Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91cdfe9a-e33d-4191-aea0-e84dab2bc692.roa
File: 91cdfe9a-e33d-4191-aea0-e84dab2bc692.roa (raw, json)
Hash identifier: x555G8WoPI34NtAKK1+bAkvmsJr6EasHA5WbW0PTwzs=
Subject key identifier: 89:53:48:0C:0B:32:05:89:6B:00:58:A8:98:74:24:80:99:BF:09:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D48CF6BE1A460AF16937543B4257F59ABB9699F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91cdfe9a-e33d-4191-aea0-e84dab2bc692.roa
Signing time: Fri 22 May 2026 16:02:01 +0000
ROA not before: Fri 22 May 2026 16:02:01 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:48:cf:6b:e1:a4:60:af:16:93:75:43:b4:25:7f:59:ab:b9:69:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:02:01 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=c5a2383bc45179574a948f47e1fe79456d0578b0210170204831da40c5b4e06e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c9:49:d6:75:7c:22:51:af:92:7e:88:78:1f:
cf:b9:f3:53:d5:16:ac:59:ff:47:eb:2b:2d:69:42:
c7:9f:33:af:ea:9d:bc:da:27:67:a0:1d:d9:50:ce:
ea:e4:5a:eb:36:54:a4:16:46:5b:f3:36:d2:31:50:
b7:88:c0:42:c6:1a:6c:d4:bf:51:89:f1:31:7e:9c:
a0:16:a9:31:9d:6b:ef:b4:5c:cd:7e:aa:41:9a:4f:
84:4c:be:7e:85:bb:77:ef:5a:80:0e:51:0d:fb:a4:
f6:dd:36:ed:d7:9a:de:d5:e7:15:e6:45:77:3a:dc:
3c:24:41:81:34:a7:3a:93:8a:66:8d:1e:41:fb:3a:
e5:97:1c:f8:b3:d8:ba:39:4e:41:7f:b4:b2:5f:ca:
cd:1d:13:03:eb:51:a3:61:aa:59:78:f2:40:ee:33:
bc:16:d6:00:e1:49:86:f0:f0:6f:10:97:3f:71:53:
9d:d2:e4:d7:49:45:52:ae:9e:9c:e3:4a:85:63:1b:
93:28:33:98:b0:b2:41:ba:a1:b0:c2:e4:f1:8f:7c:
3b:16:cb:38:97:8b:32:2f:c1:80:d0:a3:a4:0f:8e:
2e:29:26:0d:fc:7c:86:22:8a:48:b9:f6:b5:5c:f4:
67:b1:bc:c8:17:c8:a8:59:d3:4d:5b:5d:95:e5:3c:
6d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:53:48:0C:0B:32:05:89:6B:00:58:A8:98:74:24:80:99:BF:09:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91cdfe9a-e33d-4191-aea0-e84dab2bc692.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:b000::/40
Signature Algorithm: sha256WithRSAEncryption
51:1b:2b:eb:04:35:cc:e1:d6:dd:6a:33:f5:83:32:2d:97:df:
ca:57:23:c3:a5:78:ec:b8:9d:58:5d:e6:e7:a7:b0:36:15:e5:
a1:45:1f:51:e3:3a:2b:31:4a:79:df:5f:fd:4d:73:75:9a:6b:
c4:00:ce:86:24:bb:37:7b:94:66:47:c2:15:7e:6f:d1:3a:22:
93:ba:5f:99:2f:a4:9c:f5:dd:91:72:a1:f0:7a:d3:93:e1:8c:
a1:aa:dd:71:e8:40:46:8b:cf:95:e0:4b:3d:8d:40:34:21:25:
39:4a:65:ad:e9:eb:01:b8:ba:57:35:88:50:88:c4:5c:75:2c:
47:fc:8c:b2:10:f1:da:89:9a:9e:0c:5e:73:12:32:f5:64:0a:
a0:bf:67:53:70:8b:2d:aa:e1:b1:65:3f:b2:66:f5:84:06:d9:
e6:43:4d:bd:2c:94:a6:ed:9b:62:a3:4a:08:6f:2f:cb:ed:9e:
98:29:3c:2b:60:33:62:68:96:98:59:8d:d6:ba:19:23:4e:19:
cd:75:3d:be:0e:3a:4f:76:3a:7e:e7:89:53:71:8b:24:7c:1a:
d5:7a:2b:6c:c6:d1:28:6a:2f:db:dd:bc:d5:58:a5:15:52:fb:
56:a2:7e:60:68:e4:7c:13:7a:7f:82:c4:55:4f:78:81:15:ab:
11:d1:e3:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHUjPa+GkYK8Wk3VDtCV/Wau5aZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAyMDFaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1YTIzODNiYzQ1MTc5NTc0YTk0OGY0N2UxZmU3OTQ1NmQwNTc4YjAyMTAx
NzAyMDQ4MzFkYTQwYzViNGUwNmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANfJSdZ1fCJRr5J+iHgfz7nzU9UWrFn/R+srLWlCx58zr+qdvNonZ6Ad2VDO
6uRa6zZUpBZGW/M20jFQt4jAQsYabNS/UYnxMX6coBapMZ1r77RczX6qQZpPhEy+
foW7d+9agA5RDfuk9t027dea3tXnFeZFdzrcPCRBgTSnOpOKZo0eQfs65Zcc+LPY
ujlOQX+0sl/KzR0TA+tRo2GqWXjyQO4zvBbWAOFJhvDwbxCXP3FTndLk10lFUq6e
nONKhWMbkygzmLCyQbqhsMLk8Y98OxbLOJeLMi/BgNCjpA+OLikmDfx8hiKKSLn2
tVz0Z7G8yBfIqFnTTVtdleU8bQcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJU0gM
CzIFiWsAWKiYdCSAmb8JkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTFjZGZlOWEtZTMzZC00MTkxLWFlYTAtZTg0ZGFiMmJjNjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqw
MA0GCSqGSIb3DQEBCwUAA4IBAQBRGyvrBDXM4dbdajP1gzItl9/KVyPDpXjsuJ1Y
Xebnp7A2FeWhRR9R4zorMUp531/9TXN1mmvEAM6GJLs3e5RmR8IVfm/ROiKTul+Z
L6Sc9d2RcqHwetOT4Yyhqt1x6EBGi8+V4Es9jUA0ISU5SmWt6esBuLpXNYhQiMRc
dSxH/IyyEPHaiZqeDF5zEjL1ZAqgv2dTcIstquGxZT+yZvWEBtnmQ029LJSm7Zti
o0oIby/L7Z6YKTwrYDNiaJaYWY3WuhkjThnNdT2+DjpPdjp+54lTcYskfBrVeits
xtEoai/b3bzVWKUVUvtWon5gaOR8E3p/gsRVT3iBFasR0ePZ
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:03:43 2026 by rpki-client