Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
File: 74c7eb62-ad02-4aa2-9be5-024692c6239f.roa (raw, json)
Hash identifier: 1lu5w919o/Yn9G6+pMnr9mZh+zU7NOEAAuTU/7iA+bc=
Subject key identifier: 5F:77:C3:75:C7:CD:CD:F1:F2:CE:CD:3C:94:5E:47:40:A6:23:F4:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34E3B5C9C5C71FDBE0CD2B423AC87CD2EB3D0FF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
Signing time: Tue 19 May 2026 04:50:56 +0000
ROA not before: Tue 19 May 2026 04:50:56 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:e3:b5:c9:c5:c7:1f:db:e0:cd:2b:42:3a:c8:7c:d2:eb:3d:0f:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:56 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=19cd9ad8fb73e7ce10f8abdeb4baf557e6d547639c60575ddea1e4b04d3667ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a7:03:46:27:2b:a0:be:e1:85:bb:0f:45:5a:
a9:3f:10:fc:7e:25:19:19:53:bd:7a:f1:31:8c:b7:
70:1d:f3:24:c3:24:dd:7f:a7:63:27:03:9b:81:b5:
61:f5:3c:40:6f:cb:48:9e:2e:b5:83:46:15:43:ac:
20:63:cd:fd:31:7e:9e:bd:47:9e:c3:57:5d:d1:1d:
96:35:d0:de:f5:9d:3e:04:da:c2:75:f2:ac:68:e6:
e2:23:47:0c:b8:9d:96:c1:ba:e4:00:2e:6e:42:56:
7a:07:2a:0e:bf:d7:f7:ea:d2:e2:fc:55:f4:ce:ee:
91:b0:30:75:0e:0b:cd:37:39:81:fe:9d:e2:90:ee:
e5:3a:04:70:ee:71:2c:e6:ba:ff:0d:52:1b:39:9e:
85:50:5a:5b:f7:f0:7e:78:66:a9:c5:fa:6e:af:b9:
13:28:1d:ac:cc:de:db:c5:3c:02:35:33:34:be:e0:
48:af:3d:64:ba:3b:d0:c5:ad:cc:55:9f:c6:fc:31:
5d:75:ed:65:b1:a4:9d:e7:3c:f6:a9:2a:89:a2:aa:
6f:0c:4e:57:9e:5c:d6:7d:9c:ed:23:b4:fd:81:c0:
07:34:9b:16:d3:07:58:3a:9e:e4:47:3a:42:41:44:
9e:57:32:d3:c8:3b:3f:c7:62:1d:08:48:c9:4c:a7:
9d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:77:C3:75:C7:CD:CD:F1:F2:CE:CD:3C:94:5E:47:40:A6:23:F4:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
72:b1:37:63:aa:4b:61:da:81:b8:59:d0:0e:d9:21:dd:9d:b9:
c7:49:0b:3e:46:37:46:0b:7d:00:4b:7d:c6:af:85:62:6d:19:
33:74:84:29:e4:06:57:40:e3:bd:75:cd:20:c9:09:d7:dc:d3:
24:94:9d:d5:72:10:bc:02:1c:25:0f:d8:d4:77:12:74:76:fd:
50:59:91:65:81:ec:75:6f:34:c9:3c:1b:f4:d6:46:78:79:3e:
f4:21:00:1b:40:6d:11:03:98:28:74:c9:6a:16:58:ee:56:57:
fe:07:c1:86:1c:1a:aa:03:03:2f:cc:c7:3b:e3:b4:49:dd:a2:
43:f1:1c:bf:4a:c5:ca:b4:96:4a:90:17:ea:16:c1:73:0a:48:
43:46:95:f7:64:07:a6:83:45:c3:bf:5a:6a:17:d4:82:2b:da:
a4:1c:78:fe:a4:56:84:ce:75:2e:bf:b6:81:79:11:47:6a:8b:
fe:db:2b:8f:d4:90:6d:a9:73:b7:25:ef:13:17:f1:33:6d:19:
6a:ee:61:99:98:54:8d:8e:64:45:61:3b:66:2b:fa:33:f0:b6:
25:4a:e1:88:6d:94:36:cf:cb:07:91:69:c1:d9:2c:f7:95:db:
09:df:fa:3a:50:5a:8c:04:6b:c1:b3:50:87:c4:38:52:11:05:
b4:5f:df:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNOO1ycXHH9vgzStCOsh80us9D/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwNTZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5Y2Q5YWQ4ZmI3M2U3Y2UxMGY4YWJkZWI0YmFmNTU3ZTZkNTQ3NjM5YzYw
NTc1ZGRlYTFlNGIwNGQzNjY3ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6nA0YnK6C+4YW7D0VaqT8Q/H4lGRlTvXrxMYy3cB3zJMMk3X+nYycDm4G1
YfU8QG/LSJ4utYNGFUOsIGPN/TF+nr1HnsNXXdEdljXQ3vWdPgTawnXyrGjm4iNH
DLidlsG65AAubkJWegcqDr/X9+rS4vxV9M7ukbAwdQ4LzTc5gf6d4pDu5ToEcO5x
LOa6/w1SGzmehVBaW/fwfnhmqcX6bq+5EygdrMze28U8AjUzNL7gSK89ZLo70MWt
zFWfxvwxXXXtZbGknec89qkqiaKqbwxOV55c1n2c7SO0/YHABzSbFtMHWDqe5Ec6
QkFEnlcy08g7P8diHQhIyUynnR8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfd8N1
x83N8fLOzTyUXkdApiP0XzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRjN2ViNjItYWQwMi00YWEyLTliZTUtMDI0NjkyYzYyMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBysTdjqkth2oG4WdAO2SHdnbnHSQs+RjdGC30A
S33Gr4VibRkzdIQp5AZXQOO9dc0gyQnX3NMklJ3VchC8AhwlD9jUdxJ0dv1QWZFl
gex1bzTJPBv01kZ4eT70IQAbQG0RA5godMlqFljuVlf+B8GGHBqqAwMvzMc747RJ
3aJD8Ry/SsXKtJZKkBfqFsFzCkhDRpX3ZAemg0XDv1pqF9SCK9qkHHj+pFaEznUu
v7aBeRFHaov+2yuP1JBtqXO3Je8TF/EzbRlq7mGZmFSNjmRFYTtmK/oz8LYlSuGI
bZQ2z8sHkWnB2Sz3ldsJ3/o6UFqMBGvBs1CHxDhSEQW0X99f
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:40 2026 by rpki-client