Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
File: 74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa (raw, json)
Hash identifier: T3YhzTeB3xWXGXQAI/sRpmrgv0AhYIFx4HRjL0KfCpo=
Subject key identifier: 9A:31:77:18:09:9A:EC:CB:48:52:03:6A:26:50:10:17:97:6B:8E:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29094D70A2819F098F955D198CD2FD1D4D492AE2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
Signing time: Sun 17 May 2026 02:00:06 +0000
ROA not before: Sun 17 May 2026 02:00:06 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:09:4d:70:a2:81:9f:09:8f:95:5d:19:8c:d2:fd:1d:4d:49:2a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:06 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=7804e6bcb9751a305273a590741935b596f6160065caa3b98cd94a8d6febbe13, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:df:36:c4:cd:a8:f2:8c:dc:1a:93:d4:ea:80:
5f:59:a5:dc:d8:58:de:3b:b5:0c:65:c3:4e:b3:ec:
04:92:fd:78:d5:24:a8:3e:2a:7c:b1:e7:81:88:85:
b6:7a:52:68:b2:cb:fa:41:a8:dd:fb:e6:0c:a7:6f:
9d:a7:75:8d:85:9d:89:46:d0:71:f8:b1:42:0f:f4:
a5:86:f2:66:13:1e:0b:5d:6a:e6:9a:d8:37:2d:34:
a5:79:30:25:66:57:79:72:0a:3a:eb:ba:9d:c8:24:
52:73:ba:57:d1:de:87:e0:5d:04:f3:d7:30:ff:70:
63:0a:2a:3c:54:bd:de:d5:92:c2:eb:5b:19:5b:80:
77:77:13:bb:47:8e:a2:19:1c:dc:dd:b5:59:6b:1b:
3f:d9:9c:43:47:5a:48:74:18:b6:86:b2:7d:13:d0:
7a:f3:99:5a:67:00:0f:90:06:03:dc:48:a8:d1:14:
d1:f3:b1:06:25:0f:f0:6a:1e:ec:2c:52:83:4b:b3:
5e:35:3b:8e:76:6f:6f:11:b3:73:61:ae:ab:63:dd:
1d:af:78:f8:5f:00:fb:23:d4:d1:f8:3d:c4:ae:16:
c0:98:82:ff:84:5f:be:4b:fc:f2:ca:ac:cb:db:63:
db:67:37:6d:a8:97:40:43:26:15:7c:fa:74:2a:96:
5e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:31:77:18:09:9A:EC:CB:48:52:03:6A:26:50:10:17:97:6B:8E:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:880::/48
Signature Algorithm: sha256WithRSAEncryption
3e:fd:b9:98:8d:68:67:81:d0:c6:01:f5:31:70:86:63:f0:35:
99:da:51:d7:cb:2f:98:5b:51:4e:5c:db:23:c3:66:07:99:99:
86:cb:c2:4d:58:00:14:d2:f7:d4:fb:15:d8:9c:16:3f:38:b5:
95:77:f1:95:1e:ce:7f:f6:78:8c:e9:80:3e:8a:1d:f0:5d:0b:
ad:a3:54:44:43:76:76:97:16:c1:72:5b:0f:70:21:9d:6d:d9:
40:d9:0c:76:28:18:57:2f:32:68:8e:2c:48:e9:cd:0a:bb:7a:
b7:5b:60:4d:f7:47:55:7e:81:e8:d9:9b:55:ce:d5:4b:5f:cd:
84:db:dd:07:e5:58:dd:ee:03:c7:32:5e:fd:c4:98:68:39:63:
4f:81:a1:00:08:3a:e3:09:c0:5a:42:13:fe:cc:d1:cf:19:8b:
f7:b1:45:bc:d6:58:eb:c1:f3:a8:c4:fd:a2:8b:90:19:06:1c:
22:62:42:8a:3e:af:89:c2:08:80:73:79:3c:c2:58:c1:5f:d8:
7f:2b:10:1a:ea:ea:6c:05:35:c9:e4:87:c6:1b:26:ad:d5:f5:
cc:76:38:c8:8b:5b:84:91:bf:a7:75:c7:9a:40:d5:b2:1d:df:
5c:be:e3:bc:52:75:b9:43:4f:8c:02:65:dc:d5:26:1a:85:12:
46:c8:d9:da
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKQlNcKKBnwmPlV0ZjNL9HU1JKuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDZaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MDRlNmJjYjk3NTFhMzA1MjczYTU5MDc0MTkzNWI1OTZmNjE2MDA2NWNh
YTNiOThjZDk0YThkNmZlYmJlMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPfNsTNqPKM3BqT1OqAX1ml3NhY3ju1DGXDTrPsBJL9eNUkqD4qfLHngYiF
tnpSaLLL+kGo3fvmDKdvnad1jYWdiUbQcfixQg/0pYbyZhMeC11q5prYNy00pXkw
JWZXeXIKOuu6ncgkUnO6V9Heh+BdBPPXMP9wYwoqPFS93tWSwutbGVuAd3cTu0eO
ohkc3N21WWsbP9mcQ0daSHQYtoayfRPQevOZWmcAD5AGA9xIqNEU0fOxBiUP8Goe
7CxSg0uzXjU7jnZvbxGzc2Guq2PdHa94+F8A+yPU0fg9xK4WwJiC/4Rfvkv88sqs
y9tj22c3baiXQEMmFXz6dCqWXg8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSaMXcY
CZrsy0hSA2omUBAXl2uOlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRmNDFjYzktYmEwZS00NmQ5LWE3NzQtNDVmNmEwMzBhM2Y0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
gDANBgkqhkiG9w0BAQsFAAOCAQEAPv25mI1oZ4HQxgH1MXCGY/A1mdpR18svmFtR
TlzbI8NmB5mZhsvCTVgAFNL31PsV2JwWPzi1lXfxlR7Of/Z4jOmAPood8F0LraNU
REN2dpcWwXJbD3AhnW3ZQNkMdigYVy8yaI4sSOnNCrt6t1tgTfdHVX6B6NmbVc7V
S1/NhNvdB+VY3e4DxzJe/cSYaDljT4GhAAg64wnAWkIT/szRzxmL97FFvNZY68Hz
qMT9oouQGQYcImJCij6vicIIgHN5PMJYwV/YfysQGurqbAU1yeSHxhsmrdX1zHY4
yItbhJG/p3XHmkDVsh3fXL7jvFJ1uUNPjAJl3NUmGoUSRsjZ2g==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:42 2026 by rpki-client