Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
File: ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa (raw, json)
Hash identifier: ED/nNOmPm2QulgFY9C7wZ6dzoYfCqjHWQaRL2/u5mhU=
Subject key identifier: F4:B3:7E:09:B1:CF:F1:80:1D:13:27:F7:CF:FB:B1:CE:85:B4:77:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 442DAA14A69D6577DAE3FE11C96182D8E9CC53B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
Signing time: Mon 04 May 2026 15:21:01 +0000
ROA not before: Mon 04 May 2026 15:21:01 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:2d:aa:14:a6:9d:65:77:da:e3:fe:11:c9:61:82:d8:e9:cc:53:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:21:01 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=0aad8383a0e8c693071081f02b3e3f952b16e78dafbf2e4ac373820aee828354, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1a:f9:a0:75:81:6e:b6:67:9b:d4:11:b5:a2:
3d:d8:88:9b:e7:e4:3e:22:97:b5:01:1c:28:4c:7b:
6c:1e:8f:4c:31:cc:6c:5a:fc:b2:4c:31:5e:76:76:
58:2e:08:ec:3f:89:5d:de:99:b8:a7:92:f2:c4:ed:
c2:1e:e5:34:be:18:35:b8:7d:6d:37:a3:e5:54:48:
c8:e1:1f:85:0a:34:9b:5b:e8:d7:32:1d:a0:95:a9:
5e:7d:ed:c5:83:2d:55:a1:8e:6a:3e:37:bd:57:91:
34:02:c5:c3:51:b8:1c:ef:64:bd:88:43:05:e6:37:
b5:cd:89:74:86:2d:82:2b:2c:e2:a6:6b:9a:a7:f1:
e1:3b:c4:70:5a:67:4d:c2:bb:e3:3d:76:5d:bc:55:
98:76:a3:ac:3b:72:50:66:6d:ad:bd:ee:3f:20:57:
fc:3b:5a:09:ef:9c:70:09:e2:ef:a8:b6:9c:41:2d:
75:9a:2d:5e:b4:fa:74:41:87:e2:55:7b:5a:cc:fc:
2a:80:d5:67:22:11:4a:ac:91:c5:8b:83:a5:ff:ed:
6b:f1:4c:01:2d:6a:a5:35:1a:c9:ec:4c:d1:66:7e:
84:5e:f8:6f:2f:f2:2f:8f:3d:e0:df:9c:44:ad:33:
6e:30:e2:9d:66:d6:7e:77:68:0b:75:a7:ce:2e:38:
54:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B3:7E:09:B1:CF:F1:80:1D:13:27:F7:CF:FB:B1:CE:85:B4:77:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:4000::/40
Signature Algorithm: sha256WithRSAEncryption
47:09:ab:04:3a:24:25:c2:16:8d:42:fb:62:a4:63:9b:dc:76:
cd:34:02:28:8a:ff:76:71:9e:c3:c3:ec:a6:41:62:7a:79:1b:
55:26:e9:f4:72:b6:6e:9a:8a:99:98:f9:f9:df:b0:50:1a:4f:
68:a7:6a:9b:92:00:6f:75:6c:ee:54:52:6c:42:4b:30:fb:e1:
ea:06:b4:df:54:56:7f:30:98:64:27:4b:ce:28:83:71:14:60:
04:d4:5f:50:83:91:b9:f1:18:9f:f8:4e:b8:12:21:d5:7a:9a:
78:94:9c:56:2e:bc:96:ca:c5:63:33:22:46:52:8c:75:59:25:
b2:b9:fa:fa:e2:03:54:b9:24:ca:91:1e:64:96:e3:f4:8e:6f:
7b:93:bd:19:54:08:6d:25:20:31:6c:05:3e:3a:2b:86:35:e5:
e6:81:f6:96:05:a8:2e:d7:f3:44:a1:9a:48:e6:3a:0c:a5:7f:
10:d0:a2:4f:9f:57:2b:6c:50:cf:d0:9d:a2:a0:c1:0e:8c:c2:
6a:13:d8:5b:ee:9f:a1:5d:a2:c2:e6:06:0c:ea:36:9b:4b:6e:
94:47:7e:7b:25:90:15:18:bc:74:c5:24:02:d2:b8:97:91:9a:
d4:b4:24:32:a8:46:98:0e:c8:e7:d9:9e:76:b3:e8:ed:ad:de:
e2:db:2d:0c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURC2qFKadZXfa4/4RyWGC2OnMU7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIxMDFaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhYWQ4MzgzYTBlOGM2OTMwNzEwODFmMDJiM2UzZjk1MmIxNmU3OGRhZmJm
MmU0YWMzNzM4MjBhZWU4MjgzNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMga+aB1gW62Z5vUEbWiPdiIm+fkPiKXtQEcKEx7bB6PTDHMbFr8skwxXnZ2
WC4I7D+JXd6ZuKeS8sTtwh7lNL4YNbh9bTej5VRIyOEfhQo0m1vo1zIdoJWpXn3t
xYMtVaGOaj43vVeRNALFw1G4HO9kvYhDBeY3tc2JdIYtgiss4qZrmqfx4TvEcFpn
TcK74z12XbxVmHajrDtyUGZtrb3uPyBX/DtaCe+ccAni76i2nEEtdZotXrT6dEGH
4lV7Wsz8KoDVZyIRSqyRxYuDpf/ta/FMAS1qpTUayexM0WZ+hF74by/yL4894N+c
RK0zbjDinWbWfndoC3Wnzi44VEECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0s34J
sc/xgB0TJ/fP+7HOhbR37DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRlNTIwMGUtNTVjOC00YTg5LTljY2YtY2Y0NjVjNmRkYjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJA
MA0GCSqGSIb3DQEBCwUAA4IBAQBHCasEOiQlwhaNQvtipGOb3HbNNAIoiv92cZ7D
w+ymQWJ6eRtVJun0crZumoqZmPn537BQGk9op2qbkgBvdWzuVFJsQksw++HqBrTf
VFZ/MJhkJ0vOKINxFGAE1F9Qg5G58Rif+E64EiHVepp4lJxWLryWysVjMyJGUox1
WSWyufr64gNUuSTKkR5kluP0jm97k70ZVAhtJSAxbAU+OiuGNeXmgfaWBagu1/NE
oZpI5joMpX8Q0KJPn1crbFDP0J2ioMEOjMJqE9hb7p+hXaLC5gYM6jabS26UR357
JZAVGLx0xSQC0riXkZrUtCQyqEaYDsjn2Z52s+jtrd7i2y0M
-----END CERTIFICATE-----
Generated at Tue May 12 23:15:33 2026 by rpki-client