Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
File: 190e1645-8146-4d32-be0a-feed324f8efa.roa (raw, json)
Hash identifier: oSUgbLDm/C+fXTPBmrydntmLU3aBkEFZMlYUmQVI4z0=
Subject key identifier: 29:2A:A4:85:76:66:6C:8C:04:5F:0F:13:75:D3:54:FC:48:E7:17:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70E4966A151F7589A8A1CB2F046021ED8B523C58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
Signing time: Tue 19 May 2026 04:40:06 +0000
ROA not before: Tue 19 May 2026 04:40:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:e4:96:6a:15:1f:75:89:a8:a1:cb:2f:04:60:21:ed:8b:52:3c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=075b3426a35ea5e5431f9f78862608687ab147f09c7221b8e154049536ff013f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f2:e4:91:93:80:56:ee:8c:de:7b:c2:17:17:
86:a7:81:d7:bb:a2:26:66:d2:5d:ba:32:1e:92:dc:
14:08:56:c4:62:38:61:98:85:28:8f:8d:5a:df:d1:
ef:0e:10:30:25:fe:e1:9f:1b:12:be:2c:6f:fd:e6:
69:61:b9:16:02:83:61:6a:df:bc:74:59:60:1a:0e:
7e:e5:93:f5:bf:27:a0:60:32:c7:48:15:c9:50:68:
bd:3a:79:f0:66:1a:53:5d:ff:b5:66:f1:9a:f4:7e:
b6:28:2a:11:b5:8e:d5:fb:b2:58:6c:b6:61:62:e4:
10:11:3c:52:db:e5:05:ca:e3:42:df:f2:cf:07:48:
61:1c:21:78:ff:b6:b8:94:4d:eb:f0:92:30:92:79:
fe:09:75:2b:f2:71:83:1e:07:83:8c:54:8c:6b:5c:
d0:ac:e9:fe:be:2c:03:50:11:e3:e6:02:65:65:a0:
43:8e:32:a8:86:97:d5:68:6e:36:55:63:45:7f:40:
39:67:55:7a:9b:c4:a1:b6:b0:81:8e:f1:6c:83:a9:
34:b3:7a:fb:96:a7:a3:22:6f:ba:d4:b7:86:41:f7:
c0:a0:48:a6:37:58:6f:a0:a7:51:af:ab:04:b9:d5:
94:d0:4f:b8:78:06:9f:8b:b1:5c:25:58:d9:5f:bf:
f9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:2A:A4:85:76:66:6C:8C:04:5F:0F:13:75:D3:54:FC:48:E7:17:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:a000::/40
Signature Algorithm: sha256WithRSAEncryption
77:dd:8e:18:5e:e7:03:4b:fb:f9:d9:ab:0a:2a:2e:f7:95:41:
d7:b8:78:f3:d1:9e:3b:66:7b:21:4f:02:d7:e2:e7:55:e4:be:
0d:72:8f:8e:9b:63:c4:e2:08:43:b6:fe:c8:18:b8:9e:dc:49:
04:bd:06:b4:92:66:3f:0d:ab:fa:0a:22:b7:d0:1a:7c:0e:ad:
e6:80:a3:a1:77:1f:6c:57:09:75:8b:32:b6:e4:51:af:f3:e2:
1b:e3:9b:a5:d4:12:40:87:65:ff:15:bd:e4:83:d2:e7:1a:19:
ab:3e:c2:6a:63:bb:38:d7:93:0f:22:c2:22:7f:ab:c2:83:d5:
20:40:37:bb:2c:60:01:3f:52:a9:d4:2e:03:db:3d:5a:0d:c9:
52:73:b2:ce:62:f8:74:0f:de:03:ac:d9:66:21:d0:aa:d9:c8:
f4:77:69:2f:01:dc:c6:10:b0:f1:40:64:4c:f4:32:c2:7a:78:
33:35:cd:af:ea:33:d0:b4:86:dc:fe:a9:ec:00:2a:71:9b:f7:
2c:47:8f:54:ad:13:4f:90:62:ca:c7:6e:88:eb:05:30:b4:0e:
24:47:1f:5d:77:6a:9a:a2:79:b9:10:55:51:a1:76:42:99:0c:
df:15:22:70:f9:89:b9:13:b4:45:a8:6e:73:e4:2c:f3:54:28:
f3:81:ab:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcOSWahUfdYmoocsvBGAh7YtSPFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3NWIzNDI2YTM1ZWE1ZTU0MzFmOWY3ODg2MjYwODY4N2FiMTQ3ZjA5Yzcy
MjFiOGUxNTQwNDk1MzZmZjAxM2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPy5JGTgFbujN57whcXhqeB17uiJmbSXboyHpLcFAhWxGI4YZiFKI+NWt/R
7w4QMCX+4Z8bEr4sb/3maWG5FgKDYWrfvHRZYBoOfuWT9b8noGAyx0gVyVBovTp5
8GYaU13/tWbxmvR+tigqEbWO1fuyWGy2YWLkEBE8UtvlBcrjQt/yzwdIYRwheP+2
uJRN6/CSMJJ5/gl1K/Jxgx4Hg4xUjGtc0Kzp/r4sA1AR4+YCZWWgQ44yqIaX1Whu
NlVjRX9AOWdVepvEobawgY7xbIOpNLN6+5anoyJvutS3hkH3wKBIpjdYb6CnUa+r
BLnVlNBPuHgGn4uxXCVY2V+/+YsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpKqSF
dmZsjARfDxN101T8SOcXcDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkwZTE2NDUtODE0Ni00ZDMyLWJlMGEtZmVlZDMyNGY4ZWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSg
MA0GCSqGSIb3DQEBCwUAA4IBAQB33Y4YXucDS/v52asKKi73lUHXuHjz0Z47Znsh
TwLX4udV5L4Nco+Om2PE4ghDtv7IGLie3EkEvQa0kmY/Dav6CiK30Bp8Dq3mgKOh
dx9sVwl1izK25FGv8+Ib45ul1BJAh2X/Fb3kg9LnGhmrPsJqY7s415MPIsIif6vC
g9UgQDe7LGABP1Kp1C4D2z1aDclSc7LOYvh0D94DrNlmIdCq2cj0d2kvAdzGELDx
QGRM9DLCengzNc2v6jPQtIbc/qnsACpxm/csR49UrRNPkGLKx26I6wUwtA4kRx9d
d2qaonm5EFVRoXZCmQzfFSJw+Ym5E7RFqG5z5CzzVCjzgauo
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:42:02 2026 by rpki-client