Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
File: a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa (raw, json)
Hash identifier: 0GMTgpDTuXzbs41UVTIMBQs7pC1Wh3VY+VJ977y0Ulk=
Subject key identifier: CA:CB:B3:C4:B4:03:0A:F9:9E:1E:CE:A9:2F:4E:87:8B:D1:69:94:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1691CE363AAD4AB98091A54DD8BE25BD0D8DB862
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
Signing time: Fri 08 May 2026 03:21:17 +0000
ROA not before: Fri 08 May 2026 03:21:17 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:91:ce:36:3a:ad:4a:b9:80:91:a5:4d:d8:be:25:bd:0d:8d:b8:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:21:17 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=8a553bdb137f86762d489d65fbc2bfa69248dbf02a31bddfcc7e35514d9cd297, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a7:77:39:61:b8:7a:3c:18:62:6f:7e:95:2e:
58:80:a3:c3:7b:b4:49:14:a1:28:f0:9e:36:fe:c8:
13:fc:7e:db:e9:3f:23:99:7c:58:c6:82:9a:df:f5:
a6:b1:87:b4:5d:5d:fa:25:5c:33:b8:89:12:ae:0f:
81:de:03:ae:d3:93:6d:4d:35:ce:9a:d3:70:be:1d:
b0:21:1f:fe:8e:62:68:21:ce:60:77:8d:d9:60:9d:
3c:4c:47:a7:4d:7c:2b:7e:65:65:3e:11:1c:02:08:
8a:51:65:f6:3a:9a:2e:7c:44:5d:10:9c:bb:22:54:
d9:0d:04:81:f8:98:8b:fe:53:4f:13:25:a7:05:85:
86:c5:a5:ed:a4:dc:c2:b1:bd:39:05:6c:2b:fa:0e:
b1:e0:1b:26:cb:f8:63:4e:28:9f:b9:bb:2e:aa:1c:
6a:00:95:e2:6e:10:e2:bb:17:9e:24:96:8e:20:e1:
45:9e:75:9c:d8:42:63:be:45:05:6e:c8:35:91:cb:
d0:be:3a:05:6a:70:59:50:84:7d:6b:fd:5c:f8:a4:
fb:c5:03:b9:90:a6:58:b1:62:25:49:c6:21:6a:4e:
ce:4e:00:1f:b4:6d:01:7c:27:87:6f:00:ac:cd:d6:
41:f1:86:19:90:7a:fe:54:f0:a9:81:aa:fb:9c:2d:
5a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CB:B3:C4:B4:03:0A:F9:9E:1E:CE:A9:2F:4E:87:8B:D1:69:94:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:800::/40
Signature Algorithm: sha256WithRSAEncryption
2d:b3:13:b2:35:63:0b:58:d6:7f:7f:76:b1:50:b3:ec:34:a9:
e0:54:9e:a7:41:dd:59:da:10:1a:ca:67:c3:69:e5:b5:bc:11:
1b:70:da:74:a1:74:03:b4:7a:cf:8a:83:e5:6c:df:9c:60:b8:
05:d9:90:f5:38:d9:24:3c:e1:b8:64:21:a3:f9:25:25:47:b2:
eb:6c:d6:a6:60:1d:5c:e8:e5:38:4b:66:8d:a4:4f:ec:c9:59:
dc:d9:86:1f:41:e9:73:9c:9b:f2:e3:fa:99:f3:27:3c:1c:78:
f0:a3:f6:13:2d:33:66:43:ac:25:b7:4b:15:e0:df:6f:a8:cf:
03:03:2e:36:30:54:22:04:0a:86:bc:6a:dc:4f:9c:5e:02:9a:
26:44:9f:b9:0a:c4:95:0a:67:27:d0:da:ad:5e:07:21:d8:fc:
5d:04:95:3d:b0:85:f4:df:9e:c1:12:b7:68:bb:75:e4:cb:99:
d4:fe:12:00:a0:56:b2:96:98:a2:fe:1e:c8:9e:36:4e:6c:f7:
d8:3c:2c:16:64:0f:3b:ca:b7:bf:4f:92:33:e6:31:48:87:d4:
09:ba:f3:be:24:fb:a7:e8:ac:7b:e3:2c:eb:4e:80:f2:3c:08:
23:d8:c6:ac:8c:81:5d:37:22:06:13:e4:40:d7:fb:66:7b:e5:
04:89:88:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFpHONjqtSrmAkaVN2L4lvQ2NuGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIxMTdaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhNTUzYmRiMTM3Zjg2NzYyZDQ4OWQ2NWZiYzJiZmE2OTI0OGRiZjAyYTMx
YmRkZmNjN2UzNTUxNGQ5Y2QyOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+ndzlhuHo8GGJvfpUuWICjw3u0SRShKPCeNv7IE/x+2+k/I5l8WMaCmt/1
prGHtF1d+iVcM7iJEq4Pgd4DrtOTbU01zprTcL4dsCEf/o5iaCHOYHeN2WCdPExH
p018K35lZT4RHAIIilFl9jqaLnxEXRCcuyJU2Q0EgfiYi/5TTxMlpwWFhsWl7aTc
wrG9OQVsK/oOseAbJsv4Y04on7m7LqocagCV4m4Q4rsXniSWjiDhRZ51nNhCY75F
BW7INZHL0L46BWpwWVCEfWv9XPik+8UDuZCmWLFiJUnGIWpOzk4AH7RtAXwnh28A
rM3WQfGGGZB6/lTwqYGq+5wtWkUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKy7PE
tAMK+Z4ezqkvToeL0WmURTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ5ZTIzZGUtNmZjOS00MTJiLTlkMjMtNGYwODMwZDlmYTdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQI
MA0GCSqGSIb3DQEBCwUAA4IBAQAtsxOyNWMLWNZ/f3axULPsNKngVJ6nQd1Z2hAa
ymfDaeW1vBEbcNp0oXQDtHrPioPlbN+cYLgF2ZD1ONkkPOG4ZCGj+SUlR7LrbNam
YB1c6OU4S2aNpE/syVnc2YYfQelznJvy4/qZ8yc8HHjwo/YTLTNmQ6wlt0sV4N9v
qM8DAy42MFQiBAqGvGrcT5xeApomRJ+5CsSVCmcn0NqtXgch2PxdBJU9sIX0357B
Erdou3Xky5nU/hIAoFaylpii/h7InjZObPfYPCwWZA87yre/T5Iz5jFIh9QJuvO+
JPun6Kx74yzrToDyPAgj2MasjIFdNyIGE+RA1/tme+UEiYi4
-----END CERTIFICATE-----
Generated at Tue May 12 22:36:37 2026 by rpki-client