Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
File: e2d9776f-9750-4d76-93f4-210836f1105b.roa (raw, json)
Hash identifier: mTWCikxMi9MQCnf372nx8Hl59+fA/OYlDpGtpeLbwps=
Subject key identifier: 69:2D:A9:3F:84:E9:0F:3D:59:3A:3F:F0:C9:49:8F:0F:00:71:67:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B4A2A77FC75857640731CD370EAC555CBCB2029
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
Signing time: Mon 04 May 2026 15:20:40 +0000
ROA not before: Mon 04 May 2026 15:20:40 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:4a:2a:77:fc:75:85:76:40:73:1c:d3:70:ea:c5:55:cb:cb:20:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:40 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=57515159329a73c27383011a3fda20ce016515c213f18cc7191849f040e17065, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b8:5f:31:05:a7:b0:f5:fe:f4:cc:70:3e:04:
dc:5a:38:43:a0:4e:c1:67:f5:94:49:18:9c:5e:46:
64:9f:5d:6d:ee:5c:4e:ec:54:08:94:6e:42:73:77:
ac:c9:bd:38:35:78:27:fa:7e:d6:54:07:e3:20:ba:
32:2d:01:0e:44:c3:60:62:da:ca:78:25:ce:70:b2:
4d:99:7c:56:9e:59:e6:36:45:e0:80:a8:85:2a:e0:
62:9e:10:b2:27:aa:bf:05:3b:8e:4e:f4:16:ad:bf:
ce:41:21:d7:ef:69:b3:76:2d:37:bc:f0:ee:e3:d0:
4e:f3:7d:58:de:ac:23:e7:75:b7:65:fa:23:da:ac:
84:9c:b4:ad:7d:4a:2a:10:25:bc:e4:d3:a3:75:eb:
a4:d5:72:c0:7a:90:cc:56:40:f6:74:ae:83:20:4e:
d7:ce:c5:3c:15:c1:62:6a:2d:95:ec:e7:0e:e0:71:
10:81:06:ee:52:5b:fc:25:db:69:d8:f1:75:47:dd:
46:3c:68:e2:3e:d1:8d:3e:de:3d:63:51:7e:52:7e:
d5:0b:9f:62:11:50:4a:b5:aa:23:45:a6:3b:c3:60:
22:b3:49:8b:d1:28:6e:e0:5a:b5:5b:9c:18:fe:a2:
99:8e:0e:54:1d:02:4b:8e:53:ea:e5:9d:3e:52:0f:
7c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:2D:A9:3F:84:E9:0F:3D:59:3A:3F:F0:C9:49:8F:0F:00:71:67:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c020::/46
Signature Algorithm: sha256WithRSAEncryption
a4:2b:62:76:e8:4a:70:8b:00:44:f6:39:ec:8d:0c:52:c6:ad:
6e:45:5f:d5:87:0f:83:77:70:bb:1a:a5:ed:3b:0c:85:70:f3:
9a:7f:4b:b5:70:4f:c7:5b:3b:b1:e1:a0:02:f3:c3:d7:a5:b5:
2d:1b:67:93:85:e9:10:ec:f4:30:9d:93:07:3d:f0:38:c7:7f:
d0:ab:52:e6:5c:cd:d8:02:d2:a5:63:39:ac:79:1e:50:6e:2f:
e6:f3:4e:a5:3a:05:46:9c:9c:03:58:9b:5a:6c:ee:1c:ce:89:
2f:42:ec:be:8b:e4:bd:6a:c7:81:36:95:4b:18:2c:17:70:bd:
84:2a:61:27:e7:2d:5f:37:06:bd:bb:30:bd:c0:82:31:4b:0f:
81:ef:6c:a4:bc:4f:8a:2d:9e:f5:2b:0d:93:fa:23:5f:35:7d:
61:db:96:21:2c:31:57:e1:60:9d:e5:c7:4f:84:4c:41:5c:94:
de:b0:b8:b3:af:69:9b:f1:98:5f:8d:bc:af:23:c8:3c:a9:4d:
20:62:a9:77:85:bc:9e:4f:bf:87:5d:ad:27:13:53:9f:f9:9d:
9b:f1:39:4f:4e:a1:b9:66:6c:2b:90:37:e9:86:69:bf:46:4c:
52:a6:f1:2e:52:49:ef:f7:f2:18:06:2f:fa:b8:51:be:75:1a:
d3:f0:03:a8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUW0oqd/x1hXZAcxzTcOrFVcvLICkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwNDBaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3NTE1MTU5MzI5YTczYzI3MzgzMDExYTNmZGEyMGNlMDE2NTE1YzIxM2Yx
OGNjNzE5MTg0OWYwNDBlMTcwNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+4XzEFp7D1/vTMcD4E3Fo4Q6BOwWf1lEkYnF5GZJ9dbe5cTuxUCJRuQnN3
rMm9ODV4J/p+1lQH4yC6Mi0BDkTDYGLaynglznCyTZl8Vp5Z5jZF4ICohSrgYp4Q
sieqvwU7jk70Fq2/zkEh1+9ps3YtN7zw7uPQTvN9WN6sI+d1t2X6I9qshJy0rX1K
KhAlvOTTo3XrpNVywHqQzFZA9nSugyBO187FPBXBYmotleznDuBxEIEG7lJb/CXb
adjxdUfdRjxo4j7RjT7ePWNRflJ+1QufYhFQSrWqI0WmO8NgIrNJi9EobuBatVuc
GP6imY4OVB0CS45T6uWdPlIPfOsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpLak/
hOkPPVk6P/DJSY8PAHFncDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTJkOTc3NmYtOTc1MC00ZDc2LTkzZjQtMjEwODM2ZjExMDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
IDANBgkqhkiG9w0BAQsFAAOCAQEApCtiduhKcIsARPY57I0MUsatbkVf1YcPg3dw
uxql7TsMhXDzmn9LtXBPx1s7seGgAvPD16W1LRtnk4XpEOz0MJ2TBz3wOMd/0KtS
5lzN2ALSpWM5rHkeUG4v5vNOpToFRpycA1ibWmzuHM6JL0LsvovkvWrHgTaVSxgs
F3C9hCphJ+ctXzcGvbswvcCCMUsPge9spLxPii2e9SsNk/ojXzV9YduWISwxV+Fg
neXHT4RMQVyU3rC4s69pm/GYX428ryPIPKlNIGKpd4W8nk+/h12tJxNTn/mdm/E5
T06huWZsK5A36YZpv0ZMUqbxLlJJ7/fyGAYv+rhRvnUa0/ADqA==
-----END CERTIFICATE-----
Generated at Wed May 13 00:37:48 2026 by rpki-client