Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
File: e279c5e7-6144-440a-9f1d-2013fb96d06a.roa (raw, json)
Hash identifier: 9USCYbzE7G7peZyaNNfv0FzTrJ/hBzarK2RJtYm7Mxg=
Subject key identifier: 81:C8:49:12:9C:E4:95:EF:4F:91:5B:96:F1:AC:A4:CF:9C:BF:E9:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 664459F813C2C56FD5D87C79D93965ECCCDD6444
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
Signing time: Tue 19 May 2026 05:01:11 +0000
ROA not before: Tue 19 May 2026 05:01:11 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:44:59:f8:13:c2:c5:6f:d5:d8:7c:79:d9:39:65:ec:cc:dd:64:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:01:11 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=5547de96cac5ad32b1e1801cf5e59acdd0d96006bacf030164ca33f1908c4c31, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:df:a3:9c:31:98:ab:f0:9b:eb:92:15:14:9b:
73:6d:54:e9:0b:d7:5c:f8:a8:6d:82:66:f3:72:c8:
65:4a:8a:a8:b6:72:8a:93:b1:48:28:1b:16:dd:16:
a6:d5:b7:b9:4c:b5:1f:41:a2:29:4b:ae:55:b8:5f:
44:42:c4:37:3f:bf:c7:a8:4a:bc:88:4b:bb:10:7a:
25:5f:f0:48:89:b7:79:bb:3f:0e:09:52:6f:39:3b:
c7:02:25:ae:36:65:05:e8:7c:a3:14:f8:ab:74:ce:
ea:59:d9:aa:c8:a1:72:ff:5e:c6:a8:89:7b:8f:08:
0e:bf:ff:48:ed:00:80:63:1a:08:70:84:ed:8d:b3:
0e:d7:2c:f8:c9:7f:5f:49:74:b7:0d:32:ad:43:66:
94:07:60:d7:38:c1:e6:0b:51:88:f1:51:e9:9c:0c:
ff:f7:18:7a:2e:de:22:42:64:f7:27:16:1f:ad:87:
0b:2e:5d:c4:b2:47:31:88:df:3e:47:86:ad:45:23:
86:08:71:d0:61:c4:79:60:98:ce:da:2e:a2:83:3e:
8a:dd:7b:b5:f6:e1:fd:99:dd:1f:bb:50:95:6d:b0:
b2:ac:b6:a9:36:71:d4:b3:dd:91:73:86:a4:bd:e8:
31:0d:82:89:6e:7a:5f:70:f2:9f:0d:28:92:72:bc:
74:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C8:49:12:9C:E4:95:EF:4F:91:5B:96:F1:AC:A4:CF:9C:BF:E9:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:2000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:96:10:42:18:ed:95:4f:3e:3a:2a:4d:87:55:7b:01:7d:3a:
55:b2:78:ef:0e:3d:03:2d:2a:cf:e7:fa:94:33:ca:48:0a:55:
57:44:68:97:20:88:16:b6:94:9f:1b:9e:20:f6:71:b5:a7:c8:
f2:f3:3c:c4:b0:bc:ca:c4:9d:18:f9:66:c5:e2:15:42:a3:9f:
a9:8e:04:9d:ca:94:8e:52:04:63:64:b3:ba:b9:f6:7b:46:92:
c2:ad:c6:26:ed:c3:ca:a8:49:0f:07:61:70:49:19:da:2e:2e:
47:e4:36:65:43:45:ef:00:b6:ac:75:55:73:ac:c6:1a:53:b1:
a0:22:4d:df:8d:8e:77:46:3e:74:ea:00:2b:2f:aa:df:04:f8:
ef:0d:5b:b7:26:16:b5:51:18:0f:44:13:24:9d:f6:e3:39:05:
16:16:de:3f:1d:08:b0:2a:37:4f:50:59:0a:d4:3f:6f:44:b1:
68:24:a6:ef:83:e5:0c:df:72:bf:96:8c:68:07:c2:76:14:4e:
62:d8:28:39:98:02:6b:ab:e6:c8:b2:27:9d:e9:c8:31:b7:d8:
2f:3c:42:75:36:c5:b6:b7:c3:65:4b:ef:dc:c9:2a:7f:ad:ec:
9d:2c:17:58:3f:81:e7:6a:f7:c2:7f:a8:63:56:4d:26:45:ae:
5c:eb:77:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZkRZ+BPCxW/V2Hx52Tll7MzdZEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAxMTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1NDdkZTk2Y2FjNWFkMzJiMWUxODAxY2Y1ZTU5YWNkZDBkOTYwMDZiYWNm
MDMwMTY0Y2EzM2YxOTA4YzRjMzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnfo5wxmKvwm+uSFRSbc21U6QvXXPiobYJm83LIZUqKqLZyipOxSCgbFt0W
ptW3uUy1H0GiKUuuVbhfRELENz+/x6hKvIhLuxB6JV/wSIm3ebs/DglSbzk7xwIl
rjZlBeh8oxT4q3TO6lnZqsihcv9exqiJe48IDr//SO0AgGMaCHCE7Y2zDtcs+Ml/
X0l0tw0yrUNmlAdg1zjB5gtRiPFR6ZwM//cYei7eIkJk9ycWH62HCy5dxLJHMYjf
PkeGrUUjhghx0GHEeWCYztouooM+it17tfbh/ZndH7tQlW2wsqy2qTZx1LPdkXOG
pL3oMQ2CiW56X3Dynw0oknK8dMcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSByEkS
nOSV70+RW5bxrKTPnL/pgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTI3OWM1ZTctNjE0NC00NDBhLTlmMWQtMjAxM2ZiOTZkMDZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIg
MA0GCSqGSIb3DQEBCwUAA4IBAQCflhBCGO2VTz46Kk2HVXsBfTpVsnjvDj0DLSrP
5/qUM8pIClVXRGiXIIgWtpSfG54g9nG1p8jy8zzEsLzKxJ0Y+WbF4hVCo5+pjgSd
ypSOUgRjZLO6ufZ7RpLCrcYm7cPKqEkPB2FwSRnaLi5H5DZlQ0XvALasdVVzrMYa
U7GgIk3fjY53Rj506gArL6rfBPjvDVu3Jha1URgPRBMknfbjOQUWFt4/HQiwKjdP
UFkK1D9vRLFoJKbvg+UM33K/loxoB8J2FE5i2Cg5mAJrq+bIsied6cgxt9gvPEJ1
NsW2t8NlS+/cySp/reydLBdYP4HnavfCf6hjVk0mRa5c63cy
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:42 2026 by rpki-client