Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
File: 1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa (raw, json)
Hash identifier: 88UM5l10DiaeP9jEwQnN1HSbb9YKIRKMMvXc+zGWmpo=
Subject key identifier: 79:06:A6:1F:CE:09:5D:FA:A3:BA:FE:16:BC:CF:AD:42:E8:E9:B8:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B70DDC753F279DEFF924BD4333CFBF11540A2D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
Signing time: Mon 27 Apr 2026 00:40:34 +0000
ROA not before: Mon 27 Apr 2026 00:40:34 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:70:dd:c7:53:f2:79:de:ff:92:4b:d4:33:3c:fb:f1:15:40:a2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:40:34 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=80796f7bc7f48f4ba069ad55cdb006c11931f9148cf25ea27833e4a2ed8d7ce0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0f:1f:2a:40:07:e4:52:8d:00:72:cd:7a:ce:
3c:8a:eb:7f:f6:95:d6:c0:95:8b:14:dd:7d:26:5f:
9c:04:d6:8a:75:88:23:1e:3c:31:40:fb:a7:41:4c:
fc:83:eb:ca:80:ba:fd:e9:a2:5a:e4:d4:a5:fc:57:
81:37:50:11:75:f8:83:81:f9:3e:69:75:74:01:a4:
f8:f6:02:d1:92:99:4d:60:65:f6:33:08:dd:8d:4d:
a6:02:3f:7f:89:87:06:ce:a4:65:0c:df:b3:9a:e8:
20:66:e3:88:63:be:fd:fc:9a:40:07:49:84:9c:46:
37:d9:8b:7e:c8:b5:c1:80:1b:b2:f5:60:4b:6c:6e:
ea:8c:8c:8b:7f:ea:bb:b2:ea:d2:b2:25:7a:f8:97:
e5:57:c4:b8:15:69:d3:98:da:e3:ee:b4:f5:56:42:
84:49:c4:e2:88:57:ba:8d:fc:fa:d2:ea:27:1c:a4:
fc:9a:25:cb:6f:fd:a7:4f:8f:d3:79:ad:27:8f:45:
3a:15:f7:7d:9d:52:04:f3:50:81:0a:e9:06:1e:33:
50:c4:6e:6f:25:00:e0:43:20:a2:2e:e2:2b:ed:ac:
60:e5:a0:8f:c5:8c:13:b2:4a:48:ee:de:8b:75:47:
d2:92:0d:59:ac:36:a3:0c:df:e1:25:9f:c8:4d:35:
6e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:06:A6:1F:CE:09:5D:FA:A3:BA:FE:16:BC:CF:AD:42:E8:E9:B8:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6000::/40
Signature Algorithm: sha256WithRSAEncryption
3a:91:cd:18:65:51:7e:e0:33:d4:09:4f:35:c2:36:2a:87:0a:
91:9e:93:d2:7c:3d:5f:f4:e3:cd:f9:7f:6f:04:d1:8e:c9:15:
30:64:0d:d9:63:e5:ed:2e:f6:4f:fc:60:00:a7:8a:60:1b:8f:
8c:03:12:aa:4f:6a:dc:bb:9a:ec:19:25:ca:cd:88:d1:d0:fe:
2b:fa:b8:6d:7f:27:b5:4b:ae:23:da:81:3c:92:9d:cc:6f:f0:
2e:b5:f1:11:02:c2:ff:20:f0:ae:a1:f4:0c:31:ea:b5:8c:a5:
c5:ed:1c:16:e8:d7:2d:a3:09:a5:c0:3a:fa:d6:8e:46:e7:8b:
5e:22:76:69:19:bb:ed:4d:34:53:73:61:d4:69:87:16:e7:77:
05:e3:2e:4a:cd:26:e4:59:9d:48:dc:79:c1:0d:01:ae:d4:6c:
a6:1e:07:7d:cb:44:30:d1:7f:7f:14:85:9f:7a:79:8a:56:50:
a5:c2:94:6a:19:01:32:63:52:96:2f:93:67:9d:7f:72:6c:2e:
d4:ab:48:26:3a:7d:1c:5b:61:f8:6b:8a:e7:80:0f:42:4f:bd:
52:79:60:15:3c:01:69:58:cf:81:99:6e:e6:0b:bd:32:23:5a:
e1:84:fd:c5:ae:d5:81:eb:81:50:8d:c3:33:0d:99:41:62:76:
4a:16:e8:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe3Ddx1Pyed7/kkvUMzz78RVAotMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDQwMzRaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNzk2ZjdiYzdmNDhmNGJhMDY5YWQ1NWNkYjAwNmMxMTkzMWY5MTQ4Y2Yy
NWVhMjc4MzNlNGEyZWQ4ZDdjZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIPHypAB+RSjQByzXrOPIrrf/aV1sCVixTdfSZfnATWinWIIx48MUD7p0FM
/IPryoC6/emiWuTUpfxXgTdQEXX4g4H5Pml1dAGk+PYC0ZKZTWBl9jMI3Y1NpgI/
f4mHBs6kZQzfs5roIGbjiGO+/fyaQAdJhJxGN9mLfsi1wYAbsvVgS2xu6oyMi3/q
u7Lq0rIleviX5VfEuBVp05ja4+609VZChEnE4ohXuo38+tLqJxyk/Joly2/9p0+P
03mtJ49FOhX3fZ1SBPNQgQrpBh4zUMRubyUA4EMgoi7iK+2sYOWgj8WME7JKSO7e
i3VH0pINWaw2owzf4SWfyE01btcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5BqYf
zgld+qO6/ha8z61C6Om4OTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJhMmQwNjMtOTE1Yi00ZWY1LWIxYjgtMDBkNzNkYzhhMzFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRg
MA0GCSqGSIb3DQEBCwUAA4IBAQA6kc0YZVF+4DPUCU81wjYqhwqRnpPSfD1f9OPN
+X9vBNGOyRUwZA3ZY+XtLvZP/GAAp4pgG4+MAxKqT2rcu5rsGSXKzYjR0P4r+rht
fye1S64j2oE8kp3Mb/AutfERAsL/IPCuofQMMeq1jKXF7RwW6NctowmlwDr61o5G
54teInZpGbvtTTRTc2HUaYcW53cF4y5KzSbkWZ1I3HnBDQGu1GymHgd9y0Qw0X9/
FIWfenmKVlClwpRqGQEyY1KWL5NnnX9ybC7Uq0gmOn0cW2H4a4rngA9CT71SeWAV
PAFpWM+BmW7mC70yI1rhhP3FrtWB64FQjcMzDZlBYnZKFuhl
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:32:19 2026 by rpki-client