Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa
File: a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa (raw, json)
Hash identifier: ixR0axCLq3aU/xPZmrbcgWJQ0vTSeAOc2TaX5SOrOq4=
Subject key identifier: B7:83:00:0E:DB:F5:F0:59:14:1A:6D:10:D6:33:B1:51:71:4E:BB:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17FD07E372EB7BBA6F15F4905DD77EDD1CED1452
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa
Signing time: Fri 08 May 2026 03:20:10 +0000
ROA not before: Fri 08 May 2026 03:20:10 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:fd:07:e3:72:eb:7b:ba:6f:15:f4:90:5d:d7:7e:dd:1c:ed:14:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:10 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=dcc2bb5b2f4166377ea335bef42b72770c0002d48c0089c3caa28e66cd513efa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:11:c2:8a:f1:ad:ee:a3:0e:5c:63:44:af:23:
0f:20:b4:92:05:7d:b9:78:56:8a:1a:91:e5:c4:01:
fb:f3:7d:fe:d2:23:50:03:d1:01:15:a7:27:77:7d:
d8:ae:b4:8e:40:f6:0d:6c:0d:27:c0:79:c2:03:d1:
7b:13:74:da:32:8a:78:59:43:49:43:a5:bb:4e:72:
f1:bc:01:fd:76:f9:11:2e:06:59:4c:d8:04:79:32:
a9:a8:5c:db:0b:4a:bc:25:e2:31:58:b8:4e:8b:4d:
a1:7e:ff:9d:c0:13:dd:c0:64:45:b9:ad:1a:35:f0:
23:88:1e:35:10:22:b1:f0:56:99:1c:3c:fc:7f:d3:
27:78:34:c1:0a:f9:44:34:7d:1a:82:48:59:24:83:
11:98:20:31:c3:e7:41:12:03:67:c8:c9:db:e4:86:
45:68:bf:49:0b:4f:29:c6:ca:a2:75:1b:d8:66:17:
7d:25:4a:a3:06:26:75:95:31:dc:1c:57:d1:b6:f0:
25:27:77:3b:e3:93:ea:75:3c:e4:22:7c:2f:d0:73:
d5:13:a0:a8:40:43:a5:6c:bb:28:ff:5d:05:bb:c2:
ad:84:fd:b1:1b:f5:05:80:a4:0c:3e:dd:4f:2d:6d:
c2:91:d1:6a:b2:45:8d:0d:b6:53:d9:0f:74:fc:55:
53:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:83:00:0E:DB:F5:F0:59:14:1A:6D:10:D6:33:B1:51:71:4E:BB:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b::/32
Signature Algorithm: sha256WithRSAEncryption
5d:01:15:bb:a5:46:a2:d9:c3:f0:5f:a9:48:98:ed:10:0c:57:
bc:9b:53:7a:63:63:bb:15:0f:20:59:1a:44:41:dd:59:ce:6a:
e9:49:51:a2:f7:05:ee:05:a9:c7:8f:5a:39:d8:d9:fd:c9:e1:
46:bb:aa:f6:61:56:1f:6a:a2:68:d5:36:15:7c:da:78:57:38:
11:89:61:83:2c:b3:29:7f:3a:06:77:cd:42:37:00:27:85:eb:
3c:6a:ef:39:09:bc:e9:13:ba:56:d2:63:96:4c:d4:ae:7d:8f:
ab:3d:b3:52:e0:d3:61:4a:a4:d8:6b:5e:b6:d3:ed:15:db:cd:
0a:c6:f7:f9:f9:bb:a3:76:a3:a3:d6:7a:d0:2c:5b:46:b6:78:
4b:3c:03:a6:8d:a9:31:f1:07:01:c8:06:e8:d3:cf:91:f8:64:
11:55:1d:89:ca:11:d8:e3:b5:7c:76:75:4e:47:26:61:34:06:
0d:9e:10:05:6a:69:28:31:dc:17:f1:5f:63:09:31:30:41:19:
72:77:24:d3:57:61:14:54:ed:1a:7f:bd:51:98:c0:db:5a:58:
55:e2:bb:52:2b:8d:bb:3e:9c:2b:8a:2f:5f:c8:e3:a9:34:9a:
6a:06:c7:68:4b:60:08:bc:21:d3:4a:cf:27:a9:44:6b:1f:31:
7d:33:d6:67
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUF/0H43Lre7pvFfSQXdd+3RztFFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMTBaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjYzJiYjViMmY0MTY2Mzc3ZWEzMzViZWY0MmI3Mjc3MGMwMDAyZDQ4YzAw
ODljM2NhYTI4ZTY2Y2Q1MTNlZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQRworxre6jDlxjRK8jDyC0kgV9uXhWihqR5cQB+/N9/tIjUAPRARWnJ3d9
2K60jkD2DWwNJ8B5wgPRexN02jKKeFlDSUOlu05y8bwB/Xb5ES4GWUzYBHkyqahc
2wtKvCXiMVi4TotNoX7/ncAT3cBkRbmtGjXwI4geNRAisfBWmRw8/H/TJ3g0wQr5
RDR9GoJIWSSDEZggMcPnQRIDZ8jJ2+SGRWi/SQtPKcbKonUb2GYXfSVKowYmdZUx
3BxX0bbwJSd3O+OT6nU85CJ8L9Bz1ROgqEBDpWy7KP9dBbvCrYT9sRv1BYCkDD7d
Ty1twpHRarJFjQ22U9kPdPxVU2cCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS3gwAO
2/XwWRQabRDWM7FRcU678jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTViY2I3NzAtN2UzZC00Y2NkLWJmMWMtNGNjMTdlYTAxYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fsw
DQYJKoZIhvcNAQELBQADggEBAF0BFbulRqLZw/BfqUiY7RAMV7ybU3pjY7sVDyBZ
GkRB3VnOaulJUaL3Be4FqcePWjnY2f3J4Ua7qvZhVh9qomjVNhV82nhXOBGJYYMs
syl/OgZ3zUI3ACeF6zxq7zkJvOkTulbSY5ZM1K59j6s9s1Lg02FKpNhrXrbT7RXb
zQrG9/n5u6N2o6PWetAsW0a2eEs8A6aNqTHxBwHIBujTz5H4ZBFVHYnKEdjjtXx2
dU5HJmE0Bg2eEAVqaSgx3BfxX2MJMTBBGXJ3JNNXYRRU7Rp/vVGYwNtaWFXiu1Ir
jbs+nCuKL1/I46k0mmoGx2hLYAi8IdNKzyepRGsfMX0z1mc=
-----END CERTIFICATE-----
Generated at Tue May 12 23:36:06 2026 by rpki-client