Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json)
Hash identifier: 2wglEwGeSWwd+IS8hLIcAOKxZtLIXyNALI5ulrP6rRI=
Subject key identifier: A3:EF:9B:11:90:BB:74:1E:B8:AE:2D:AD:43:03:7D:6F:0A:67:C3:11
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C13BCDE41FA61580952FC797CD3BE5138984292
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
Signing time: Tue 19 May 2026 05:21:03 +0000
ROA not before: Tue 19 May 2026 05:21:03 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:13:bc:de:41:fa:61:58:09:52:fc:79:7c:d3:be:51:38:98:42:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:21:03 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2b4dd267a792a87f90f9b9e022c01d30390be20fd1e5f3369e001a16da30d8b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e2:5c:c2:81:7b:9c:1b:a4:9d:72:c8:09:e0:
0b:ae:f9:12:78:57:1c:ca:6e:5c:85:9c:3a:60:05:
fe:db:bf:95:a8:bc:86:1b:3b:69:63:e3:1b:6d:b7:
dc:8c:d9:1f:ac:d6:38:23:7a:fe:86:53:09:0d:aa:
2e:22:56:bb:70:df:37:a3:aa:a2:9c:46:03:95:30:
0c:b6:97:4f:97:9f:e2:69:73:6d:11:b7:8c:bf:96:
55:28:a9:b7:79:7f:87:35:d7:bb:15:c2:62:53:24:
07:35:60:7c:b5:ff:05:f4:60:01:b7:d1:8c:12:86:
ca:40:82:05:ad:93:e9:ad:4f:8b:a8:a1:ba:2e:3e:
a4:15:65:01:cf:23:3c:63:fe:89:81:1d:98:ab:88:
27:b8:fe:ca:ce:32:27:bf:33:b1:db:ac:3f:5a:1a:
51:fc:e1:22:a2:09:ed:fe:f0:18:21:10:05:59:7d:
67:f4:4c:9b:25:1e:95:a1:8b:05:bb:25:79:a9:16:
4a:db:e1:c6:c4:6e:82:3a:78:45:38:92:46:91:0f:
4a:e8:81:3b:a3:5d:cd:2c:8f:1f:52:42:3f:23:a3:
94:68:a2:83:d2:9b:b7:6d:b1:ad:33:0b:7a:99:a2:
b2:fd:d5:8a:c0:c5:5d:e1:85:0f:9b:c9:c3:ac:e8:
9d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EF:9B:11:90:BB:74:1E:B8:AE:2D:AD:43:03:7D:6F:0A:67:C3:11
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
21:d4:12:21:c3:76:e7:02:2e:c7:7f:bd:a2:f2:6d:98:32:a8:
c4:9f:61:60:de:c8:21:42:13:97:f8:c1:66:a9:41:0d:47:57:
ef:92:c4:11:80:e8:10:71:94:eb:6a:d7:52:a6:f9:cb:aa:c6:
d0:ef:66:95:31:20:84:7c:2a:5f:27:f8:5b:d4:79:71:53:e5:
87:5c:ff:cf:3e:f7:c5:0c:2f:71:f2:99:9f:dd:60:fd:77:25:
e6:5d:31:30:c1:b1:6b:de:c3:27:3c:4c:f8:00:75:27:b1:c2:
5e:df:2e:25:53:1c:58:f9:4c:1e:75:f6:0e:c6:cc:d9:f9:98:
a8:ba:de:c9:df:71:d9:20:a9:97:db:f9:70:0a:f0:5d:0c:2c:
61:07:f7:ef:b2:bc:a3:21:19:3e:66:58:58:04:a5:22:a2:b9:
5d:15:02:60:57:c9:1d:14:ce:8e:66:e9:2a:b1:6e:c7:e0:55:
d1:e3:45:6e:cc:7f:67:e7:98:75:07:a5:0c:20:23:cb:dc:ec:
21:e3:04:c6:1a:e5:95:da:7b:c5:ee:fa:71:d0:60:8e:39:ce:
55:1e:05:d1:c2:06:fa:00:a9:f8:ce:56:f5:57:d7:6b:31:16:
d3:44:c9:16:b5:3a:03:c2:d2:87:e4:7c:d5:90:ec:24:a2:9e:
c0:07:4d:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHBO83kH6YVgJUvx5fNO+UTiYQpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIxMDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNGRkMjY3YTc5MmE4N2Y5MGY5YjllMDIyYzAxZDMwMzkwYmUyMGZkMWU1
ZjMzNjllMDAxYTE2ZGEzMGQ4YjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3iXMKBe5wbpJ1yyAngC675EnhXHMpuXIWcOmAF/tu/lai8hhs7aWPjG223
3IzZH6zWOCN6/oZTCQ2qLiJWu3DfN6OqopxGA5UwDLaXT5ef4mlzbRG3jL+WVSip
t3l/hzXXuxXCYlMkBzVgfLX/BfRgAbfRjBKGykCCBa2T6a1Pi6ihui4+pBVlAc8j
PGP+iYEdmKuIJ7j+ys4yJ78zsdusP1oaUfzhIqIJ7f7wGCEQBVl9Z/RMmyUelaGL
BbsleakWStvhxsRugjp4RTiSRpEPSuiBO6NdzSyPH1JCPyOjlGiig9Kbt22xrTML
epmisv3VisDFXeGFD5vJw6zonecCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSj75sR
kLt0HriuLa1DA31vCmfDETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQAh1BIhw3bnAi7Hf72i8m2YMqjEn2Fg3sghQhOX
+MFmqUENR1fvksQRgOgQcZTratdSpvnLqsbQ72aVMSCEfCpfJ/hb1HlxU+WHXP/P
PvfFDC9x8pmf3WD9dyXmXTEwwbFr3sMnPEz4AHUnscJe3y4lUxxY+UwedfYOxszZ
+Ziout7J33HZIKmX2/lwCvBdDCxhB/fvsryjIRk+ZlhYBKUiorldFQJgV8kdFM6O
ZukqsW7H4FXR40VuzH9n55h1B6UMICPL3Owh4wTGGuWV2nvF7vpx0GCOOc5VHgXR
wgb6AKn4zlb1V9drMRbTRMkWtToDwtKH5HzVkOwkop7AB03D
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:59 2026 by rpki-client