Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa
File: 9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa (raw, json)
Hash identifier: IXekEZYIbAcg0XMCU4FG2xLAVQISyT3Z5yqr5RNZBHQ=
Subject key identifier: C9:EB:DD:D8:43:54:5B:8D:3C:B8:56:45:67:8E:E8:F5:AD:F6:24:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C550154E0725C9C73A3369C249CDF57F6EAEF3D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa
Signing time: Fri 15 May 2026 03:50:12 +0000
ROA not before: Fri 15 May 2026 03:50:12 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:55:01:54:e0:72:5c:9c:73:a3:36:9c:24:9c:df:57:f6:ea:ef:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 03:50:12 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=eda40e32665b40e2c6f6e04964ce80dd07ed965e8afd14c20718daf483b99ca7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:79:c4:0a:b3:a3:61:df:46:0e:74:35:94:59:
61:11:30:4d:c2:fe:7d:1d:b8:91:d3:e8:17:c7:a8:
63:4c:a3:18:99:b4:74:7c:6d:02:5d:16:1e:97:be:
b3:1b:f8:65:f0:15:65:db:0e:47:33:99:88:99:ac:
5b:87:7f:d4:cb:58:87:19:6c:13:dc:12:3b:e7:51:
65:13:a7:a1:96:d8:1c:fd:4d:63:8a:a2:7d:e2:a7:
36:54:cf:c1:1e:88:a0:ea:1d:c2:eb:a8:16:2c:c1:
2b:b4:38:9a:13:2d:c6:0f:35:59:3e:90:ed:b2:03:
54:d5:d3:41:67:55:8e:9d:f5:9c:0f:4f:d0:3f:d3:
a0:18:7a:77:ef:ab:73:92:3a:a1:4a:39:29:b9:78:
8f:aa:9f:89:32:51:47:e8:9c:85:71:37:17:6c:12:
da:9b:fc:2c:9e:96:cd:e0:2e:52:b1:14:24:f1:db:
cd:7f:aa:90:56:6d:79:67:40:78:11:93:9c:7a:7b:
f7:94:07:91:2a:f6:f3:79:1d:b8:a7:98:ad:2e:2b:
43:94:1f:f2:aa:b2:bd:51:21:83:75:38:5d:40:39:
a1:d9:8f:21:72:09:87:7a:0b:c9:5e:57:fe:b4:41:
d7:8f:97:2b:9c:43:ff:53:55:58:91:29:af:5b:8e:
50:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:EB:DD:D8:43:54:5B:8D:3C:B8:56:45:67:8E:E8:F5:AD:F6:24:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b1:6f:fd:7e:f5:36:38:4e:81:11:c7:5f:79:2f:74:ca:08:86:
45:a6:92:ae:04:18:9d:76:a5:9b:78:e6:94:fb:46:3e:2c:d3:
d2:14:6b:a5:d5:ff:49:62:c4:38:a1:a3:f1:4d:9b:a9:cf:4b:
d9:27:8c:8b:a6:e5:4d:83:8d:20:0b:cc:8d:ae:70:4c:e4:38:
65:60:c7:78:32:80:69:9f:de:db:37:46:65:56:36:1c:5a:5f:
ef:a5:98:ea:45:63:62:2f:6c:fe:57:1c:1c:57:ed:b9:9e:a0:
d2:eb:62:55:99:f7:4d:70:07:25:6a:ec:0a:4f:69:94:e0:34:
5d:fb:a1:80:31:8e:51:ff:d2:37:09:64:b4:16:61:de:f9:fd:
c4:87:66:83:e9:24:52:41:fa:ba:e2:25:25:3a:57:23:f1:bc:
70:2f:90:e5:af:d9:9e:59:9e:3e:b9:43:f3:6f:07:dc:71:43:
9a:c5:28:bb:85:b3:16:c8:9d:c1:cd:b3:61:99:f7:14:a0:5f:
51:6b:1a:6d:77:0d:e3:9c:64:40:b8:67:0a:09:e0:fe:7d:32:
a6:60:a9:c3:3a:2c:4a:72:11:36:50:a7:a7:f7:98:d3:16:16:
12:ff:40:0e:8f:ad:99:f4:20:c1:0a:b2:72:32:70:0f:13:1e:
76:e3:99:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPFUBVOByXJxzozacJJzfV/bq7z0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMzUwMTJaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkYTQwZTMyNjY1YjQwZTJjNmY2ZTA0OTY0Y2U4MGRkMDdlZDk2NWU4YWZk
MTRjMjA3MThkYWY0ODNiOTljYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJ5xAqzo2HfRg50NZRZYREwTcL+fR24kdPoF8eoY0yjGJm0dHxtAl0WHpe+
sxv4ZfAVZdsORzOZiJmsW4d/1MtYhxlsE9wSO+dRZROnoZbYHP1NY4qifeKnNlTP
wR6IoOodwuuoFizBK7Q4mhMtxg81WT6Q7bIDVNXTQWdVjp31nA9P0D/ToBh6d++r
c5I6oUo5Kbl4j6qfiTJRR+ichXE3F2wS2pv8LJ6WzeAuUrEUJPHbzX+qkFZteWdA
eBGTnHp795QHkSr283kduKeYrS4rQ5Qf8qqyvVEhg3U4XUA5odmPIXIJh3oLyV5X
/rRB14+XK5xD/1NVWJEpr1uOUMUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJ693Y
Q1RbjTy4VkVnjuj1rfYkjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE1YTVhNWEtZmQ1OS00MDQ4LTg3NWMtZjBlNzRlYzBhMGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hvg
MA0GCSqGSIb3DQEBCwUAA4IBAQCxb/1+9TY4ToERx195L3TKCIZFppKuBBiddqWb
eOaU+0Y+LNPSFGul1f9JYsQ4oaPxTZupz0vZJ4yLpuVNg40gC8yNrnBM5DhlYMd4
MoBpn97bN0ZlVjYcWl/vpZjqRWNiL2z+VxwcV+25nqDS62JVmfdNcAclauwKT2mU
4DRd+6GAMY5R/9I3CWS0FmHe+f3Eh2aD6SRSQfq64iUlOlcj8bxwL5Dlr9meWZ4+
uUPzbwfccUOaxSi7hbMWyJ3BzbNhmfcUoF9Raxptdw3jnGRAuGcKCeD+fTKmYKnD
OixKchE2UKen95jTFhYS/0AOj62Z9CDBCrJyMnAPEx5245ki
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:48:04 2026 by rpki-client