Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
File: d6d93bd5-1d52-4263-8712-a4d5b929470f.roa (raw, json)
Hash identifier: RGEIzxgIy48BIJOu8m1N4WxgBzrNgGQw2bQj4fMXLyI=
Subject key identifier: E4:D7:57:9F:EE:70:80:C5:0B:5F:22:75:BB:92:BC:37:E0:2C:91:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DC3BE55113C22FB24AB88C3879266BB41FE6D62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
Signing time: Mon 11 May 2026 01:40:09 +0000
ROA not before: Mon 11 May 2026 01:40:09 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:c3:be:55:11:3c:22:fb:24:ab:88:c3:87:92:66:bb:41:fe:6d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:40:09 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=784e969659d387247d200471a9878d204ccc8d8143da747aedba7949f7b57485, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:90:13:8a:ba:80:f3:c9:68:ac:31:81:e3:2b:
7a:e5:ac:10:af:d2:2d:ed:01:cc:b3:64:7d:10:c2:
aa:d8:f8:46:97:d8:94:a1:20:52:91:f2:17:b1:5a:
69:e5:03:7d:01:b1:a5:ea:5d:eb:03:bb:24:9f:78:
a3:56:f7:a0:3c:27:65:3d:95:81:43:5f:4f:c9:53:
35:1d:dd:7d:65:68:6f:49:3b:ed:04:26:cf:3a:08:
bd:8a:94:c1:a5:e5:00:94:20:00:44:93:31:72:6e:
0f:72:30:bb:67:f1:ea:45:a3:47:47:71:3e:b9:c0:
a7:a1:50:28:92:6b:ed:24:82:97:7f:d9:6b:c9:57:
52:43:17:8b:57:2a:64:75:88:3a:78:62:14:a3:35:
bd:1e:8f:bb:66:06:d7:0c:3d:ed:0e:9c:59:ad:ff:
18:bc:60:ff:3b:f8:03:1b:92:f2:b9:86:d9:93:fe:
17:14:b7:ec:ba:61:b4:3b:01:03:2d:ad:86:4f:b8:
af:58:7b:16:2a:26:3c:0d:8f:ab:a0:b2:39:7c:e2:
67:ff:d6:72:37:34:86:4b:a8:aa:ed:41:0d:73:bf:
22:a5:16:d9:50:49:64:5b:5d:01:e4:40:cc:b6:3f:
fe:fa:bb:b9:fe:d1:cb:ec:9e:1b:85:12:af:b2:e9:
14:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D7:57:9F:EE:70:80:C5:0B:5F:22:75:BB:92:BC:37:E0:2C:91:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:07:80:41:70:f0:de:65:53:59:89:a7:9a:a3:96:ac:7e:15:
a1:ae:b6:c4:82:b8:98:79:16:45:f2:fc:32:11:3d:e6:31:3b:
ac:71:d7:52:66:19:00:08:f5:be:6d:71:5c:f6:c6:b1:00:f2:
75:fa:fd:e3:ec:24:87:43:48:72:c6:be:30:7a:74:f7:e6:b9:
84:6d:30:f8:60:d6:81:38:db:21:a4:61:fc:bb:4b:f0:a2:ac:
c8:4e:ca:59:cb:ea:d1:7d:47:ef:bf:9f:03:7e:7c:01:0a:c3:
d9:37:a0:16:71:8a:c3:dc:11:0d:61:48:08:0f:b7:53:3f:3e:
a9:07:bd:d3:f7:cb:50:51:98:6c:ad:45:fb:90:49:8d:05:15:
d8:0c:6c:e0:9f:09:e7:6a:7d:89:f5:e5:1f:be:42:de:e1:92:
f3:fe:ea:b0:e8:8a:b4:a7:94:1c:a7:fd:f9:33:5e:45:3c:b8:
ad:33:df:d4:a0:42:8e:e4:e7:13:a2:31:98:22:df:9d:12:5c:
b4:03:1d:be:18:aa:e3:12:1c:7c:20:4b:ee:58:e0:1b:ea:72:
1e:6a:21:e4:d2:56:c0:e0:34:f0:7a:d5:d4:bf:9f:30:b9:5f:
9b:61:86:7b:11:3d:84:86:c7:97:d8:bd:65:e4:7a:84:f3:07:
7f:25:28:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXcO+VRE8Ivskq4jDh5Jmu0H+bWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTQwMDlaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4NGU5Njk2NTlkMzg3MjQ3ZDIwMDQ3MWE5ODc4ZDIwNGNjYzhkODE0M2Rh
NzQ3YWVkYmE3OTQ5ZjdiNTc0ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmQE4q6gPPJaKwxgeMreuWsEK/SLe0BzLNkfRDCqtj4RpfYlKEgUpHyF7Fa
aeUDfQGxpepd6wO7JJ94o1b3oDwnZT2VgUNfT8lTNR3dfWVob0k77QQmzzoIvYqU
waXlAJQgAESTMXJuD3Iwu2fx6kWjR0dxPrnAp6FQKJJr7SSCl3/Za8lXUkMXi1cq
ZHWIOnhiFKM1vR6Pu2YG1ww97Q6cWa3/GLxg/zv4AxuS8rmG2ZP+FxS37LphtDsB
Ay2thk+4r1h7FiomPA2Pq6CyOXziZ//Wcjc0hkuoqu1BDXO/IqUW2VBJZFtdAeRA
zLY//vq7uf7Ry+yeG4USr7LpFA0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTk11ef
7nCAxQtfInW7krw34CyReDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDZkOTNiZDUtMWQ1Mi00MjYzLTg3MTItYTRkNWI5Mjk0NzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRA
MA0GCSqGSIb3DQEBCwUAA4IBAQCwB4BBcPDeZVNZiaeao5asfhWhrrbEgriYeRZF
8vwyET3mMTuscddSZhkACPW+bXFc9saxAPJ1+v3j7CSHQ0hyxr4wenT35rmEbTD4
YNaBONshpGH8u0vwoqzITspZy+rRfUfvv58DfnwBCsPZN6AWcYrD3BENYUgID7dT
Pz6pB73T98tQUZhsrUX7kEmNBRXYDGzgnwnnan2J9eUfvkLe4ZLz/uqw6Iq0p5Qc
p/35M15FPLitM9/UoEKO5OcTojGYIt+dEly0Ax2+GKrjEhx8IEvuWOAb6nIeaiHk
0lbA4DTwetXUv58wuV+bYYZ7ET2EhseX2L1l5HqE8wd/JShs
-----END CERTIFICATE-----
Generated at Wed May 13 01:05:42 2026 by rpki-client