Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93c73d28-6ada-4f65-bb8d-8fbee434c001.roa
File: 93c73d28-6ada-4f65-bb8d-8fbee434c001.roa (raw, json)
Hash identifier: x029BmLtjWUifrK6qBQgevNEqQfj8Ru7gaYfSlTzQ+8=
Subject key identifier: B9:5C:24:93:36:F4:2E:73:F9:CC:C2:FB:0A:A8:FF:C6:AF:C9:67:09
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A199941C565A67EBBEB845C01CC0AE55E09B1D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93c73d28-6ada-4f65-bb8d-8fbee434c001.roa
Signing time: Tue 19 May 2026 05:00:56 +0000
ROA not before: Tue 19 May 2026 05:00:56 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:19:99:41:c5:65:a6:7e:bb:eb:84:5c:01:cc:0a:e5:5e:09:b1:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:56 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=774ef00a4c3a6a65807d7d2f1d4ebac393564028da70d6e943d8aee6bed04b28, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:72:15:7e:56:57:9e:60:93:8f:e5:c1:38:51:
0c:3d:99:68:60:da:0c:c6:4f:9a:98:be:e6:15:c2:
d5:97:0f:84:07:c1:1f:08:cb:f1:62:d5:4e:c5:91:
7a:d8:f7:ac:42:a5:24:2e:08:12:5d:15:b2:af:5e:
78:6c:70:15:b5:b4:53:a8:3f:01:97:7e:37:9d:95:
30:9c:75:0b:8a:a0:e4:34:56:c9:2e:31:15:8d:f4:
77:80:e4:47:4b:dd:3e:98:28:81:f8:f1:a8:ed:13:
c1:46:ed:6d:b7:b3:71:f0:8b:03:3b:20:eb:06:d8:
2e:5b:6d:97:40:0d:b6:d6:42:ee:06:96:73:da:0e:
75:2a:f1:f7:ea:58:66:46:1e:32:67:76:98:08:ef:
43:c8:1c:f4:47:a0:cb:ef:13:1b:71:14:07:2d:7a:
e8:9d:73:ae:d9:04:bb:39:3b:71:de:3d:74:af:c6:
e0:0d:c1:08:cc:8a:d7:b9:70:ef:85:cc:75:8b:17:
ef:c2:b2:33:e7:ef:9e:ed:95:79:c4:44:4a:e2:f7:
ab:d5:cd:26:07:da:47:32:10:9c:d8:b5:e2:6c:e2:
ef:8b:0f:7f:b6:7c:b2:83:eb:d2:60:77:7d:90:b6:
cc:1e:23:70:d5:4f:b7:e4:35:4a:79:41:26:7d:e3:
d0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:5C:24:93:36:F4:2E:73:F9:CC:C2:FB:0A:A8:FF:C6:AF:C9:67:09
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93c73d28-6ada-4f65-bb8d-8fbee434c001.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:400::/38
Signature Algorithm: sha256WithRSAEncryption
0e:3b:32:1e:b7:e9:5a:be:a5:69:cb:86:31:23:19:42:10:20:
bc:ba:e4:a3:de:54:ff:fd:20:e4:2d:40:87:06:ee:65:72:36:
5a:6a:00:89:c1:74:b2:95:ed:f5:1a:2b:84:c5:69:c0:d7:78:
ff:8e:63:7c:96:89:11:e9:06:68:08:8e:10:b8:b8:6f:04:d1:
e3:32:be:89:5c:98:f0:b0:6b:4e:89:43:37:d4:3b:cc:0d:f1:
06:fa:99:b8:42:fa:ea:5e:14:b7:0b:51:3f:a8:6e:29:03:a3:
b5:d0:c2:d3:ac:cf:9b:56:ed:26:8a:03:4c:d5:37:bb:dc:3a:
c7:d8:ed:b6:f4:d2:76:d1:76:ac:df:f3:1a:eb:51:25:d5:06:
a4:87:f5:78:83:22:19:42:17:98:70:0f:73:9f:65:09:9f:98:
9c:d3:c5:6a:a2:7f:7d:24:9a:9a:05:a6:d3:c7:87:7c:7b:e5:
0f:10:b7:cb:de:fe:5f:61:ea:74:53:66:fb:26:60:30:a0:cb:
79:a5:d2:d4:38:9c:0d:a2:bf:4b:e7:ce:c2:5f:79:4e:a6:f5:
2e:00:16:13:8a:26:8c:a6:36:f8:d2:14:59:57:cc:b8:2c:3d:
5b:c2:79:db:a7:d8:39:9e:61:33:1b:97:e1:19:70:ed:d7:46:
f3:07:f9:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUehmZQcVlpn6764RcAcwK5V4JsdQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNTZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3NGVmMDBhNGMzYTZhNjU4MDdkN2QyZjFkNGViYWMzOTM1NjQwMjhkYTcw
ZDZlOTQzZDhhZWU2YmVkMDRiMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRyFX5WV55gk4/lwThRDD2ZaGDaDMZPmpi+5hXC1ZcPhAfBHwjL8WLVTsWR
etj3rEKlJC4IEl0Vsq9eeGxwFbW0U6g/AZd+N52VMJx1C4qg5DRWyS4xFY30d4Dk
R0vdPpgogfjxqO0TwUbtbbezcfCLAzsg6wbYLlttl0ANttZC7gaWc9oOdSrx9+pY
ZkYeMmd2mAjvQ8gc9Eegy+8TG3EUBy166J1zrtkEuzk7cd49dK/G4A3BCMyK17lw
74XMdYsX78KyM+fvnu2VecRESuL3q9XNJgfaRzIQnNi14mzi74sPf7Z8soPr0mB3
fZC2zB4jcNVPt+Q1SnlBJn3j0E0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5XCST
NvQuc/nMwvsKqP/Gr8lnCTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTNjNzNkMjgtNmFkYS00ZjY1LWJiOGQtOGZiZWU0MzRjMDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUE
MA0GCSqGSIb3DQEBCwUAA4IBAQAOOzIet+lavqVpy4YxIxlCECC8uuSj3lT//SDk
LUCHBu5lcjZaagCJwXSyle31GiuExWnA13j/jmN8lokR6QZoCI4QuLhvBNHjMr6J
XJjwsGtOiUM31DvMDfEG+pm4QvrqXhS3C1E/qG4pA6O10MLTrM+bVu0migNM1Te7
3DrH2O229NJ20Xas3/Ma61El1Qakh/V4gyIZQheYcA9zn2UJn5ic08Vqon99JJqa
BabTx4d8e+UPELfL3v5fYep0U2b7JmAwoMt5pdLUOJwNor9L587CX3lOpvUuABYT
iiaMpjb40hRZV8y4LD1bwnnbp9g5nmEzG5fhGXDt10bzB/mb
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:17 2026 by rpki-client