Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
File: 90bd72ba-b30d-4433-a47e-e0543a4ea451.roa (raw, json)
Hash identifier: j2EHM+FA07daMMCCskmswL9rXpHaaSFxuXC1CsEOoNs=
Subject key identifier: 53:7E:01:B0:98:86:0A:EA:85:DD:5D:01:15:42:89:43:8E:64:31:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 745735587F9A8260908C574D5EFA82BCAF993077
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
Signing time: Tue 19 May 2026 04:50:24 +0000
ROA not before: Tue 19 May 2026 04:50:24 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 05:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:57:35:58:7f:9a:82:60:90:8c:57:4d:5e:fa:82:bc:af:99:30:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:24 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=cb716dd69e24fd8a55736e9571ddb47b4f278edaf6afb689e841e287178c8d4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:47:d2:f5:db:80:c7:05:00:f4:4d:88:65:44:
98:ff:cb:b9:62:4b:9d:f9:3e:c4:d0:6e:82:46:24:
89:6a:e4:bc:95:f6:f7:e9:c9:64:10:13:15:c5:f3:
51:b2:96:64:9d:f2:8d:73:26:d7:4f:23:c4:63:27:
7d:43:8f:51:8c:7e:38:e4:6a:ec:d1:6d:95:d1:4b:
dc:82:d5:59:59:b9:b2:12:a9:9d:44:d0:e3:6b:12:
80:48:2a:74:3c:49:3f:ca:76:73:b8:41:c9:0c:8e:
92:c4:61:a7:80:6b:68:55:ff:1c:4a:f0:f5:3a:10:
3f:e9:72:6c:78:2e:63:27:47:de:fc:3c:53:5e:14:
a9:76:31:59:e2:2e:71:9b:1a:b1:44:31:b2:d0:df:
21:cd:1d:2d:7a:74:64:39:d7:29:67:e0:26:ed:3c:
3c:4f:71:ce:76:01:97:29:81:9a:06:3c:81:6b:ac:
51:6f:27:ad:70:db:ab:45:26:91:78:d7:33:5e:78:
db:6c:ce:31:db:87:20:ce:b2:a1:c4:c6:34:0e:e9:
e1:52:90:97:bd:df:ae:06:d2:c4:58:b6:4b:ec:0f:
f4:c2:36:5c:fe:fb:3b:b4:c7:30:26:e7:25:b2:99:
44:0c:84:bb:b9:5b:37:0a:15:12:57:ac:38:7e:24:
0f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:7E:01:B0:98:86:0A:EA:85:DD:5D:01:15:42:89:43:8E:64:31:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:e000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:67:a8:92:24:47:8c:78:51:2e:17:1d:4d:e1:67:4c:59:a1:
d8:74:31:8b:d1:65:ab:81:2d:44:0e:56:f9:70:f1:45:7a:2a:
07:a5:06:0f:2c:ea:b3:0c:fb:09:cd:fa:25:d9:81:c2:f5:2c:
3c:07:45:b2:27:27:71:3d:ec:53:5c:77:71:ed:48:f0:e0:52:
5a:75:69:54:66:37:ee:62:fe:10:45:e8:e4:f2:26:6e:91:48:
8a:6e:18:f6:84:51:7f:32:70:10:e7:05:48:f2:92:1e:21:b1:
5b:c5:5d:d3:9a:a0:44:ad:8d:04:1c:59:1b:e2:c4:1f:43:6e:
d0:24:2e:f4:59:65:dc:50:0b:64:6d:59:22:20:e3:d7:39:90:
1f:70:a3:5a:bd:d6:f0:56:12:56:03:ce:d7:24:4d:24:c9:d7:
de:01:f9:35:30:04:56:c3:18:50:de:de:65:f5:d6:94:e5:a0:
1e:4e:98:13:0d:1a:90:02:1b:c4:ba:f5:1d:22:8a:3a:8d:51:
6b:e5:aa:45:40:09:a1:94:5f:75:97:d4:1d:42:3e:ad:37:f1:
5a:74:29:88:f1:87:8b:b4:04:29:26:c3:48:2f:9f:73:9e:98:
8b:8e:df:89:7f:65:a0:13:2d:be:48:41:3d:e6:f2:e7:eb:93:
d4:3e:74:ec
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdFc1WH+agmCQjFdNXvqCvK+ZMHcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMjRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiNzE2ZGQ2OWUyNGZkOGE1NTczNmU5NTcxZGRiNDdiNGYyNzhlZGFmNmFm
YjY4OWU4NDFlMjg3MTc4YzhkNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN9H0vXbgMcFAPRNiGVEmP/LuWJLnfk+xNBugkYkiWrkvJX29+nJZBATFcXz
UbKWZJ3yjXMm108jxGMnfUOPUYx+OORq7NFtldFL3ILVWVm5shKpnUTQ42sSgEgq
dDxJP8p2c7hByQyOksRhp4BraFX/HErw9ToQP+lybHguYydH3vw8U14UqXYxWeIu
cZsasUQxstDfIc0dLXp0ZDnXKWfgJu08PE9xznYBlymBmgY8gWusUW8nrXDbq0Um
kXjXM15422zOMduHIM6yocTGNA7p4VKQl73frgbSxFi2S+wP9MI2XP77O7THMCbn
JbKZRAyEu7lbNwoVElesOH4kD+ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRTfgGw
mIYK6oXdXQEVQolDjmQxwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTBiZDcyYmEtYjMwZC00NDMzLWE0N2UtZTA1NDNhNGVhNDUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTg
MA0GCSqGSIb3DQEBCwUAA4IBAQB+Z6iSJEeMeFEuFx1N4WdMWaHYdDGL0WWrgS1E
Dlb5cPFFeioHpQYPLOqzDPsJzfol2YHC9Sw8B0WyJydxPexTXHdx7Ujw4FJadWlU
ZjfuYv4QRejk8iZukUiKbhj2hFF/MnAQ5wVI8pIeIbFbxV3TmqBErY0EHFkb4sQf
Q27QJC70WWXcUAtkbVkiIOPXOZAfcKNavdbwVhJWA87XJE0kydfeAfk1MARWwxhQ
3t5l9daU5aAeTpgTDRqQAhvEuvUdIoo6jVFr5apFQAmhlF91l9QdQj6tN/FadCmI
8YeLtAQpJsNIL59znpiLjt+Jf2WgEy2+SEE95vLn65PUPnTs
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:24:42 2026 by rpki-client