Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
File: a74aaa95-252d-4e97-92fa-1c779bc72adc.roa (raw, json)
Hash identifier: jbExpLSAOuPiGAh++b4TvO3eMlhM9LvYyp3NQeDtos4=
Subject key identifier: CD:28:52:7D:AF:35:C7:8C:9B:96:47:7F:33:4D:E1:0E:53:BB:C8:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EBE8151B5A85B4184AC845DA849CD50B6F838D8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
Signing time: Mon 04 May 2026 15:21:02 +0000
ROA not before: Mon 04 May 2026 15:21:02 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:be:81:51:b5:a8:5b:41:84:ac:84:5d:a8:49:cd:50:b6:f8:38:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:21:02 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=cb159f7bb0d5964cea0e83ca77a630371f035e34208a9ce6d79a65ed700818e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0f:10:65:b8:40:a0:9b:98:79:91:ce:92:a1:
d3:c9:fd:ca:23:fa:fd:38:33:3a:7b:db:2a:bd:3e:
73:35:84:c3:64:bb:d3:97:3f:19:93:8b:e3:90:ff:
fa:46:f3:ab:25:8a:03:14:ee:a9:45:a0:a0:1f:99:
96:48:f1:e1:e5:61:8b:bc:df:32:3d:11:70:0f:6a:
0b:3e:30:76:12:1b:ae:b2:f0:18:09:4a:ff:90:12:
7a:b1:69:ff:9f:2d:e1:c3:56:2f:f4:ec:04:ad:24:
5a:e6:56:08:09:f6:a3:20:27:6f:da:6c:e9:93:97:
98:b1:f1:36:38:38:f6:8e:e0:bd:15:fa:e5:5f:75:
b0:c3:2f:9f:7a:27:2e:27:22:dc:4e:49:88:ed:b8:
a5:25:3d:7e:78:9f:5e:ee:28:04:5a:b0:6d:67:b2:
46:f1:25:a0:1c:2b:b6:b4:16:1e:ba:a8:e9:5c:b9:
8e:16:82:8f:e0:55:aa:bc:28:9c:28:e4:f0:dc:d5:
6c:eb:1c:08:c6:2a:47:c9:12:b6:22:01:83:28:7e:
b9:c0:f8:bd:bc:f3:51:ff:76:d9:c4:c5:d6:a5:18:
bf:1a:38:4c:6e:47:65:65:c6:94:b2:d8:ed:ed:68:
f2:f5:25:48:2a:4f:9c:2a:38:6e:bb:23:4d:4e:46:
95:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:28:52:7D:AF:35:C7:8C:9B:96:47:7F:33:4D:E1:0E:53:BB:C8:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8080::/46
Signature Algorithm: sha256WithRSAEncryption
7e:3c:62:25:86:6b:3e:e3:7b:ec:48:8a:59:69:f3:16:09:75:
dd:71:b4:b0:6b:2d:81:85:e9:04:ee:2f:77:83:33:39:61:92:
e0:a0:1d:ab:8e:55:66:2e:bd:68:90:f8:28:58:85:94:72:45:
88:28:43:3c:4c:c7:00:e8:1f:75:ad:25:6a:25:c2:f6:71:12:
06:10:6e:a6:47:2d:46:30:c8:87:5f:2a:32:86:98:ed:1a:a8:
07:6f:17:30:ac:4e:90:6a:cf:60:90:aa:44:c7:3e:10:6b:96:
53:05:e4:58:21:0a:c4:bb:67:e4:e1:aa:32:d5:77:7a:ae:2c:
9b:a4:37:60:bf:ad:a2:71:c8:4e:84:ab:67:80:40:ac:53:50:
46:56:71:72:fc:3b:60:da:ff:24:9d:7c:cb:b6:0c:31:9e:d4:
0e:07:f5:47:20:32:33:13:42:33:68:d6:ee:10:7e:d3:20:98:
48:8c:69:26:9e:c6:09:2c:05:20:de:d2:71:43:db:7d:8c:02:
d3:e7:7c:b0:b4:2e:d1:e0:4a:e6:77:44:e6:3f:6f:70:05:1a:
56:1d:bf:11:12:64:22:08:54:cc:4f:2d:fa:95:aa:a0:b5:1b:
83:f3:d8:76:6b:da:df:79:d1:77:c6:4b:63:75:12:cb:c1:12:
14:10:d6:c1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfr6BUbWoW0GErIRdqEnNULb4ONgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIxMDJaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiMTU5ZjdiYjBkNTk2NGNlYTBlODNjYTc3YTYzMDM3MWYwMzVlMzQyMDhh
OWNlNmQ3OWE2NWVkNzAwODE4ZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYPEGW4QKCbmHmRzpKh08n9yiP6/TgzOnvbKr0+czWEw2S705c/GZOL45D/
+kbzqyWKAxTuqUWgoB+Zlkjx4eVhi7zfMj0RcA9qCz4wdhIbrrLwGAlK/5ASerFp
/58t4cNWL/TsBK0kWuZWCAn2oyAnb9ps6ZOXmLHxNjg49o7gvRX65V91sMMvn3on
Lici3E5JiO24pSU9fnifXu4oBFqwbWeyRvEloBwrtrQWHrqo6Vy5jhaCj+BVqrwo
nCjk8NzVbOscCMYqR8kStiIBgyh+ucD4vbzzUf922cTF1qUYvxo4TG5HZWXGlLLY
7e1o8vUlSCpPnCo4brsjTU5GlfsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTNKFJ9
rzXHjJuWR38zTeEOU7vIATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc0YWFhOTUtMjUyZC00ZTk3LTkyZmEtMWM3NzliYzcyYWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
gDANBgkqhkiG9w0BAQsFAAOCAQEAfjxiJYZrPuN77EiKWWnzFgl13XG0sGstgYXp
BO4vd4MzOWGS4KAdq45VZi69aJD4KFiFlHJFiChDPEzHAOgfda0laiXC9nESBhBu
pkctRjDIh18qMoaY7RqoB28XMKxOkGrPYJCqRMc+EGuWUwXkWCEKxLtn5OGqMtV3
eq4sm6Q3YL+tonHIToSrZ4BArFNQRlZxcvw7YNr/JJ18y7YMMZ7UDgf1RyAyMxNC
M2jW7hB+0yCYSIxpJp7GCSwFIN7ScUPbfYwC0+d8sLQu0eBK5ndE5j9vcAUaVh2/
ERJkIghUzE8t+pWqoLUbg/PYdmva33nRd8ZLY3USy8ESFBDWwQ==
-----END CERTIFICATE-----
Generated at Wed May 13 00:11:46 2026 by rpki-client