Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
File: e84166dd-4497-414d-9864-983017c7c326.roa (raw, json)
Hash identifier: G2dqHoyLsUWmkgG4yjZYtVzsOqToAp07NBbI9Rw6Xwc=
Subject key identifier: 1C:38:88:7C:29:D4:4C:76:47:45:FE:0C:0B:97:AB:5E:AB:C7:C6:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73070BC8CF552A4E034DEAF4B96DD3D3B00AADDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
Signing time: Tue 19 May 2026 05:20:06 +0000
ROA not before: Tue 19 May 2026 05:20:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:07:0b:c8:cf:55:2a:4e:03:4d:ea:f4:b9:6d:d3:d3:b0:0a:ad:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f90f1a1ef0aa0f4ca6eab3e7a023af98dd4baecfcadb94f37588508ac1d742db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f0:67:c5:9c:42:8c:1b:3d:d3:ce:db:1a:6a:
59:6f:d2:5b:5c:a4:a3:42:2b:a2:54:c8:94:f6:d6:
01:2c:12:a3:c1:19:8b:89:43:39:9b:d8:33:29:98:
33:99:91:1d:22:17:35:9a:44:97:80:a7:11:a5:51:
0a:76:2d:90:e0:e8:78:7d:2f:5e:31:13:c7:9e:a7:
b7:96:42:4c:03:5d:e4:6f:af:08:b1:25:2a:d0:05:
27:e4:71:c6:fb:d1:02:bd:24:fa:05:f2:27:ac:e7:
10:ed:3c:7a:23:4a:dd:f9:37:8f:ab:d8:0b:65:93:
d7:77:b4:1b:63:c2:56:d3:41:f3:42:de:28:14:12:
5d:a8:bf:01:2a:ae:14:56:c0:ed:03:a8:ea:ae:b0:
8b:ea:b4:af:00:b7:b5:90:5d:7b:bf:3d:0f:33:c1:
d0:4b:b1:8b:e7:6d:ee:22:6b:02:80:fe:65:dd:24:
10:bd:8e:7d:b8:9d:5a:f2:27:df:76:dd:dd:4e:e6:
ba:0e:3b:89:8e:36:d6:c3:57:16:e4:f4:3b:8a:33:
83:cc:05:11:74:57:52:d1:4e:11:d4:e8:45:8d:73:
f1:05:03:56:86:b3:c7:de:80:92:73:84:5e:30:e4:
6f:e2:61:1d:ce:c9:50:28:2b:23:e1:16:a7:d7:db:
6e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:38:88:7C:29:D4:4C:76:47:45:FE:0C:0B:97:AB:5E:AB:C7:C6:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:5000::/40
Signature Algorithm: sha256WithRSAEncryption
27:f7:b6:a5:b8:18:6f:4d:8f:87:67:73:d6:9d:55:ee:47:6c:
bd:85:72:bf:d3:91:da:76:1b:25:70:aa:0c:2f:1e:3a:9f:7e:
5b:59:81:f0:5d:1d:75:42:19:0d:ee:18:49:9b:d0:f9:2d:71:
4c:c2:6b:08:bb:51:05:0c:6d:6c:70:a6:2f:94:f9:73:22:1a:
45:d4:1b:61:6b:ad:25:47:18:74:19:6f:d9:16:6f:7e:26:dc:
67:40:4f:8d:3a:3c:38:7a:d6:32:91:28:33:20:65:5e:fa:0a:
d5:88:12:d6:d6:49:62:cb:72:95:e7:e9:a1:80:7f:f1:6b:f1:
a2:e3:1a:7e:de:d1:48:4f:ab:7e:54:e3:89:cd:ed:df:4e:e9:
fe:e4:4f:7c:6e:7e:0e:00:79:12:b7:38:e5:93:41:c7:ee:17:
6a:35:9c:59:d5:7c:6f:5d:42:db:22:54:ca:9d:a6:e4:60:c7:
ca:77:14:48:50:df:09:e1:39:a0:53:74:e3:2d:d9:f1:f7:c2:
39:76:d4:82:f8:ea:b4:57:d7:1a:4e:48:9a:bd:fb:26:ad:1b:
11:75:28:bd:30:50:8d:5b:ea:fa:1d:ce:59:07:90:9f:ba:68:
5d:c5:bd:20:09:7a:ee:dd:22:10:db:c5:71:06:69:58:89:b0:
06:4a:c8:90
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcwcLyM9VKk4DTer0uW3T07AKrdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MGYxYTFlZjBhYTBmNGNhNmVhYjNlN2EwMjNhZjk4ZGQ0YmFlY2ZjYWRi
OTRmMzc1ODg1MDhhYzFkNzQyZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3wZ8WcQowbPdPO2xpqWW/SW1yko0IrolTIlPbWASwSo8EZi4lDOZvYMymY
M5mRHSIXNZpEl4CnEaVRCnYtkODoeH0vXjETx56nt5ZCTANd5G+vCLElKtAFJ+Rx
xvvRAr0k+gXyJ6znEO08eiNK3fk3j6vYC2WT13e0G2PCVtNB80LeKBQSXai/ASqu
FFbA7QOo6q6wi+q0rwC3tZBde789DzPB0Euxi+dt7iJrAoD+Zd0kEL2OfbidWvIn
33bd3U7mug47iY421sNXFuT0O4ozg8wFEXRXUtFOEdToRY1z8QUDVoazx96AknOE
XjDkb+JhHc7JUCgrI+EWp9fbbukCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcOIh8
KdRMdkdF/gwLl6teq8fGBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg0MTY2ZGQtNDQ5Ny00MTRkLTk4NjQtOTgzMDE3YzdjMzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAn97aluBhvTY+HZ3PWnVXuR2y9hXK/05Hadhsl
cKoMLx46n35bWYHwXR11QhkN7hhJm9D5LXFMwmsIu1EFDG1scKYvlPlzIhpF1Bth
a60lRxh0GW/ZFm9+JtxnQE+NOjw4etYykSgzIGVe+grViBLW1kliy3KV5+mhgH/x
a/Gi4xp+3tFIT6t+VOOJze3fTun+5E98bn4OAHkStzjlk0HH7hdqNZxZ1XxvXULb
IlTKnabkYMfKdxRIUN8J4TmgU3TjLdnx98I5dtSC+Oq0V9caTkiavfsmrRsRdSi9
MFCNW+r6Hc5ZB5Cfumhdxb0gCXru3SIQ28VxBmlYibAGSsiQ
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:45 2026 by rpki-client