Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
File: f97778b4-85b1-4580-ac38-a4872d19261b.roa (raw, json)
Hash identifier: 9ytneQgmwAVH18CiHCEW3huxsnx/KSpV1v5ykgbodBE=
Subject key identifier: 16:37:4B:22:E4:4D:B4:5B:77:7E:51:30:64:5D:DC:52:AB:58:59:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E218729274F4E92FA783B923ADED1BA9B29E15F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
Signing time: Tue 19 May 2026 05:40:47 +0000
ROA not before: Tue 19 May 2026 05:40:47 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 30 May 2026 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:21:87:29:27:4f:4e:92:fa:78:3b:92:3a:de:d1:ba:9b:29:e1:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:47 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d53df02c2496c929f65d6c58e8561cf658d349a4fac95af8b8838f8d0faff2b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:17:82:5e:7e:22:a5:1b:1d:29:46:c9:e5:c7:
2f:b9:f6:03:b2:22:1c:bc:e7:83:a8:3c:92:a9:b8:
53:c5:95:ad:f1:c7:2a:3a:27:3a:db:70:53:89:e8:
39:08:4d:6d:59:a6:42:62:32:81:7d:43:3f:5b:34:
4d:de:44:e0:36:d9:f8:ee:66:a7:8c:88:62:02:d6:
2f:35:90:df:78:e2:5d:53:15:d7:d4:7d:b8:9a:b0:
7d:f4:0a:36:c5:a5:a6:a1:1d:43:db:56:3c:fb:2f:
70:f0:e5:b0:97:2e:8d:9c:ea:2d:0e:d8:c3:1a:da:
90:3e:3f:1d:cc:66:e5:c0:1e:0d:60:ac:b3:00:17:
3a:3d:c3:e5:14:bc:1b:b9:b1:a0:8e:ab:73:41:8b:
33:6d:a5:91:3b:95:dd:64:0a:d7:fe:1f:db:4e:e6:
dd:45:03:63:d1:d8:1e:f6:79:17:ad:91:be:e0:7b:
dd:13:b8:0c:d3:2a:80:30:46:69:14:94:fb:09:df:
ed:52:4a:d0:a6:11:c5:d2:37:03:30:a8:42:79:f6:
7f:80:38:93:89:b5:de:d5:3f:3e:c2:37:5e:8a:19:
3b:6e:51:64:25:6c:be:a7:b3:9f:70:de:e2:c3:93:
24:bb:11:22:3a:d9:0b:d5:fc:f2:f1:89:78:ff:a8:
34:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:37:4B:22:E4:4D:B4:5B:77:7E:51:30:64:5D:DC:52:AB:58:59:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:5000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:ce:12:c5:c5:c6:13:e7:f5:21:fb:b8:40:c5:27:44:42:41:
6f:8b:5c:60:e5:18:77:c9:3c:17:6e:1a:d3:9f:1b:57:b3:93:
b0:6b:ec:d2:70:8f:37:ad:7f:50:25:84:94:da:d7:f5:7b:33:
83:19:b7:53:3b:e5:7f:92:5b:a2:3a:9d:96:51:81:5c:11:01:
01:db:71:1d:d5:a7:b8:65:3d:1e:4d:2b:63:ff:e8:a4:ff:fc:
5f:f0:1b:45:a8:1d:19:21:ce:6b:ff:1f:4a:90:d3:e8:a6:87:
d0:d9:25:ca:5e:b1:f2:a6:31:0e:c7:2e:d6:dc:ce:a3:1e:a5:
58:f3:85:50:70:01:00:34:13:66:52:f5:95:95:9a:43:88:ec:
f6:c1:c6:0e:83:ba:30:a0:74:74:af:6c:e0:cc:54:63:08:a7:
ad:3d:c9:1b:96:8b:c4:c0:90:c8:42:ea:ba:fb:f2:ba:89:36:
db:8e:36:d3:50:6f:42:49:1b:ae:71:10:29:e9:4f:53:8f:27:
46:17:2c:72:06:8b:80:7f:64:c5:af:c5:ca:10:85:be:e3:f2:
0b:5a:ba:7e:9d:9f:82:94:da:49:20:06:e8:05:14:8d:0c:6d:
dc:f6:74:b8:97:8b:b0:f0:78:ec:e1:53:4a:d5:40:00:d0:70:
6b:a9:92:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXiGHKSdPTpL6eDuSOt7Rupsp4V8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1M2RmMDJjMjQ5NmM5MjlmNjVkNmM1OGU4NTYxY2Y2NThkMzQ5YTRmYWM5
NWFmOGI4ODM4ZjhkMGZhZmYyYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcXgl5+IqUbHSlGyeXHL7n2A7IiHLzng6g8kqm4U8WVrfHHKjonOttwU4no
OQhNbVmmQmIygX1DP1s0Td5E4DbZ+O5mp4yIYgLWLzWQ33jiXVMV19R9uJqwffQK
NsWlpqEdQ9tWPPsvcPDlsJcujZzqLQ7YwxrakD4/Hcxm5cAeDWCsswAXOj3D5RS8
G7mxoI6rc0GLM22lkTuV3WQK1/4f207m3UUDY9HYHvZ5F62RvuB73RO4DNMqgDBG
aRSU+wnf7VJK0KYRxdI3AzCoQnn2f4A4k4m13tU/PsI3XooZO25RZCVsvqezn3De
4sOTJLsRIjrZC9X88vGJeP+oNEMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWN0si
5E20W3d+UTBkXdxSq1hZojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3Nzc4YjQtODViMS00NTgwLWFjMzgtYTQ4NzJkMTkyNjFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAazhLFxcYT5/Uh+7hAxSdEQkFvi1xg5Rh3yTwX
bhrTnxtXs5Owa+zScI83rX9QJYSU2tf1ezODGbdTO+V/kluiOp2WUYFcEQEB23Ed
1ae4ZT0eTStj/+ik//xf8BtFqB0ZIc5r/x9KkNPopofQ2SXKXrHypjEOxy7W3M6j
HqVY84VQcAEANBNmUvWVlZpDiOz2wcYOg7owoHR0r2zgzFRjCKetPckblovEwJDI
Quq6+/K6iTbbjjbTUG9CSRuucRAp6U9TjydGFyxyBouAf2TFr8XKEIW+4/ILWrp+
nZ+ClNpJIAboBRSNDG3c9nS4l4uw8Hjs4VNK1UAA0HBrqZIj
-----END CERTIFICATE-----
Generated at Fri May 29 21:43:15 2026 by rpki-client