Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
File: f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa (raw, json)
Hash identifier: SG/iPC2mDWgzDTALHKErAwrTjx5SuSXOMmmxE1rrGJQ=
Subject key identifier: 7C:A5:58:85:60:9E:83:BA:14:4D:58:A9:4B:E3:C6:C2:09:10:34:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47D37910A32F8F3F3A4170AA433242E7F56B4C36
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
Signing time: Mon 04 May 2026 15:20:03 +0000
ROA not before: Mon 04 May 2026 15:20:03 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:d3:79:10:a3:2f:8f:3f:3a:41:70:aa:43:32:42:e7:f5:6b:4c:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:03 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=8b416c562be4c1a278d802a3a619e4293a199e132f8dcd4e4776f9d6ddd22156, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8c:69:9a:ef:d7:58:08:d1:29:5e:4b:87:fe:
c1:25:63:fd:a2:77:e8:7f:ed:63:4a:6b:a3:f3:c9:
c3:8d:b3:7a:a9:15:1a:db:a9:e9:a2:5e:e6:fd:32:
95:94:e8:b5:66:06:7a:81:5d:ca:2b:ce:dd:bb:9f:
0a:df:a0:70:f8:05:e8:9b:1b:0a:50:78:49:e7:20:
74:03:6d:c1:81:a2:b1:35:38:fb:36:6b:39:dc:27:
db:99:31:6c:d8:17:79:55:8c:8f:3d:f7:0a:9d:45:
e3:23:4f:0b:40:99:8c:b2:db:1d:ae:db:fc:ce:a1:
5b:35:8a:7d:ec:aa:88:86:85:28:a0:2b:77:49:4a:
59:52:76:41:31:62:da:67:cd:fe:b9:cb:95:21:ac:
54:89:78:7b:02:51:0b:b6:b1:3f:43:34:23:d0:2d:
7b:e0:5f:27:85:67:e1:2d:e8:94:04:4a:39:38:96:
50:ca:6f:0d:63:b1:dc:16:66:e3:31:8a:3a:db:b9:
3f:08:06:5d:4e:07:86:3b:66:88:de:b7:80:ba:fb:
5c:c5:0e:89:39:f9:9e:06:73:ac:ad:5e:a1:e6:99:
ae:af:98:df:b8:88:d1:8c:9b:d1:52:57:a9:13:36:
e6:55:18:8e:d4:aa:7e:ae:46:f7:f9:0c:f5:17:77:
86:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A5:58:85:60:9E:83:BA:14:4D:58:A9:4B:E3:C6:C2:09:10:34:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
8b:1b:ce:de:a9:a2:f7:c5:26:64:e6:81:50:c0:ad:bd:c0:13:
e2:7d:cd:42:3b:54:dc:9b:71:3d:99:84:2d:74:6a:61:67:95:
d6:96:8f:ce:b7:c1:c0:02:56:48:3e:cb:51:76:81:8b:40:c0:
e9:6b:40:4a:1b:57:3f:0e:20:89:7b:e6:10:95:9d:57:b4:9f:
37:93:53:10:a3:55:05:4d:95:43:aa:93:54:66:78:3c:47:70:
cc:cd:42:de:a5:80:81:86:f1:da:0b:2a:d9:cd:5e:80:68:84:
23:61:eb:e3:36:d6:78:56:c1:de:1e:dc:40:b5:64:b0:7e:10:
1b:98:b1:a0:f6:b6:57:20:2c:f3:3a:b1:74:d4:30:12:b7:b1:
0f:dc:7e:c1:d3:84:53:d3:22:de:0e:97:7b:f3:88:ab:4a:bc:
6d:c2:46:64:34:05:52:17:48:57:9e:21:66:d8:fb:eb:14:32:
8e:e8:9a:bd:1c:12:40:aa:3e:76:aa:b7:24:07:f9:0f:9a:bd:
fe:e3:b1:28:ca:c0:f7:d4:e8:7e:86:0e:e2:6b:e5:7f:66:0b:
4b:ea:36:f8:75:ba:a6:79:70:38:7b:74:f9:98:fa:18:54:cd:
e1:c9:26:2b:b8:26:d1:59:ad:e0:ee:04:ba:ac:50:7f:fd:86:
31:2a:cf:6b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUR9N5EKMvjz86QXCqQzJC5/VrTDYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwMDNaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiNDE2YzU2MmJlNGMxYTI3OGQ4MDJhM2E2MTllNDI5M2ExOTllMTMyZjhk
Y2Q0ZTQ3NzZmOWQ2ZGRkMjIxNTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6MaZrv11gI0SleS4f+wSVj/aJ36H/tY0pro/PJw42zeqkVGtup6aJe5v0y
lZTotWYGeoFdyivO3bufCt+gcPgF6JsbClB4SecgdANtwYGisTU4+zZrOdwn25kx
bNgXeVWMjz33Cp1F4yNPC0CZjLLbHa7b/M6hWzWKfeyqiIaFKKArd0lKWVJ2QTFi
2mfN/rnLlSGsVIl4ewJRC7axP0M0I9Ate+BfJ4Vn4S3olARKOTiWUMpvDWOx3BZm
4zGKOtu5PwgGXU4HhjtmiN63gLr7XMUOiTn5ngZzrK1eoeaZrq+Y37iI0Yyb0VJX
qRM25lUYjtSqfq5G9/kM9Rd3ho0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR8pViF
YJ6DuhRNWKlL48bCCRA0pjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEzZjU0NDQtMzc3YS00ZTUxLWExYzctMTBjMmEzYTNkNmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBAIsbzt6povfFJmTmgVDArb3AE+J9zUI7VNybcT2Z
hC10amFnldaWj863wcACVkg+y1F2gYtAwOlrQEobVz8OIIl75hCVnVe0nzeTUxCj
VQVNlUOqk1RmeDxHcMzNQt6lgIGG8doLKtnNXoBohCNh6+M21nhWwd4e3EC1ZLB+
EBuYsaD2tlcgLPM6sXTUMBK3sQ/cfsHThFPTIt4Ol3vziKtKvG3CRmQ0BVIXSFee
IWbY++sUMo7omr0cEkCqPnaqtyQH+Q+avf7jsSjKwPfU6H6GDuJr5X9mC0vqNvh1
uqZ5cDh7dPmY+hhUzeHJJiu4JtFZreDuBLqsUH/9hjEqz2s=
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:12 2026 by rpki-client