae:cc:2d:d0:32:22:
f7:a3:d7:64:5c:04:03:4b:9f:26:0f:77:6b:04:3d:
3c:99:62:0f:e5:7d:72:ce:45:3b:c4:07:49:6f:4e:
8d:c4:d4:ac:5a:73:b8:4e:ca:23:5d:60:61:89:62:
e4:83:67:6e:d4:a8:be:ef:51:1d:fb:84:a6:47:c2:
a6:d7:2f:61:f1:45:98:b4:20:c4:ac:d3:7e:d7:b2:
aa:66:2f:41:14:39:f0:be:05:dd:6a:94:75:53:34:
20:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3B:08:71:29:E5:42:8A:38:38:7F:8E:9B:3F:04:92:3E:A4:22:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:2040::/46
Signature Algorithm: sha256WithRSAEncryption
2a:fa:34:31:73:6b:75:70:c9:e1:07:91:07:a9:2e:ee:72:14:
32:63:fa:e3:1d:bc:8a:7e:c8:66:0b:df:ec:00:74:6c:61:57:
81:57:bf:6f:4c:21:4d:71:08:59:8b:b6:41:6c:2b:62:09:82:
fb:8f:b1:e3:9d:1a:58:f0:b4:40:28:95:5b:e6:aa:83:f2:c4:
e4:2a:da:ee:a1:56:ee:77:92:ba:e5:10:00:c1:37:b3:08:47:
92:03:26:a4:16:d7:42:4f:02:2d:81:8d:09:72:b7:d8:ad:3b:
bb:fb:75:17:0b:ca:71:ce:89:9e:f9:20:be:82:9b:ab:27:8e:
88:ce:7a:fc:1d:a6:58:a2:e5:95:97:71:33:ba:ac:50:ec:57:
19:1d:6b:78:e4:52:9f:d6:2b:2c:0a:96:48:43:e9:10:4e:41:
52:10:e1:03:6a:be:f7:e6:a9:35:fb:36:52:e6:6d:18:18:72:
a6:47:7c:75:3a:8a:77:76:ec:06:e0:6d:b1:e2:d5:f2:d0:f6:
0e:a7:65:be:3b:01:8a:95:40:f2:07:2d:2c:e5:61:83:93:94:
06:0e:4a:b7:7d:42:77:ae:d6:1d:2f:c3:0f:17:b9:6f:cb:fa:
55:4e:5e:e0:a0:01:82:f9:01:07:e2:79:7a:be:13:0c:99:ab:
ea:64:b2:a6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWj1FUtxUJJFg1AvZPTOHdBHdNaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMzlaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwYzIyYWMxN2RiNWVlNDBmYjgwMGY2MDVlNWEwMjcwOTIyZTg3NmMyZmUy
N2JjODQzOGMwNDM3YmE3ZmQxMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMspHa7E7tG3XM2DuCfEru3EENEC7M0ez/SejKUkz2Oou43iQolJlfwiQiTz
Woq0DAeSPazijFEt51a3HVvJ4+D4p9DmLPtea5dmyzwT/rvJl9Pz2KAPyXT5Vaxn
oOJ5daAmb23XoBHqRjlJtAwrdrGCY0SNg3BsPhtxwPNgHPn6+l+2TQngecKLqRnG
IH/NOwYj8IIeGy8vj6gJ/AQ8rswt0DIi96PXZFwEA0ufJg93awQ9PJliD+V9cs5F
O8QHSW9OjcTUrFpzuE7KI11gYYli5INnbtSovu9RHfuEpkfCptcvYfFFmLQgxKzT
fteyqmYvQRQ58L4F3WqUdVM0IOkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ9Owhx
KeVCijg4f46bPwSSPqQiOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc3MDBiOTQtM2VjNi00NzJjLTk3ZjUtYjU0ZmIxZjU2Zjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
QDANBgkqhkiG9w0BAQsFAAOCAQEAKvo0MXNrdXDJ4QeRB6ku7nIUMmP64x28in7I
Zgvf7AB0bGFXgVe/b0whTXEIWYu2QWwrYgmC+4+x450aWPC0QCiVW+aqg/LE5Cra
7qFW7neSuuUQAME3swhHkgMmpBbXQk8CLYGNCXK32K07u/t1FwvKcc6JnvkgvoKb
qyeOiM56/B2mWKLllZdxM7qsUOxXGR1reORSn9YrLAqWSEPpEE5BUhDhA2q+9+ap
Nfs2UuZtGBhypkd8dTqKd3bsBuBtseLV8tD2DqdlvjsBipVA8gctLOVhg5OUBg5K
t31Cd67WHS/DDxe5b8v6VU5e4KABgvkBB+J5er4TDJmr6mSypg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:33:25 2026 by rpki-client