Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
File: f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa (raw, json)
Hash identifier: haCUpF0aQfKDsYDzD4Yn59QwCC2M3cFMaA2q6RVTTrM=
Subject key identifier: 09:BD:65:D5:F9:A7:B1:55:DC:A4:E4:10:81:AE:B6:D7:C0:7D:4A:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 597D9EA4B7C2341143C1FB6F2A084E3C50AF6919
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
Signing time: Tue 05 May 2026 00:00:06 +0000
ROA not before: Tue 05 May 2026 00:00:06 +0000
ROA not after: Mon 03 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:f080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:7d:9e:a4:b7:c2:34:11:43:c1:fb:6f:2a:08:4e:3c:50:af:69:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 5 00:00:06 2026 GMT
Not After : Aug 3 23:59:59 2026 GMT
Subject: serialNumber=cec322c4fcc52e515818330d44282814b016efaf4639ad9d564fdca4f9512810, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:38:10:4b:53:b9:e5:01:30:d1:cf:78:f5:39:
ca:41:61:1b:c7:0a:2b:4c:70:e8:17:5f:75:e3:24:
17:68:ae:f5:fc:ef:9d:0a:41:a7:f3:31:fc:e2:7b:
ea:2d:f9:14:69:fc:4d:e0:fc:5d:a9:24:9d:5f:8a:
65:8f:57:aa:6f:b4:a0:06:42:8f:75:58:83:6a:bd:
23:16:fe:aa:f2:83:16:26:4c:6e:10:8e:75:52:1f:
61:f4:a2:43:e2:5e:4e:1b:10:32:6e:1c:12:62:e1:
30:ed:bb:7a:57:bf:3f:8f:37:9a:3f:a7:2c:37:de:
86:b8:87:a4:23:17:66:04:33:7f:49:73:8b:de:77:
eb:d8:1c:d7:ef:65:87:67:cd:71:a7:61:b9:6f:e3:
8d:a9:ba:bc:de:f1:1e:a3:76:26:29:99:58:74:81:
ab:d5:d9:ca:01:07:db:6e:9c:4a:f1:a3:ef:b5:38:
a3:0e:df:d8:c1:94:69:05:6d:e0:be:cc:cb:29:e2:
f6:62:11:26:2d:0d:65:de:3a:e7:85:27:cb:34:e8:
e1:01:5a:da:6f:56:af:46:db:e9:4b:f7:be:10:b8:
b7:28:87:3d:c7:3e:ea:84:7d:90:54:15:78:8a:ae:
27:e5:27:84:08:f5:54:1a:83:36:5b:1f:f1:89:26:
38:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BD:65:D5:F9:A7:B1:55:DC:A4:E4:10:81:AE:B6:D7:C0:7D:4A:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:f080::/48
Signature Algorithm: sha256WithRSAEncryption
78:ad:09:54:68:f2:1e:53:52:0e:13:9e:a3:12:34:1c:96:c9:
86:33:4a:39:bb:41:3a:f9:96:a2:84:90:cf:c8:ad:fc:2b:93:
5a:ff:bd:6e:8f:fd:36:ee:8d:f1:ef:f3:f3:61:f4:aa:b6:fc:
6e:07:3a:e5:bb:b5:0a:fc:aa:64:fb:1e:19:12:b0:f7:a4:08:
50:ce:9f:02:91:85:12:87:df:72:75:a8:7e:d1:e5:da:62:1d:
f8:e0:e0:18:4b:de:96:b8:71:05:ba:73:8e:ca:b7:f9:6c:25:
dd:98:ac:72:47:03:5d:c2:a4:a7:8c:a7:dd:51:b1:76:e1:aa:
57:b8:5b:c0:f9:21:d0:2e:3c:fb:4d:9d:c1:09:67:42:48:ed:
21:96:2a:a9:92:38:ef:29:27:6a:d2:81:86:b3:98:ce:ad:5b:
7d:78:32:fb:1c:82:e8:eb:31:9c:18:f7:57:ae:75:f9:cc:8a:
6f:d6:95:4f:49:18:14:8d:42:70:ed:a6:78:7a:63:09:bc:3d:
89:8c:54:27:55:75:da:ba:d1:03:15:a3:c6:ef:ce:2a:46:b7:
57:66:ae:59:0b:5d:6c:d2:fd:d9:f9:ae:36:b0:97:cc:2e:b4:
a8:b7:c9:99:c2:24:77:6d:be:ea:08:83:a8:ac:e8:06:56:43:
f4:f6:4f:cd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWX2epLfCNBFDwftvKghOPFCvaRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDUwMDAwMDZaFw0yNjA4MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlYzMyMmM0ZmNjNTJlNTE1ODE4MzMwZDQ0MjgyODE0YjAxNmVmYWY0NjM5
YWQ5ZDU2NGZkY2E0Zjk1MTI4MTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALE4EEtTueUBMNHPePU5ykFhG8cKK0xw6BdfdeMkF2iu9fzvnQpBp/Mx/OJ7
6i35FGn8TeD8XakknV+KZY9Xqm+0oAZCj3VYg2q9Ixb+qvKDFiZMbhCOdVIfYfSi
Q+JeThsQMm4cEmLhMO27ele/P483mj+nLDfehriHpCMXZgQzf0lzi95369gc1+9l
h2fNcadhuW/jjam6vN7xHqN2JimZWHSBq9XZygEH226cSvGj77U4ow7f2MGUaQVt
4L7Myyni9mIRJi0NZd4654UnyzTo4QFa2m9Wr0bb6Uv3vhC4tyiHPcc+6oR9kFQV
eIquJ+UnhAj1VBqDNlsf8YkmOHECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQJvWXV
+aexVdyk5BCBrrbXwH1KszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjI5OGM5ZDEtNWY1ZS00YTJhLWEyMDMtMjllMmNiZGIzNzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/w
gDANBgkqhkiG9w0BAQsFAAOCAQEAeK0JVGjyHlNSDhOeoxI0HJbJhjNKObtBOvmW
ooSQz8it/CuTWv+9bo/9Nu6N8e/z82H0qrb8bgc65bu1CvyqZPseGRKw96QIUM6f
ApGFEoffcnWoftHl2mId+ODgGEvelrhxBbpzjsq3+Wwl3ZisckcDXcKkp4yn3VGx
duGqV7hbwPkh0C48+02dwQlnQkjtIZYqqZI47yknatKBhrOYzq1bfXgy+xyC6Osx
nBj3V651+cyKb9aVT0kYFI1CcO2meHpjCbw9iYxUJ1V12rrRAxWjxu/OKka3V2au
WQtdbNL92fmuNrCXzC60qLfJmcIkd22+6giDqKzoBlZD9PZPzQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:53 2026 by rpki-client