Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4811639-eec3-4653-a07b-9777ebef5f33.roa
File: b4811639-eec3-4653-a07b-9777ebef5f33.roa (raw, json)
Hash identifier: b0Jg68DV40BYIqvSkYF9s+j7X513HX43KieTPh5+n74=
Subject key identifier: 9B:BD:92:88:7C:B6:74:DD:E6:1B:77:53:2F:13:05:C5:FD:D1:11:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C9C0D586E30DCAB0AB828C7B97CD18C75E7DC2B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4811639-eec3-4653-a07b-9777ebef5f33.roa
Signing time: Fri 08 May 2026 03:20:31 +0000
ROA not before: Fri 08 May 2026 03:20:31 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:9c:0d:58:6e:30:dc:ab:0a:b8:28:c7:b9:7c:d1:8c:75:e7:dc:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:31 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=496c0c9829260e46b8b06ad3b36919a52a14ed529196d6aaf21253d8619c070d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0d:bf:e9:35:70:57:06:b0:03:1b:51:30:c2:
59:4c:0a:43:8a:7e:73:5a:ab:47:02:a6:91:0e:d4:
14:9a:e2:e1:fd:ad:f7:b7:6c:ca:37:3a:8b:cc:88:
aa:f3:e5:be:35:fd:91:e0:0a:a7:90:bf:52:0d:79:
ed:39:44:14:8b:5c:17:c3:1c:d4:12:1c:57:2a:af:
aa:44:7f:6f:57:b4:ff:73:71:5a:51:b2:fa:dc:54:
f0:bd:80:b5:ed:8e:95:3d:ec:82:51:7b:cf:09:4c:
26:53:e0:d2:4e:8b:67:c4:be:44:e0:43:5c:fa:09:
de:10:e2:c7:22:ab:7c:45:81:56:30:1e:ed:95:34:
34:6c:ed:09:ba:fb:f2:76:93:0a:ac:21:71:58:3f:
91:ae:e5:94:77:1f:c7:52:e5:31:cf:1f:77:11:b9:
b5:bc:a6:12:83:58:f2:c8:38:8d:b9:37:9c:fd:d1:
2a:96:cd:a4:90:ad:d5:fc:72:19:6b:c5:d8:d9:ed:
83:83:b4:e5:91:5e:00:93:52:bc:d7:dd:8b:f7:61:
6e:0d:63:cb:a8:ac:7b:f4:e0:43:2b:a3:45:72:b9:
97:42:eb:da:3a:14:77:37:f7:be:41:86:30:af:19:
aa:88:80:93:55:ec:0f:6b:be:78:08:56:dd:42:bc:
30:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BD:92:88:7C:B6:74:DD:E6:1B:77:53:2F:13:05:C5:FD:D1:11:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4811639-eec3-4653-a07b-9777ebef5f33.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:1000::/40
Signature Algorithm: sha256WithRSAEncryption
31:a3:94:e3:d6:7d:c2:82:32:de:c0:5e:94:5d:df:99:cd:ad:
5d:ae:1c:ac:2c:3a:de:5e:86:47:7b:52:a5:89:4c:47:00:90:
7d:e7:fa:72:76:f7:01:5d:5d:65:6b:80:61:30:f4:6b:33:3b:
47:fc:ca:7b:be:67:c6:c3:9d:e4:ac:d4:51:87:6b:d0:9a:30:
03:0d:b0:d2:0a:6e:8c:18:e8:c8:47:d4:54:79:66:0e:1e:9c:
e3:9e:64:ec:fc:09:fb:52:b6:a4:a9:47:ee:8f:da:fb:76:57:
22:db:fd:fa:ec:7f:5f:67:ee:4e:3e:33:4b:b3:b9:77:6a:cd:
38:4b:36:91:bc:45:89:d4:94:9a:b2:b8:97:60:bd:2b:48:ff:
4d:10:38:15:76:c4:e2:72:65:54:89:a1:7d:0a:fc:fa:c1:c1:
86:e7:5e:8c:c7:fb:c4:e4:22:0c:99:58:b7:7f:ba:fe:7a:fb:
0f:e9:3d:67:6b:43:ae:e3:3f:e7:b6:66:31:ec:ac:12:d8:91:
e7:86:a0:bf:60:1d:1c:af:64:ab:16:56:50:e3:2d:94:a2:95:
72:b0:9e:7b:e7:25:db:cc:6b:31:1f:05:48:09:40:22:43:27:
f0:b4:62:dc:7d:10:92:a0:0a:0f:bf:0c:0b:db:23:bc:18:08:
6e:a7:96:92
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfJwNWG4w3KsKuCjHuXzRjHXn3CswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMzFaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5NmMwYzk4MjkyNjBlNDZiOGIwNmFkM2IzNjkxOWE1MmExNGVkNTI5MTk2
ZDZhYWYyMTI1M2Q4NjE5YzA3MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUNv+k1cFcGsAMbUTDCWUwKQ4p+c1qrRwKmkQ7UFJri4f2t97dsyjc6i8yI
qvPlvjX9keAKp5C/Ug157TlEFItcF8Mc1BIcVyqvqkR/b1e0/3NxWlGy+txU8L2A
te2OlT3sglF7zwlMJlPg0k6LZ8S+ROBDXPoJ3hDixyKrfEWBVjAe7ZU0NGztCbr7
8naTCqwhcVg/ka7llHcfx1LlMc8fdxG5tbymEoNY8sg4jbk3nP3RKpbNpJCt1fxy
GWvF2Nntg4O05ZFeAJNSvNfdi/dhbg1jy6ise/TgQyujRXK5l0Lr2joUdzf3vkGG
MK8ZqoiAk1XsD2u+eAhW3UK8MHsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSbvZKI
fLZ03eYbd1MvEwXF/dERhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQ4MTE2MzktZWVjMy00NjUzLWEwN2ItOTc3N2ViZWY1ZjMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAxo5Tj1n3CgjLewF6UXd+Zza1drhysLDreXoZH
e1KliUxHAJB95/pydvcBXV1la4BhMPRrMztH/Mp7vmfGw53krNRRh2vQmjADDbDS
Cm6MGOjIR9RUeWYOHpzjnmTs/An7UrakqUfuj9r7dlci2/367H9fZ+5OPjNLs7l3
as04SzaRvEWJ1JSasriXYL0rSP9NEDgVdsTicmVUiaF9Cvz6wcGG516Mx/vE5CIM
mVi3f7r+evsP6T1na0Ou4z/ntmYx7KwS2JHnhqC/YB0cr2SrFlZQ4y2UopVysJ57
5yXbzGsxHwVICUAiQyfwtGLcfRCSoAoPvwwL2yO8GAhup5aS
-----END CERTIFICATE-----
Generated at Tue May 12 22:50:12 2026 by rpki-client