Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
File: a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa (raw, json)
Hash identifier: 2NAw8BK/WCy+FW1yGPXcNwW5vneYf+Tku1h3P5krKR8=
Subject key identifier: 8B:40:DD:95:3C:D8:96:3A:A5:F3:93:0B:D6:ED:9C:7B:BC:39:24:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74FCE08CFAF94A4BE4BDE657B82C9794326229F1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
Signing time: Mon 11 May 2026 01:50:10 +0000
ROA not before: Mon 11 May 2026 01:50:10 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:fc:e0:8c:fa:f9:4a:4b:e4:bd:e6:57:b8:2c:97:94:32:62:29:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:10 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=835e2b554085742133575c30266870f46548a23f5b7430eb84ba8fd95692fd70, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:be:e4:5b:c4:df:50:2d:bd:35:cb:a5:84:19:
f4:0a:2f:aa:2d:7c:7c:6a:0f:d6:3e:0b:a8:b3:5f:
60:b9:af:5b:4d:f1:89:a7:73:1c:66:d5:12:cc:47:
44:ab:61:db:3f:e9:f7:c1:7e:97:99:8d:27:d5:ca:
8a:00:a3:cd:c7:39:e9:15:43:f4:b4:f9:2d:3a:c7:
c3:c4:dc:79:4b:0c:c9:c9:2a:1e:ec:03:be:bc:e0:
75:d5:62:03:1d:9e:ef:4e:a2:fc:aa:d7:65:56:7e:
09:70:67:6a:15:2f:63:0f:31:9f:7c:90:f1:5e:8f:
6f:cb:e2:51:c5:10:19:1d:bc:38:b4:2a:6d:13:ca:
c8:51:0b:ae:3f:a3:f5:c8:21:94:45:c3:65:74:d3:
32:fe:b2:f3:3d:3f:5f:8c:2e:5c:96:bf:9f:de:16:
c2:38:ec:81:2b:be:60:4a:2e:70:75:8c:58:7d:10:
bd:b7:c8:e5:76:31:98:54:d8:e4:06:9e:66:1a:b2:
fb:60:95:d5:65:26:88:01:c3:bb:e2:02:b0:d3:0d:
ae:46:07:f1:dd:27:a6:a3:03:45:7d:6a:79:8b:45:
5a:a8:84:dd:5f:5e:e4:9d:5f:44:23:6c:d9:3d:73:
54:47:3a:cd:37:c4:45:d0:86:c6:7d:9b:5b:c3:0b:
17:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:40:DD:95:3C:D8:96:3A:A5:F3:93:0B:D6:ED:9C:7B:BC:39:24:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/48
Signature Algorithm: sha256WithRSAEncryption
60:05:ae:9b:2a:0e:b2:a4:b8:5e:e4:91:67:42:88:64:a4:a2:
6d:00:5e:70:23:c0:17:5b:e8:bb:57:a1:a9:14:04:85:5d:c1:
26:8d:8f:7a:7f:0a:77:58:ba:61:ed:6f:87:ae:cb:ea:e5:01:
8d:97:d5:fa:c6:67:8a:06:2d:a4:57:65:96:73:35:c9:63:f4:
7e:b3:0b:3d:ea:f0:34:ed:c8:0b:95:f6:f5:01:1b:2c:71:9c:
3b:62:d9:a6:c2:33:52:26:5c:6b:c1:7e:0b:54:4a:5f:e3:e6:
85:c0:6d:fd:4f:41:fd:40:72:bd:97:68:3e:95:97:f7:9e:0f:
1d:3f:0b:cd:bc:e2:13:fa:bc:83:5d:8e:40:26:61:96:70:e6:
5a:1f:61:40:15:48:65:04:cb:86:5c:c2:ca:1d:1c:7c:7d:46:
24:2d:4c:6f:dd:92:a8:9c:79:cb:f2:b5:fe:22:ba:d2:9c:89:
24:83:eb:83:0f:fa:34:06:8f:a8:fa:57:60:6f:8b:00:85:52:
33:c1:40:3b:fe:e6:b0:cc:f4:fe:37:54:11:b3:bc:a7:3c:6d:
fc:46:22:85:65:92:ac:f9:23:26:d0:97:4c:f3:86:ac:9a:f7:
1d:68:fd:97:64:8a:55:47:e3:f5:b6:6a:98:5d:79:f4:31:fb:
72:77:18:74
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdPzgjPr5SkvkveZXuCyXlDJiKfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMTBaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzNWUyYjU1NDA4NTc0MjEzMzU3NWMzMDI2Njg3MGY0NjU0OGEyM2Y1Yjc0
MzBlYjg0YmE4ZmQ5NTY5MmZkNzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKq+5FvE31AtvTXLpYQZ9Aovqi18fGoP1j4LqLNfYLmvW03xiadzHGbVEsxH
RKth2z/p98F+l5mNJ9XKigCjzcc56RVD9LT5LTrHw8TceUsMyckqHuwDvrzgddVi
Ax2e706i/KrXZVZ+CXBnahUvYw8xn3yQ8V6Pb8viUcUQGR28OLQqbRPKyFELrj+j
9cghlEXDZXTTMv6y8z0/X4wuXJa/n94WwjjsgSu+YEoucHWMWH0QvbfI5XYxmFTY
5AaeZhqy+2CV1WUmiAHDu+ICsNMNrkYH8d0npqMDRX1qeYtFWqiE3V9e5J1fRCNs
2T1zVEc6zTfERdCGxn2bW8MLFwECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSLQN2V
PNiWOqXzkwvW7Zx7vDkk7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc5NzVhYmUtMGNkOC00NTkwLWI1OGItNzAzZmE1ZjRiZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYg
ADANBgkqhkiG9w0BAQsFAAOCAQEAYAWumyoOsqS4XuSRZ0KIZKSibQBecCPAF1vo
u1ehqRQEhV3BJo2Pen8Kd1i6Ye1vh67L6uUBjZfV+sZnigYtpFdllnM1yWP0frML
PerwNO3IC5X29QEbLHGcO2LZpsIzUiZca8F+C1RKX+PmhcBt/U9B/UByvZdoPpWX
954PHT8LzbziE/q8g12OQCZhlnDmWh9hQBVIZQTLhlzCyh0cfH1GJC1Mb92SqJx5
y/K1/iK60pyJJIPrgw/6NAaPqPpXYG+LAIVSM8FAO/7msMz0/jdUEbO8pzxt/EYi
hWWSrPkjJtCXTPOGrJr3HWj9l2SKVUfj9bZqmF159DH7cncYdA==
-----END CERTIFICATE-----
Generated at Wed May 13 01:28:48 2026 by rpki-client