Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
File: 758ab83f-3a25-48db-a214-04c27915b62e.roa (raw, json)
Hash identifier: 6M6pqCHzP6h2RnevuavFa6/Und0ZZPMxpLsNVPddLl4=
Subject key identifier: BB:F9:AC:CD:83:70:15:8A:F9:A6:51:5A:3C:C9:D2:22:4E:1A:43:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79BFEE3B762023DE5BAD27563FCB21683F128DC5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
Signing time: Tue 19 May 2026 05:30:41 +0000
ROA not before: Tue 19 May 2026 05:30:41 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:bf:ee:3b:76:20:23:de:5b:ad:27:56:3f:cb:21:68:3f:12:8d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:41 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=21b8b75728110705491d1c3d0c0a22523ecdf65cd82cb7f13a4be56e4cee17de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:ef:8b:22:e9:55:0e:86:34:29:9f:d8:fb:
a2:61:d3:3f:4a:19:bf:c8:fa:e9:94:ea:2a:81:57:
1c:51:26:12:90:eb:e4:e3:0d:11:7f:ce:31:a9:7b:
c4:b8:e2:3f:bc:9b:30:8a:c7:d6:cf:62:0d:dd:29:
ef:c5:f4:b5:b3:be:fc:6d:30:01:ed:79:2e:4f:14:
29:ed:05:46:84:98:10:08:38:a3:aa:a0:dc:36:be:
47:73:a9:8b:2e:bf:b4:fe:23:ec:3e:29:82:31:4e:
98:ad:40:4e:70:66:4b:96:73:41:35:02:ac:c6:ad:
03:e3:02:f9:ec:91:13:f0:93:86:21:2a:a1:75:83:
bb:36:92:45:0a:18:86:63:ee:c4:b8:38:e7:84:26:
df:af:9f:18:8f:ba:e9:50:b1:3d:de:bc:c6:27:62:
a3:5b:c6:9f:ab:e8:94:41:53:97:d7:6a:b1:61:29:
61:7a:60:2d:0e:33:17:4a:32:6b:0f:f1:23:c1:a7:
79:f4:45:58:2d:1e:74:8e:aa:8d:82:fc:61:89:02:
1a:e0:bb:fa:b1:87:a6:95:0e:30:f4:65:1b:81:35:
a1:b4:87:2f:d4:76:18:b2:05:19:72:51:ea:36:9b:
fd:60:4e:05:ea:08:98:25:6d:a4:26:c0:9c:7b:e1:
27:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F9:AC:CD:83:70:15:8A:F9:A6:51:5A:3C:C9:D2:22:4E:1A:43:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:a000::/40
Signature Algorithm: sha256WithRSAEncryption
4b:15:6b:52:dc:30:70:01:78:09:a0:07:5d:dd:2d:fe:5c:45:
bc:0b:4d:8d:d8:70:ca:e3:36:4e:da:4d:e0:16:06:10:c8:9b:
a0:aa:83:f6:c5:df:dc:7b:36:27:93:91:fe:fd:b2:9d:cd:2f:
02:33:d0:fa:90:b5:41:b7:e6:d8:83:70:61:37:f4:c9:47:b0:
58:72:82:98:c2:10:b2:46:ce:d9:c0:83:7c:f3:e3:4d:39:49:
7a:89:8c:bd:c8:aa:ec:aa:cc:2f:5e:e7:b9:b5:36:66:76:7e:
eb:8c:39:6e:be:d4:bf:1a:36:b9:ae:fe:64:89:44:f7:f1:d0:
25:47:cb:8f:2e:04:e6:f2:0d:12:73:95:0c:4f:0e:2e:fa:eb:
95:ff:c1:12:8f:cf:46:e8:01:15:0f:d7:b4:58:48:ae:b1:f0:
35:0d:38:21:3e:bb:f9:77:3d:1f:1a:e4:e1:93:93:aa:36:d1:
26:b4:ec:5b:31:cd:49:11:4f:a2:17:3e:58:d1:81:e8:3a:08:
8e:c2:0f:2e:9f:71:54:93:08:8b:92:0c:36:cd:e6:fe:7e:18:
23:c4:c0:8a:bc:ba:f7:ba:13:85:42:8f:be:8d:6f:c3:e1:08:
1d:02:41:fb:12:61:b8:f4:b5:22:8a:3b:28:2a:37:15:63:f1:
99:74:27:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeb/uO3YgI95brSdWP8shaD8SjcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNDFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxYjhiNzU3MjgxMTA3MDU0OTFkMWMzZDBjMGEyMjUyM2VjZGY2NWNkODJj
YjdmMTNhNGJlNTZlNGNlZTE3ZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCg74si6VUOhjQpn9j7omHTP0oZv8j66ZTqKoFXHFEmEpDr5OMNEX/OMal7
xLjiP7ybMIrH1s9iDd0p78X0tbO+/G0wAe15Lk8UKe0FRoSYEAg4o6qg3Da+R3Op
iy6/tP4j7D4pgjFOmK1ATnBmS5ZzQTUCrMatA+MC+eyRE/CThiEqoXWDuzaSRQoY
hmPuxLg454Qm36+fGI+66VCxPd68xidio1vGn6volEFTl9dqsWEpYXpgLQ4zF0oy
aw/xI8GnefRFWC0edI6qjYL8YYkCGuC7+rGHppUOMPRlG4E1obSHL9R2GLIFGXJR
6jab/WBOBeoImCVtpCbAnHvhJwsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7+azN
g3AVivmmUVo8ydIiThpDKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU4YWI4M2YtM2EyNS00OGRiLWEyMTQtMDRjMjc5MTViNjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2g
MA0GCSqGSIb3DQEBCwUAA4IBAQBLFWtS3DBwAXgJoAdd3S3+XEW8C02N2HDK4zZO
2k3gFgYQyJugqoP2xd/cezYnk5H+/bKdzS8CM9D6kLVBt+bYg3BhN/TJR7BYcoKY
whCyRs7ZwIN88+NNOUl6iYy9yKrsqswvXue5tTZmdn7rjDluvtS/Gja5rv5kiUT3
8dAlR8uPLgTm8g0Sc5UMTw4u+uuV/8ESj89G6AEVD9e0WEiusfA1DTghPrv5dz0f
GuThk5OqNtEmtOxbMc1JEU+iFz5Y0YHoOgiOwg8un3FUkwiLkgw2zeb+fhgjxMCK
vLr3uhOFQo++jW/D4QgdAkH7EmG49LUiijsoKjcVY/GZdCdN
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:50 2026 by rpki-client