Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa
File: 25d38479-752d-418e-a4fb-397c5aa432f8.roa (raw, json)
Hash identifier: HsHjujkCwSI3kIM2LnFf8prfb6zz2/fHpgiwkX/xBqU=
Subject key identifier: 54:11:E6:E1:65:D7:EA:12:F9:F6:E6:87:CE:9F:C6:5A:08:E3:8D:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FEC6B23BF35647F70FEB0A9E18A830C94DD6617
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa
Signing time: Sat 16 May 2026 00:40:03 +0000
ROA not before: Sat 16 May 2026 00:40:03 +0000
ROA not after: Fri 14 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:ec:6b:23:bf:35:64:7f:70:fe:b0:a9:e1:8a:83:0c:94:dd:66:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 00:40:03 2026 GMT
Not After : Aug 14 23:59:59 2026 GMT
Subject: serialNumber=bd02207f8bce5f297b059b29d963c79c23ab565e974e206f413fbab29493a302, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:bd:be:b5:13:41:e6:fc:b2:e9:ab:44:2e:39:
09:1b:0f:8f:42:de:53:a9:f0:9d:c6:35:97:72:51:
61:43:3e:6b:91:86:b0:bd:c0:f5:a3:4a:9c:1c:39:
d0:eb:f4:81:97:05:c2:a9:1e:79:a8:c4:d7:5b:70:
a1:4b:3d:ce:fa:bb:a7:da:7e:e6:5a:0e:5e:73:af:
d7:82:5d:55:07:72:50:3f:7f:18:0d:43:08:92:58:
1e:48:54:b8:0c:b9:ab:c7:58:59:1f:c1:9d:87:97:
1d:80:52:9f:f7:8d:80:6c:8b:52:55:6d:51:92:e9:
c0:61:77:cf:01:5d:7f:1b:0a:df:4d:cf:c5:f2:da:
c9:b1:b9:90:3f:08:eb:15:d5:e7:f0:a5:9e:19:a1:
d2:a0:75:08:a8:62:8b:2b:71:c5:bb:9f:f7:5c:fc:
9a:57:85:51:71:79:1c:6f:42:b3:b8:3d:bd:84:74:
3a:a9:66:3f:3f:43:7e:1b:6d:8b:ee:cc:43:47:60:
ef:1e:cf:f8:3a:d3:f4:d5:c6:d7:5d:d4:e0:d0:63:
f1:6e:9e:03:e0:62:00:11:85:22:52:07:bd:b8:83:
6d:33:ae:53:d7:76:38:24:9e:11:08:ac:52:06:55:
39:11:22:c6:3a:63:17:9c:21:34:60:e8:c3:1b:84:
ef:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:11:E6:E1:65:D7:EA:12:F9:F6:E6:87:CE:9F:C6:5A:08:E3:8D:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:800::/40
Signature Algorithm: sha256WithRSAEncryption
70:47:e0:d7:e5:4a:25:44:3d:ad:fb:ef:88:e3:7a:d9:01:c0:
1e:0c:ee:e4:82:e1:24:3c:47:31:5c:cc:8b:ac:05:f5:6a:d2:
bf:b0:a2:50:c2:a0:e2:e0:04:4a:10:25:c9:47:46:e4:61:81:
a0:16:e0:70:68:27:c8:c2:17:91:94:2f:5f:1b:46:49:46:fe:
fe:e9:64:6f:14:a8:75:a8:ec:51:1f:ca:09:55:57:02:1f:81:
03:a3:bc:a1:05:d0:54:c8:43:ec:aa:12:67:08:1b:47:ae:a0:
fc:21:b7:98:ef:2e:0c:0f:a2:b6:56:93:75:b9:dd:c3:a7:41:
77:f3:8f:b5:56:60:e1:47:c3:47:e5:fc:a0:3b:84:1d:bd:e9:
06:93:3c:f4:ac:41:d2:11:fd:3e:aa:de:a2:dc:4b:52:68:13:
31:40:e7:2f:7a:37:b8:3b:03:8e:99:c7:06:eb:5c:59:53:25:
f9:f2:5b:0e:f3:2a:3d:17:4b:07:1a:3a:6e:d8:96:63:3d:be:
a8:4f:cf:b6:b5:75:ac:c1:2a:2d:2d:f1:ab:c4:2a:c9:3b:4a:
21:82:c1:90:10:c0:bc:b9:02:7f:dd:76:05:bb:6b:8a:c1:d8:
2f:a5:cf:54:58:83:2b:bc:6d:77:55:27:3b:c1:b5:0e:0a:17:
83:e5:ef:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb+xrI781ZH9w/rCp4YqDDJTdZhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTYwMDQwMDNaFw0yNjA4MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMDIyMDdmOGJjZTVmMjk3YjA1OWIyOWQ5NjNjNzljMjNhYjU2NWU5NzRl
MjA2ZjQxM2ZiYWIyOTQ5M2EzMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANK9vrUTQeb8sumrRC45CRsPj0LeU6nwncY1l3JRYUM+a5GGsL3A9aNKnBw5
0Ov0gZcFwqkeeajE11twoUs9zvq7p9p+5loOXnOv14JdVQdyUD9/GA1DCJJYHkhU
uAy5q8dYWR/BnYeXHYBSn/eNgGyLUlVtUZLpwGF3zwFdfxsK303PxfLaybG5kD8I
6xXV5/Clnhmh0qB1CKhiiytxxbuf91z8mleFUXF5HG9Cs7g9vYR0OqlmPz9Dfhtt
i+7MQ0dg7x7P+DrT9NXG113U4NBj8W6eA+BiABGFIlIHvbiDbTOuU9d2OCSeEQis
UgZVOREixjpjF5whNGDowxuE7xcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUEebh
ZdfqEvn25ofOn8ZaCOONNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjVkMzg0NzktNzUyZC00MThlLWE0ZmItMzk3YzVhYTQzMmY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DII
MA0GCSqGSIb3DQEBCwUAA4IBAQBwR+DX5UolRD2t+++I43rZAcAeDO7kguEkPEcx
XMyLrAX1atK/sKJQwqDi4ARKECXJR0bkYYGgFuBwaCfIwheRlC9fG0ZJRv7+6WRv
FKh1qOxRH8oJVVcCH4EDo7yhBdBUyEPsqhJnCBtHrqD8IbeY7y4MD6K2VpN1ud3D
p0F384+1VmDhR8NH5fygO4QdvekGkzz0rEHSEf0+qt6i3EtSaBMxQOcveje4OwOO
mccG61xZUyX58lsO8yo9F0sHGjpu2JZjPb6oT8+2tXWswSotLfGrxCrJO0ohgsGQ
EMC8uQJ/3XYFu2uKwdgvpc9UWIMrvG13VSc7wbUOCheD5e93
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:14 2026 by rpki-client