Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea558c9c-d0cf-4cf0-99cc-884d490bd330.roa
File: ea558c9c-d0cf-4cf0-99cc-884d490bd330.roa (raw, json)
Hash identifier: HmP8AdyBo+t7GO/3jTmrXjFm3uWkUjhaj+kBFbyWfy8=
Subject key identifier: 7B:A0:D6:E4:2F:C3:DA:96:E5:7D:B9:0A:2F:C7:F0:EB:62:61:2B:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E53DB1035ABB138F7C1FDB2493A7572D7119ABF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea558c9c-d0cf-4cf0-99cc-884d490bd330.roa
Signing time: Mon 04 May 2026 15:30:38 +0000
ROA not before: Mon 04 May 2026 15:30:38 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:1040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:53:db:10:35:ab:b1:38:f7:c1:fd:b2:49:3a:75:72:d7:11:9a:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:38 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=f3db920a279f164e957df1ab2a4d95b701add7af97ab18290cf88eae4e3fe3fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:28:00:b0:09:19:89:a1:7d:09:fc:bf:c0:99:
c7:44:38:fd:11:84:54:a2:1e:b3:b1:af:1c:f2:08:
9c:bd:6e:86:69:a4:d2:7c:22:4b:40:43:b1:8f:01:
02:6f:35:91:b7:12:c7:41:72:b3:4c:78:2c:10:9a:
38:92:f6:7a:ba:7b:09:d4:5b:24:ba:a1:d6:e8:08:
33:ee:5d:f4:f2:ef:6c:2b:99:2b:07:46:60:cb:f9:
58:4d:e3:bf:74:1f:22:28:00:b8:e0:d4:f7:ca:a4:
87:8a:5f:a0:49:d2:cd:3c:b8:db:a9:88:40:80:68:
60:84:6d:6d:d0:b6:0e:91:db:d9:42:a0:ed:d6:00:
b1:b7:a4:62:89:4c:35:bb:ae:cb:89:e9:57:84:3d:
f0:b7:70:d0:94:af:be:0e:26:ab:e0:66:14:81:cc:
56:02:7c:7b:e0:2c:0a:2b:75:df:6f:d3:d2:ca:5a:
e8:f2:2f:b1:79:8f:fa:64:7c:d7:9f:46:05:67:f1:
d5:df:b2:76:2a:a4:70:99:79:5a:ed:c9:22:bc:1b:
f0:93:30:b1:af:ed:91:17:1c:bc:40:33:02:eb:8b:
14:ae:b1:c6:d4:a9:f4:06:89:3d:dd:3f:d8:a5:e8:
d4:b7:bf:9c:5f:6d:72:e5:c2:0f:74:f7:49:ce:a2:
41:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A0:D6:E4:2F:C3:DA:96:E5:7D:B9:0A:2F:C7:F0:EB:62:61:2B:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea558c9c-d0cf-4cf0-99cc-884d490bd330.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:1040::/46
Signature Algorithm: sha256WithRSAEncryption
c6:6f:54:60:52:c3:56:26:1c:c7:e0:ed:35:34:11:56:80:d1:
6a:0c:d5:b5:52:ee:0d:1f:17:52:7b:97:6c:94:c6:9c:1c:da:
c5:5e:9c:08:0c:fd:e4:bb:71:c2:17:9f:6e:80:e7:f8:31:95:
a0:6b:ed:cd:d1:48:a3:e1:48:e0:71:4f:b1:d7:60:61:5e:7d:
1e:fd:6b:77:19:aa:86:e0:54:e1:31:bc:b3:8f:04:24:67:a7:
9c:41:6f:30:17:14:29:c7:f0:9f:f8:15:cb:14:1e:dd:8a:1e:
37:1d:e4:bc:94:20:7f:8d:b4:da:fc:19:3e:c5:97:bd:cb:39:
22:5c:b2:1e:f1:a8:63:83:bc:4a:bc:98:74:77:f8:db:1d:b5:
47:c7:53:6b:25:b3:2b:52:64:73:fe:a2:46:bc:23:03:4a:b3:
a1:fb:6f:d4:03:9d:75:3c:f1:c0:ec:ad:f8:55:f0:61:e7:31:
3e:d3:20:d1:a8:bc:0f:1a:09:c9:dc:70:fd:75:7a:66:c7:d5:
19:a5:26:f5:8e:be:8a:62:b9:cb:ff:9b:5c:3b:b4:40:d0:70:
8f:01:f9:fe:36:3d:7b:8d:ab:f5:36:86:2d:c4:e4:4b:63:52:
58:16:93:df:28:47:63:d9:f6:44:9f:9b:01:97:2a:9b:09:4e:
19:a8:db:f7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULlPbEDWrsTj3wf2ySTp1ctcRmr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMzhaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzZGI5MjBhMjc5ZjE2NGU5NTdkZjFhYjJhNGQ5NWI3MDFhZGQ3YWY5N2Fi
MTgyOTBjZjg4ZWFlNGUzZmUzZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcoALAJGYmhfQn8v8CZx0Q4/RGEVKIes7GvHPIInL1uhmmk0nwiS0BDsY8B
Am81kbcSx0Fys0x4LBCaOJL2erp7CdRbJLqh1ugIM+5d9PLvbCuZKwdGYMv5WE3j
v3QfIigAuODU98qkh4pfoEnSzTy426mIQIBoYIRtbdC2DpHb2UKg7dYAsbekYolM
Nbuuy4npV4Q98Ldw0JSvvg4mq+BmFIHMVgJ8e+AsCit132/T0spa6PIvsXmP+mR8
159GBWfx1d+ydiqkcJl5Wu3JIrwb8JMwsa/tkRccvEAzAuuLFK6xxtSp9AaJPd0/
2KXo1Le/nF9tcuXCD3T3Sc6iQZsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR7oNbk
L8PaluV9uQovx/DrYmErXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWE1NThjOWMtZDBjZi00Y2YwLTk5Y2MtODg0ZDQ5MGJkMzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAxm9UYFLDViYcx+DtNTQRVoDRagzVtVLuDR8X
UnuXbJTGnBzaxV6cCAz95LtxwhefboDn+DGVoGvtzdFIo+FI4HFPsddgYV59Hv1r
dxmqhuBU4TG8s48EJGennEFvMBcUKcfwn/gVyxQe3YoeNx3kvJQgf4202vwZPsWX
vcs5IlyyHvGoY4O8SryYdHf42x21R8dTayWzK1Jkc/6iRrwjA0qzoftv1AOddTzx
wOyt+FXwYecxPtMg0ai8DxoJydxw/XV6ZsfVGaUm9Y6+imK5y/+bXDu0QNBwjwH5
/jY9e42r9TaGLcTkS2NSWBaT3yhHY9n2RJ+bAZcqmwlOGajb9w==
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:42 2026 by rpki-client