Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e3995b-4ceb-4baf-a74d-954e9f3c5d4a.roa
File: d2e3995b-4ceb-4baf-a74d-954e9f3c5d4a.roa (raw, json)
Hash identifier: 6YquW2Y/o4r5qbciWb8y7ieSUKGZFCVe/Uz89ycJZ0o=
Subject key identifier: B1:71:81:0E:78:56:AF:D2:DF:6C:01:E2:14:50:90:00:50:2C:1B:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AB8CA33EAF27FF6BFCE270D46539197F02E54C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e3995b-4ceb-4baf-a74d-954e9f3c5d4a.roa
Signing time: Sat 02 May 2026 01:30:42 +0000
ROA not before: Sat 02 May 2026 01:30:42 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:b8:ca:33:ea:f2:7f:f6:bf:ce:27:0d:46:53:91:97:f0:2e:54:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:42 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=53a0685c1a75b30eaf80e7029a4626754c0fcd25d7dc0b2d82f4d84aecd2e2b1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2a:bb:a6:a5:e0:14:d2:83:51:ec:9d:34:5a:
f4:58:a5:df:40:ed:8a:45:72:cb:a9:4f:cd:53:0f:
b7:2e:d4:0b:d9:a8:43:b7:72:c1:e0:db:73:0e:62:
6c:23:9a:a7:13:c1:d3:df:81:c7:6c:08:6f:95:70:
9d:41:42:7d:9f:0a:14:e2:81:0a:6d:f9:ad:05:41:
88:96:1f:d6:3b:4b:c4:16:a3:2c:0d:8b:88:e3:c9:
15:4c:41:1b:ed:ab:ce:54:5c:2e:35:89:60:54:9c:
07:f2:41:b4:2b:ca:7d:c0:17:28:63:f0:43:a4:27:
17:4a:b9:62:3f:45:0a:9b:e7:b2:0a:16:30:95:bb:
d1:fc:07:5b:5f:cd:f7:af:c4:01:4a:10:e1:1e:c1:
f6:e4:6a:43:09:cf:21:06:0b:7a:40:2b:5b:ac:6c:
57:6b:65:d0:49:eb:a2:59:04:c4:4f:47:28:4a:a8:
f5:ee:a3:4c:6f:fc:fb:cf:cd:76:1f:2e:24:08:fa:
a7:81:2c:1d:47:5f:b4:da:24:c4:34:62:56:59:fd:
1b:23:0f:86:90:8f:d9:2e:e4:b5:68:50:94:2f:87:
88:24:13:41:07:ee:2e:d2:99:fe:7f:d8:f4:63:4c:
ac:64:36:50:f9:3f:4e:4e:f3:1e:0d:a3:fb:bb:44:
e0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:71:81:0E:78:56:AF:D2:DF:6C:01:E2:14:50:90:00:50:2C:1B:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e3995b-4ceb-4baf-a74d-954e9f3c5d4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:2040::/48
Signature Algorithm: sha256WithRSAEncryption
2f:d9:86:e4:c5:90:14:65:81:43:b5:d7:b5:a0:f3:34:67:9d:
ec:b2:46:2a:1b:a8:8a:2f:3c:93:a0:c8:63:97:26:e0:49:6c:
94:60:e4:df:ba:96:12:2f:b4:77:e9:af:ba:02:fd:d1:a1:4b:
8b:ec:da:dc:98:4e:a4:1c:e9:ba:e9:a0:35:1b:44:72:75:ea:
af:0b:83:68:98:d1:2b:9f:8a:4d:d1:04:90:59:c3:4a:79:4d:
61:2f:aa:ce:9a:1b:84:50:fe:19:d0:18:b8:c3:50:6e:d7:b6:
30:6d:c9:71:91:53:ca:91:6f:c7:a4:bd:e5:f5:2c:f2:39:1c:
21:94:8f:26:28:4a:90:80:db:5b:be:02:db:4d:52:9e:d9:93:
7e:72:3c:52:8d:6f:29:37:a7:9a:24:be:82:78:1d:90:9e:66:
0a:6c:12:89:2a:d3:5c:a1:02:73:95:63:0f:3e:38:39:1e:3b:
39:98:d5:1d:c1:69:a2:30:d2:f6:78:a9:17:3c:49:c6:a5:33:
c0:1b:03:08:34:8d:f3:c7:f6:7e:fe:83:68:bf:b4:60:36:f9:
86:75:36:c1:4e:84:dd:05:47:5d:52:00:ee:e9:d5:1a:7c:0a:
5e:eb:2b:79:48:5e:2e:94:ed:1c:43:47:e5:15:43:99:07:33:
f5:bf:9f:27
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGrjKM+ryf/a/zicNRlORl/AuVMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwNDJaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzYTA2ODVjMWE3NWIzMGVhZjgwZTcwMjlhNDYyNjc1NGMwZmNkMjVkN2Rj
MGIyZDgyZjRkODRhZWNkMmUyYjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4qu6al4BTSg1HsnTRa9Fil30DtikVyy6lPzVMPty7UC9moQ7dyweDbcw5i
bCOapxPB09+Bx2wIb5VwnUFCfZ8KFOKBCm35rQVBiJYf1jtLxBajLA2LiOPJFUxB
G+2rzlRcLjWJYFScB/JBtCvKfcAXKGPwQ6QnF0q5Yj9FCpvnsgoWMJW70fwHW1/N
96/EAUoQ4R7B9uRqQwnPIQYLekArW6xsV2tl0EnrolkExE9HKEqo9e6jTG/8+8/N
dh8uJAj6p4EsHUdftNokxDRiVln9GyMPhpCP2S7ktWhQlC+HiCQTQQfuLtKZ/n/Y
9GNMrGQ2UPk/Tk7zHg2j+7tE4AECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSxcYEO
eFav0t9sAeIUUJAAUCwbVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJlMzk5NWItNGNlYi00YmFmLWE3NGQtOTU0ZTlmM2M1ZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gog
QDANBgkqhkiG9w0BAQsFAAOCAQEAL9mG5MWQFGWBQ7XXtaDzNGed7LJGKhuoii88
k6DIY5cm4ElslGDk37qWEi+0d+mvugL90aFLi+za3JhOpBzpuumgNRtEcnXqrwuD
aJjRK5+KTdEEkFnDSnlNYS+qzpobhFD+GdAYuMNQbte2MG3JcZFTypFvx6S95fUs
8jkcIZSPJihKkIDbW74C201SntmTfnI8Uo1vKTenmiS+gngdkJ5mCmwSiSrTXKEC
c5VjDz44OR47OZjVHcFpojDS9nipFzxJxqUzwBsDCDSN88f2fv6DaL+0YDb5hnU2
wU6E3QVHXVIA7unVGnwKXusreUheLpTtHENH5RVDmQcz9b+fJw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:19 2026 by rpki-client