Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
File: 73745b45-c65b-482b-9e7a-25a90d279147.roa (raw, json)
Hash identifier: BXLK4cw9yots6raVpamOUCFGspC6Lpgzed+D7GNqhY0=
Subject key identifier: DE:F7:B6:9C:DC:0D:D5:AA:AA:07:A7:69:C9:49:20:47:19:82:8B:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 212ED5A2369B3B094C5ADF85F864F558CAF0AB56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
Signing time: Fri 15 May 2026 02:00:04 +0000
ROA not before: Fri 15 May 2026 02:00:04 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:2e:d5:a2:36:9b:3b:09:4c:5a:df:85:f8:64:f5:58:ca:f0:ab:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:00:04 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=4c3932f744d60bd6ca4269b5b566a601eb9c5957ba829a72d1226283d914edab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:79:6e:fd:0a:36:db:a4:b7:ab:3c:19:a3:a0:
ab:d2:66:96:18:dd:74:b1:c2:34:f4:67:60:64:c1:
88:61:d3:bc:2a:cf:bc:55:b0:9c:8e:a9:a5:df:94:
4d:53:fb:68:d8:4f:2c:95:6d:33:32:4f:34:d1:bd:
bb:9e:d7:ae:67:32:e3:5d:60:ac:25:27:2a:5b:bb:
f5:8d:09:35:17:6a:99:a8:5f:c7:4b:35:c8:70:9f:
3d:c3:d0:eb:f0:46:70:10:c4:75:ca:fa:ab:bc:1a:
68:28:72:27:56:db:62:b9:73:b7:83:1f:41:83:b1:
a6:f2:c2:a7:1e:44:f1:0d:8b:08:80:ec:bf:de:5b:
42:1a:61:17:b4:23:bc:db:d5:b6:6a:32:65:80:3e:
ef:71:e3:8c:f9:ce:ed:9b:ff:5d:67:38:dc:35:e0:
10:43:3d:5f:ce:8d:1b:23:c0:6b:a3:97:f6:3f:7e:
ee:00:9a:b7:0d:c4:61:ce:31:ca:8d:04:bb:be:3f:
10:62:cd:fe:c9:d2:df:4a:08:48:77:ce:29:e6:97:
cd:5c:ff:47:eb:96:2c:52:0d:5f:2a:07:0b:cb:7d:
50:a0:94:15:29:ab:4a:03:f5:29:ff:64:7f:5c:72:
5a:0d:f3:66:91:7e:7f:ba:42:87:80:42:8f:6c:e7:
3c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F7:B6:9C:DC:0D:D5:AA:AA:07:A7:69:C9:49:20:47:19:82:8B:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
59:0e:6a:d7:a4:5c:6d:e7:a4:80:66:3b:e2:08:2a:b6:55:ba:
d2:a9:ba:9d:1d:73:75:e5:59:2e:19:88:bc:46:8f:d6:d0:0d:
a4:32:8c:da:6f:43:e6:f2:29:f3:d2:60:d5:8d:cf:73:14:aa:
c8:55:98:11:6a:0b:ba:ce:0d:bb:49:af:0a:58:9f:9f:cc:b7:
b6:f8:b8:64:9a:cd:b5:2f:47:43:5e:79:45:cb:e1:46:8c:df:
6b:80:c2:66:bd:44:41:3f:4f:fc:56:66:3f:d1:c8:e1:a4:d1:
cc:92:64:03:05:c4:37:14:6b:3f:28:69:39:7b:44:87:4f:00:
86:13:19:9e:71:8a:55:e8:7b:30:9c:5b:58:21:98:4c:54:ff:
11:d4:31:85:93:f2:ae:21:a7:c9:43:81:51:1e:78:83:bd:3f:
cd:74:e3:31:a5:b8:71:76:77:69:04:cf:ef:43:8b:d7:c3:af:
10:d6:7e:dd:73:a2:5b:25:d2:a3:4e:02:28:72:6b:9f:8d:43:
85:a2:29:28:51:a3:ed:a1:b7:ef:ff:0b:6d:67:ef:6d:94:7f:
e3:9e:34:c1:9d:40:8d:db:20:d3:3a:b6:86:b4:ea:f5:f6:12:
76:e6:e2:88:5d:0d:3f:95:19:07:a6:d4:56:90:a3:52:85:1b:
02:67:9e:90
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIS7VojabOwlMWt+F+GT1WMrwq1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjAwMDRaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjMzkzMmY3NDRkNjBiZDZjYTQyNjliNWI1NjZhNjAxZWI5YzU5NTdiYTgy
OWE3MmQxMjI2MjgzZDkxNGVkYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJl5bv0KNtukt6s8GaOgq9JmlhjddLHCNPRnYGTBiGHTvCrPvFWwnI6ppd+U
TVP7aNhPLJVtMzJPNNG9u57Xrmcy411grCUnKlu79Y0JNRdqmahfx0s1yHCfPcPQ
6/BGcBDEdcr6q7waaChyJ1bbYrlzt4MfQYOxpvLCpx5E8Q2LCIDsv95bQhphF7Qj
vNvVtmoyZYA+73HjjPnO7Zv/XWc43DXgEEM9X86NGyPAa6OX9j9+7gCatw3EYc4x
yo0Eu74/EGLN/snS30oISHfOKeaXzVz/R+uWLFINXyoHC8t9UKCUFSmrSgP1Kf9k
f1xyWg3zZpF+f7pCh4BCj2znPJECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTe97ac
3A3VqqoHp2nJSSBHGYKLojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM3NDViNDUtYzY1Yi00ODJiLTllN2EtMjVhOTBkMjc5MTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZDmrXpFxt56SAZjviCCq2VbrSqbqdHXN15Vku
GYi8Ro/W0A2kMozab0Pm8inz0mDVjc9zFKrIVZgRagu6zg27Sa8KWJ+fzLe2+Lhk
ms21L0dDXnlFy+FGjN9rgMJmvURBP0/8VmY/0cjhpNHMkmQDBcQ3FGs/KGk5e0SH
TwCGExmecYpV6HswnFtYIZhMVP8R1DGFk/KuIafJQ4FRHniDvT/NdOMxpbhxdndp
BM/vQ4vXw68Q1n7dc6JbJdKjTgIocmufjUOFoikoUaPtobfv/wttZ+9tlH/jnjTB
nUCN2yDTOraGtOr19hJ25uKIXQ0/lRkHptRWkKNShRsCZ56Q
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:14 2026 by rpki-client