Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
File: cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa (raw, json)
Hash identifier: x479QvT5euMtJRbpn1JFo52kTIR6G9ljHlZl1eCWsMw=
Subject key identifier: 9B:72:26:93:EE:DE:B3:C8:49:5D:6A:1D:61:B3:3F:81:2B:C1:C4:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71B763344C2728E08133BCF7811BE8675B6C808D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
Signing time: Fri 08 May 2026 03:20:06 +0000
ROA not before: Fri 08 May 2026 03:20:06 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:b7:63:34:4c:27:28:e0:81:33:bc:f7:81:1b:e8:67:5b:6c:80:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:06 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=f0cedd9cd2197f7b2076980884f4d95730e57a5eb5d6b551ea976c18b06d641a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:74:fe:3c:81:49:3b:27:05:7f:b6:3a:5f:72:
47:6e:fc:c4:c7:60:7f:c1:25:6c:e3:39:1d:bd:b4:
d8:23:ad:df:34:3e:65:60:e2:00:86:6e:47:e8:12:
94:2c:15:82:fb:63:dc:57:83:eb:3a:df:90:cb:01:
ad:60:a0:0f:b0:4d:37:f8:6f:2a:0c:c8:31:4a:48:
95:24:5b:a2:aa:a7:b3:fe:32:81:39:d3:05:fb:59:
3f:18:b4:ad:6f:8f:16:26:17:b1:ea:f7:2e:f8:59:
c2:37:57:9b:be:53:95:f8:de:0b:43:56:1d:54:17:
b6:0a:41:68:d9:8a:cf:2f:8c:91:4d:0f:5c:e6:92:
2c:c4:fc:1a:bd:d1:30:11:37:5e:64:79:05:29:fd:
0e:4f:82:2e:de:25:23:8a:4e:8b:52:db:28:bb:91:
3c:25:38:4a:40:94:74:8f:8e:4c:1a:ec:34:12:09:
20:15:46:fe:95:51:87:0d:e9:fc:f9:36:82:13:96:
cc:32:ea:e1:3d:70:7e:d5:85:95:a6:70:f8:63:b1:
96:c0:18:27:b1:41:0e:e5:51:7e:45:c9:b2:44:ec:
e4:f7:3d:7a:03:20:35:04:76:cd:71:b8:5d:d1:34:
2a:87:d7:80:4a:8e:6d:5b:d0:20:85:9e:77:8c:d6:
8a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:72:26:93:EE:DE:B3:C8:49:5D:6A:1D:61:B3:3F:81:2B:C1:C4:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
a3:c6:95:dc:c5:5a:f7:43:32:e6:a0:57:3b:40:f2:4f:00:32:
50:f4:8d:bd:18:b7:49:f7:f3:2f:b1:3a:19:62:bf:f2:82:10:
49:8b:0e:a1:d3:3e:72:f6:ae:6c:7a:cf:82:28:f7:a6:ca:b5:
04:15:ee:14:13:6d:3a:ab:4b:95:d0:ff:7c:f0:06:15:e7:67:
02:3f:61:35:78:09:b1:e2:e7:cb:d6:13:e0:82:d5:56:dc:36:
f7:80:e4:71:93:94:05:8b:9c:47:f9:44:1f:b9:e5:b1:76:ad:
d8:bf:03:75:6a:a0:5d:d1:87:63:d2:5a:a2:12:47:a8:07:0c:
41:ca:38:55:4d:71:ed:f4:06:5c:6c:a1:98:45:74:83:b4:67:
a6:83:ec:58:50:d8:45:5e:76:02:0a:4a:8f:b2:65:28:02:3f:
14:fb:be:bf:8f:7f:16:ee:ff:27:6f:c1:7c:5a:01:e3:c8:14:
7d:63:02:1c:fb:d6:35:c2:7d:3a:1d:14:6e:27:71:ab:41:66:
fb:93:62:91:0b:34:0f:64:c7:42:10:90:b9:d7:42:99:36:40:
58:f5:a8:b5:2f:7f:eb:51:d3:c9:f3:c8:0a:da:ac:bd:9d:a5:
84:fd:08:8d:3a:8c:14:2d:7c:c7:6d:c5:1f:9b:e8:3b:b1:20:
c5:1a:37:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcbdjNEwnKOCBM7z3gRvoZ1tsgI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMDZaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwY2VkZDljZDIxOTdmN2IyMDc2OTgwODg0ZjRkOTU3MzBlNTdhNWViNWQ2
YjU1MWVhOTc2YzE4YjA2ZDY0MWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMF0/jyBSTsnBX+2Ol9yR278xMdgf8ElbOM5Hb202COt3zQ+ZWDiAIZuR+gS
lCwVgvtj3FeD6zrfkMsBrWCgD7BNN/hvKgzIMUpIlSRboqqns/4ygTnTBftZPxi0
rW+PFiYXser3LvhZwjdXm75TlfjeC0NWHVQXtgpBaNmKzy+MkU0PXOaSLMT8Gr3R
MBE3XmR5BSn9Dk+CLt4lI4pOi1LbKLuRPCU4SkCUdI+OTBrsNBIJIBVG/pVRhw3p
/Pk2ghOWzDLq4T1wftWFlaZw+GOxlsAYJ7FBDuVRfkXJskTs5Pc9egMgNQR2zXG4
XdE0KofXgEqObVvQIIWed4zWiu8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSbciaT
7t6zyEldah1hsz+BK8HEhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2JkMjFiOWUtNzYyNy00ZWJjLWExZjgtNjM4OTBiNWQ0MTQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQCjxpXcxVr3QzLmoFc7QPJPADJQ9I29GLdJ9/Mv
sToZYr/yghBJiw6h0z5y9q5ses+CKPemyrUEFe4UE206q0uV0P988AYV52cCP2E1
eAmx4ufL1hPggtVW3Db3gORxk5QFi5xH+UQfueWxdq3YvwN1aqBd0Ydj0lqiEkeo
BwxByjhVTXHt9AZcbKGYRXSDtGemg+xYUNhFXnYCCkqPsmUoAj8U+76/j38W7v8n
b8F8WgHjyBR9YwIc+9Y1wn06HRRuJ3GrQWb7k2KRCzQPZMdCEJC510KZNkBY9ai1
L3/rUdPJ88gK2qy9naWE/QiNOowULXzHbcUfm+g7sSDFGjfD
-----END CERTIFICATE-----
Generated at Tue May 12 23:39:31 2026 by rpki-client