Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
File: 91473fe5-f129-48d9-8d23-63d62cec663a.roa (raw, json)
Hash identifier: ZYagb0MozAtbE5sAmMVYZKXW5Ydl7R0l/suRebOk7ns=
Subject key identifier: 27:D1:46:EC:3C:34:13:F5:77:15:F1:04:1E:A4:70:82:50:D2:EB:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58974EAE078F4C6A6B77D4251E61AB3D23FF926D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
Signing time: Sun 17 May 2026 02:10:08 +0000
ROA not before: Sun 17 May 2026 02:10:08 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:97:4e:ae:07:8f:4c:6a:6b:77:d4:25:1e:61:ab:3d:23:ff:92:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:10:08 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=e65e25062216306dbafbcec1a6196a8e2d2e15e81cc7ff3c9ee648d085d6c9fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:92:0d:5c:3a:b0:ee:81:29:48:6c:7e:00:5f:
5f:7a:47:eb:d8:b2:4e:51:6b:e9:ed:9c:15:04:89:
99:6b:13:a4:16:e6:35:3e:ab:5b:2d:7e:97:d1:c7:
4a:f3:1c:f2:9f:ef:ef:48:e0:4f:97:13:a9:72:df:
81:83:38:bc:61:21:6d:e4:c6:ef:ac:26:54:6c:86:
8f:b2:97:fd:1b:9c:93:1c:83:4b:e7:04:74:3f:52:
12:a9:bb:23:fd:d6:69:44:38:e4:11:c9:3a:b2:e3:
41:38:b6:c4:82:2c:42:8d:6a:7e:0b:bb:6c:c6:ce:
c0:02:30:2e:a3:84:b1:3b:02:55:8d:71:f0:52:7e:
7f:56:fe:dd:6e:3e:e5:37:5f:e4:fc:9e:68:2e:b6:
61:07:37:af:fc:d3:44:97:72:d6:c2:c8:9c:6c:b4:
ca:fd:6f:ee:de:40:d4:bd:22:76:6a:79:72:69:00:
ba:1d:ca:f9:eb:35:f9:67:c5:3a:39:20:64:25:5a:
bf:54:12:3a:4b:36:f6:34:60:62:98:b6:2c:97:47:
39:ce:61:97:51:81:f4:fb:1b:5f:47:1f:25:d9:60:
b2:6e:d7:09:75:dc:38:a3:b8:19:ed:5b:ce:4b:af:
ab:28:73:c1:01:3a:b4:e9:79:b3:07:6d:b9:f2:f6:
fc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D1:46:EC:3C:34:13:F5:77:15:F1:04:1E:A4:70:82:50:D2:EB:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:840::/48
Signature Algorithm: sha256WithRSAEncryption
33:a1:fd:97:d1:e8:8c:fc:ab:b5:fd:31:ce:b2:60:60:e9:2d:
79:04:e1:7f:24:62:c8:09:b6:de:1f:74:a7:2a:8d:97:f6:a3:
a0:ec:35:ec:01:e7:e3:1d:7c:e5:21:61:5b:f8:37:5a:ed:65:
66:bb:da:c1:63:fc:25:85:b6:fd:d7:c9:bc:b2:79:fb:80:80:
0f:37:1c:60:1d:8c:39:e8:2c:ad:b0:3c:c9:61:b9:1b:81:1f:
63:99:3a:a3:40:e1:11:7c:5a:be:43:4e:18:72:f5:ae:7b:2c:
09:d8:a8:7e:e5:f3:85:75:d1:18:54:da:d0:4c:7c:a8:51:1d:
d8:1f:29:b5:e4:db:06:b7:63:5c:8b:a7:5e:69:bb:7a:cb:9c:
c4:ca:c9:58:1c:22:32:98:44:ea:b7:72:49:ed:e2:6e:b6:e3:
67:9d:8e:4b:85:fe:57:29:bf:41:4e:1b:94:4b:2f:ee:5c:d3:
37:84:1a:9c:e6:6d:84:1a:4a:76:31:a1:f9:89:ff:ca:0d:19:
5b:02:70:44:b2:c3:14:8d:c8:0b:3d:23:14:08:dd:f4:7c:a3:
2e:47:dc:ba:9b:3c:00:0c:2f:94:3b:7a:80:cf:0f:bd:9f:be:
26:74:f0:d7:06:61:92:d0:3e:e5:58:8c:91:b5:32:47:6b:44:
97:0b:8b:07
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWJdOrgePTGprd9QlHmGrPSP/km0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjEwMDhaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2NWUyNTA2MjIxNjMwNmRiYWZiY2VjMWE2MTk2YThlMmQyZTE1ZTgxY2M3
ZmYzYzllZTY0OGQwODVkNmM5ZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6SDVw6sO6BKUhsfgBfX3pH69iyTlFr6e2cFQSJmWsTpBbmNT6rWy1+l9HH
SvMc8p/v70jgT5cTqXLfgYM4vGEhbeTG76wmVGyGj7KX/RuckxyDS+cEdD9SEqm7
I/3WaUQ45BHJOrLjQTi2xIIsQo1qfgu7bMbOwAIwLqOEsTsCVY1x8FJ+f1b+3W4+
5Tdf5PyeaC62YQc3r/zTRJdy1sLInGy0yv1v7t5A1L0idmp5cmkAuh3K+es1+WfF
OjkgZCVav1QSOks29jRgYpi2LJdHOc5hl1GB9PsbX0cfJdlgsm7XCXXcOKO4Ge1b
zkuvqyhzwQE6tOl5swdtufL2/BMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQn0Ubs
PDQT9XcV8QQepHCCUNLrhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE0NzNmZTUtZjEyOS00OGQ5LThkMjMtNjNkNjJjZWM2NjNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
QDANBgkqhkiG9w0BAQsFAAOCAQEAM6H9l9HojPyrtf0xzrJgYOkteQThfyRiyAm2
3h90pyqNl/ajoOw17AHn4x185SFhW/g3Wu1lZrvawWP8JYW2/dfJvLJ5+4CADzcc
YB2MOegsrbA8yWG5G4EfY5k6o0DhEXxavkNOGHL1rnssCdiofuXzhXXRGFTa0Ex8
qFEd2B8pteTbBrdjXIunXmm7esucxMrJWBwiMphE6rdySe3ibrbjZ52OS4X+Vym/
QU4blEsv7lzTN4QanOZthBpKdjGh+Yn/yg0ZWwJwRLLDFI3ICz0jFAjd9HyjLkfc
ups8AAwvlDt6gM8PvZ++JnTw1wZhktA+5ViMkbUyR2tElwuLBw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:14:23 2026 by rpki-client