Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
File: a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa (raw, json)
Hash identifier: ziRD+9YnLA3LplUE5Lha8qzCuRfNEgJvSjrCqH72q4E=
Subject key identifier: EC:23:84:64:DC:17:3F:0A:03:6B:95:E5:CB:9E:30:88:34:21:45:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 758D7ACA958C8D7F8B323E083A744578E4AB6881
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
Signing time: Fri 08 May 2026 03:30:14 +0000
ROA not before: Fri 08 May 2026 03:30:14 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:8d:7a:ca:95:8c:8d:7f:8b:32:3e:08:3a:74:45:78:e4:ab:68:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:14 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=e1c0d3cbea0edfc5a62b893c15de8debd6867e194a5d54bd8c6a54905ca0304e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:af:e7:a2:4d:71:43:f3:fb:df:40:11:27:e1:
34:8d:95:df:23:22:65:44:e3:ca:25:a0:82:e3:ee:
a1:16:11:b4:a7:27:fb:48:07:31:a5:73:a3:7c:76:
20:33:57:df:9b:cf:ff:38:08:7d:02:36:c0:9d:e8:
c6:3b:af:3b:ab:cc:9a:2b:8b:e1:3a:a8:07:33:4b:
7d:f2:a0:9d:6f:af:4c:b1:2a:b1:ba:da:8a:f2:ae:
d7:06:31:5c:37:92:f6:a2:1a:c6:d7:57:b1:ba:29:
bc:c4:b7:a3:37:52:38:bd:0b:35:91:7e:74:f2:f6:
2a:4d:c4:a3:11:28:64:ec:3f:34:29:c5:13:cd:a6:
09:9e:3b:ab:0d:b8:8c:b9:ea:8b:62:3e:da:65:a9:
a0:41:3f:6a:f5:93:3b:9d:38:8b:62:0e:f3:a2:82:
4f:81:d6:34:88:4d:a4:3f:0e:e1:3b:97:5e:fd:62:
16:8a:93:08:7b:9d:54:90:ed:58:15:a0:5a:0a:c1:
fa:10:58:3f:ee:47:09:66:24:10:d5:be:22:8a:7f:
0b:ae:8a:ae:34:35:9c:ce:b7:d7:dd:e6:69:f0:6e:
ef:f1:85:f1:f7:85:11:13:37:ed:e7:a4:35:5a:7b:
a1:d2:d5:05:2d:10:81:a9:04:31:a9:12:17:fd:ee:
a0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:23:84:64:DC:17:3F:0A:03:6B:95:E5:CB:9E:30:88:34:21:45:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:b000::/40
Signature Algorithm: sha256WithRSAEncryption
05:6e:47:6e:ce:88:de:0c:68:3a:c7:fc:8e:9e:f0:8f:86:e6:
d6:71:2b:6a:ff:19:46:bc:1f:22:eb:e2:ce:dd:b2:f8:1b:f2:
9f:10:29:98:57:bb:16:80:04:da:fb:48:35:e4:ca:5c:35:94:
84:be:be:d7:cc:51:5e:b4:f7:7f:8d:69:31:4d:1e:8f:a3:73:
15:ce:35:da:85:53:96:8a:0b:0a:0c:f9:8f:a1:e9:34:7b:cd:
56:8f:9b:b8:36:c5:14:a5:e3:64:dc:b8:4d:5f:87:cd:83:fb:
4e:31:09:ef:54:b6:51:c2:da:45:58:04:7a:03:f8:3c:69:57:
79:a7:d9:1e:7f:c5:45:ca:3b:3b:9f:84:f0:ba:b9:3c:1c:9a:
c6:92:65:1a:11:b6:3c:86:cc:cf:e3:5e:e2:38:06:d9:ea:08:
1a:63:2c:91:ce:fd:bb:01:9f:8a:58:b5:58:fb:4e:46:4e:95:
dd:c8:48:19:d0:08:31:89:d8:ac:29:d0:55:56:41:3b:26:c7:
f4:c0:90:c8:4d:15:0f:63:3a:b3:27:7a:a2:74:ad:f3:03:c7:
c9:73:c6:c6:97:6d:b2:a5:f2:94:b5:25:a3:0b:81:a5:5a:47:
93:8e:e5:4f:77:75:d1:5f:34:8b:c1:65:bf:80:7d:03:b7:52:
fe:be:5f:ba
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdY16ypWMjX+LMj4IOnRFeOSraIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMTRaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxYzBkM2NiZWEwZWRmYzVhNjJiODkzYzE1ZGU4ZGViZDY4NjdlMTk0YTVk
NTRiZDhjNmE1NDkwNWNhMDMwNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOv56JNcUPz+99AESfhNI2V3yMiZUTjyiWgguPuoRYRtKcn+0gHMaVzo3x2
IDNX35vP/zgIfQI2wJ3oxjuvO6vMmiuL4TqoBzNLffKgnW+vTLEqsbraivKu1wYx
XDeS9qIaxtdXsbopvMS3ozdSOL0LNZF+dPL2Kk3EoxEoZOw/NCnFE82mCZ47qw24
jLnqi2I+2mWpoEE/avWTO504i2IO86KCT4HWNIhNpD8O4TuXXv1iFoqTCHudVJDt
WBWgWgrB+hBYP+5HCWYkENW+Iop/C66KrjQ1nM63193mafBu7/GF8feFERM37eek
NVp7odLVBS0QgakEMakSF/3uoM8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsI4Rk
3Bc/CgNrleXLnjCINCFFrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc4YWVmYjQtZDFlYi00YTExLTk4OTktYmY2NzI5ZTE4Y2NkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSw
MA0GCSqGSIb3DQEBCwUAA4IBAQAFbkduzojeDGg6x/yOnvCPhubWcStq/xlGvB8i
6+LO3bL4G/KfECmYV7sWgATa+0g15MpcNZSEvr7XzFFetPd/jWkxTR6Po3MVzjXa
hVOWigsKDPmPoek0e81Wj5u4NsUUpeNk3LhNX4fNg/tOMQnvVLZRwtpFWAR6A/g8
aVd5p9kef8VFyjs7n4Twurk8HJrGkmUaEbY8hszP417iOAbZ6ggaYyyRzv27AZ+K
WLVY+05GTpXdyEgZ0AgxidisKdBVVkE7Jsf0wJDITRUPYzqzJ3qidK3zA8fJc8bG
l22ypfKUtSWjC4GlWkeTjuVPd3XRXzSLwWW/gH0Dt1L+vl+6
-----END CERTIFICATE-----
Generated at Tue May 12 23:15:25 2026 by rpki-client