Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a799a36-6e8c-4ca7-be23-5388518d8f95.roa
File: 4a799a36-6e8c-4ca7-be23-5388518d8f95.roa (raw, json)
Hash identifier: k4YpXTPH/PT0JqxjxgCF+IIp84QsWHcN5kCbHyro+R8=
Subject key identifier: 87:53:4D:44:A1:D7:AA:32:6B:C6:86:32:2A:85:1E:01:6D:15:93:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5110E882B8F2ED839E77B16C704EF2BCECD6AA2D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a799a36-6e8c-4ca7-be23-5388518d8f95.roa
Signing time: Mon 27 Apr 2026 00:40:03 +0000
ROA not before: Mon 27 Apr 2026 00:40:03 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01f::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:10:e8:82:b8:f2:ed:83:9e:77:b1:6c:70:4e:f2:bc:ec:d6:aa:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:40:03 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=e46b61d728e9bee3542678d580fb36f0f77eb123c1f09f8f7c208b73efd91661, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:07:29:36:5c:21:da:64:ae:9c:fe:a9:82:b1:
73:77:12:e2:f9:2d:38:ed:bd:e3:6c:c0:fe:e9:09:
6c:09:72:a2:ef:10:fb:22:4c:f0:d1:77:d5:c4:7d:
a2:96:02:67:f2:b5:07:3e:be:68:61:d8:7a:ea:32:
d1:61:f1:77:68:96:24:34:2a:56:68:04:26:78:e3:
82:25:a6:b4:fb:df:c4:c7:4a:5d:bf:9f:61:c7:40:
79:e3:e3:db:40:ae:cd:2c:1d:25:40:0d:ac:87:dc:
3b:fc:72:d5:f1:98:15:dd:27:97:00:1f:5d:51:11:
f4:0b:b7:1e:58:2e:b6:67:af:b8:58:2c:be:10:36:
40:84:9b:0e:91:80:e2:77:2e:10:15:80:69:64:3e:
3a:3c:03:d2:f1:08:1a:6f:8c:c1:9a:6c:4a:8b:79:
3f:7b:d6:2b:84:d9:a4:50:11:45:b6:1c:01:29:a7:
8a:40:2a:cd:40:af:c1:9d:08:50:b5:f0:00:d5:c9:
c4:d8:fd:41:14:19:df:27:6d:19:74:a7:8b:33:f6:
50:df:83:06:e2:05:a4:48:d4:c5:71:ad:73:99:90:
ba:c4:54:30:10:2d:86:89:6d:8f:44:cc:3b:87:cf:
f2:27:0d:f5:df:63:b1:60:f1:ee:af:05:48:2e:28:
71:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:53:4D:44:A1:D7:AA:32:6B:C6:86:32:2A:85:1E:01:6D:15:93:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a799a36-6e8c-4ca7-be23-5388518d8f95.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f::/36
Signature Algorithm: sha256WithRSAEncryption
a9:06:2b:6c:af:69:d8:48:dd:ab:99:c9:7e:f9:06:85:79:9d:
74:9d:cf:4b:39:7d:88:bd:18:ff:1d:7d:c5:b1:b3:b2:67:e4:
46:99:5b:34:c8:e7:60:96:68:aa:7e:4f:90:32:96:56:66:b0:
88:5e:12:5c:35:3e:0b:4a:a2:a3:d1:58:52:ea:dc:29:7c:84:
5a:da:c0:b6:d7:7b:93:36:7d:6d:22:30:c6:f2:34:70:01:15:
c3:9a:2c:8b:9b:af:e6:0a:16:7b:5a:4c:e1:af:b0:31:0e:26:
e0:4f:77:45:13:09:8c:11:e6:58:f8:2d:1f:e4:6c:77:8a:6e:
d6:2d:56:6e:84:1e:c8:37:75:a4:54:e5:c9:62:7b:da:18:2d:
e6:d7:87:b5:01:d8:fc:62:ef:23:7c:4c:59:3e:42:46:a2:ca:
92:b9:8c:bf:71:b1:b4:ff:2b:14:2c:6a:95:11:03:09:29:bf:
2c:cd:ae:1f:e7:69:d7:ca:00:8b:30:30:c9:c0:05:69:4d:4a:
0f:61:c5:3f:6f:f3:58:ec:c8:a6:c0:fb:9c:3e:13:64:f4:84:
34:2f:14:d4:5b:6c:bf:65:87:43:1f:d5:17:eb:27:b1:83:ee:
92:51:ff:5c:d9:2a:4c:12:76:da:14:84:3b:12:0c:ac:6b:8d:
43:f4:bb:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUURDogrjy7YOed7FscE7yvOzWqi0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDQwMDNaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NmI2MWQ3MjhlOWJlZTM1NDI2NzhkNTgwZmIzNmYwZjc3ZWIxMjNjMWYw
OWY4ZjdjMjA4YjczZWZkOTE2NjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANoHKTZcIdpkrpz+qYKxc3cS4vktOO2942zA/ukJbAlyou8Q+yJM8NF31cR9
opYCZ/K1Bz6+aGHYeuoy0WHxd2iWJDQqVmgEJnjjgiWmtPvfxMdKXb+fYcdAeePj
20CuzSwdJUANrIfcO/xy1fGYFd0nlwAfXVER9Au3HlgutmevuFgsvhA2QISbDpGA
4ncuEBWAaWQ+OjwD0vEIGm+MwZpsSot5P3vWK4TZpFARRbYcASmnikAqzUCvwZ0I
ULXwANXJxNj9QRQZ3ydtGXSnizP2UN+DBuIFpEjUxXGtc5mQusRUMBAtholtj0TM
O4fP8icN9d9jsWDx7q8FSC4ocdECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHU01E
odeqMmvGhjIqhR4BbRWTxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGE3OTlhMzYtNmU4Yy00Y2E3LWJlMjMtNTM4ODUxOGQ4Zjk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B8A
MA0GCSqGSIb3DQEBCwUAA4IBAQCpBitsr2nYSN2rmcl++QaFeZ10nc9LOX2IvRj/
HX3FsbOyZ+RGmVs0yOdglmiqfk+QMpZWZrCIXhJcNT4LSqKj0VhS6twpfIRa2sC2
13uTNn1tIjDG8jRwARXDmiyLm6/mChZ7Wkzhr7AxDibgT3dFEwmMEeZY+C0f5Gx3
im7WLVZuhB7IN3WkVOXJYnvaGC3m14e1Adj8Yu8jfExZPkJGosqSuYy/cbG0/ysU
LGqVEQMJKb8sza4f52nXygCLMDDJwAVpTUoPYcU/b/NY7MimwPucPhNk9IQ0LxTU
W2y/ZYdDH9UX6yexg+6SUf9c2SpMEnbaFIQ7Egysa41D9Lsv
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:35:17 2026 by rpki-client