Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
File: 79440387-66a3-4852-a94b-8a3250f20726.roa (raw, json)
Hash identifier: DreK/XmYDPnUkhWppNGZ5r0HK9j/FpLCxCAXVbM2Hvs=
Subject key identifier: 0D:B4:8D:F5:07:8B:51:E0:6C:EA:C2:43:87:88:DB:DA:3D:38:2C:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21414779B570B8CBFD13498A303B5658A3232DAD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
Signing time: Tue 19 May 2026 04:30:10 +0000
ROA not before: Tue 19 May 2026 04:30:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:41:47:79:b5:70:b8:cb:fd:13:49:8a:30:3b:56:58:a3:23:2d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=98e9b7e7296326e51ad157c288e3cbaaf6b60c375ce30d78546e950a14dda197, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:30:16:87:38:8b:aa:43:7b:bc:5d:de:d6:6f:
c2:38:89:85:41:18:07:a7:15:c1:3f:1f:e6:58:c7:
fa:1b:80:2e:da:c7:22:73:99:f6:bd:19:fc:11:c5:
a1:7d:45:d9:05:7e:a7:ab:bf:45:88:ee:60:aa:1f:
29:2f:67:85:9e:05:31:85:6d:94:4c:de:87:d3:38:
47:49:01:bb:54:7a:07:ec:80:fa:0c:3c:e8:15:24:
57:d1:1d:ed:6b:16:fe:c4:db:09:cd:a5:10:9c:ef:
38:6e:10:23:ee:80:46:0f:a0:17:8c:da:50:6b:97:
04:5f:01:00:c2:22:9c:b6:51:df:4c:7a:fe:ed:a5:
33:ab:6e:4b:74:55:66:1b:31:ea:b1:2e:00:6a:3e:
ca:67:43:28:43:bb:8e:9f:95:85:b9:57:92:1e:9d:
35:89:1d:80:64:b6:10:36:a2:a7:3f:4c:77:64:b1:
cd:91:ae:65:03:61:fd:bb:69:c0:36:db:37:4f:5a:
84:20:e6:24:9b:bc:ba:7a:fe:35:1f:02:68:ba:71:
e6:8b:03:d4:0f:8f:67:4b:fc:cd:4e:8f:c8:39:47:
27:e8:12:09:0b:ad:4f:fb:58:9c:8f:c7:54:22:92:
2e:ef:aa:fb:45:96:1d:84:71:0d:35:4b:12:c2:75:
b1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B4:8D:F5:07:8B:51:E0:6C:EA:C2:43:87:88:DB:DA:3D:38:2C:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a040::/48
Signature Algorithm: sha256WithRSAEncryption
02:e1:a6:1d:86:ce:c4:f4:92:5c:b6:29:4b:41:13:f4:58:2b:
f5:ad:7b:76:e5:db:da:18:28:68:4c:37:33:24:44:1e:e6:ab:
ac:74:70:85:28:2f:93:3f:0d:da:ec:55:e4:af:14:d5:53:ab:
57:3e:96:b4:ac:0d:79:11:5f:81:55:e9:a4:56:b6:8f:31:e8:
6d:36:c9:6f:3d:92:9e:9a:44:fa:9f:39:06:21:ca:8d:a8:06:
b6:5b:35:73:ae:3a:c4:70:c3:b6:88:a7:8f:6b:37:ac:2e:b6:
48:14:fa:01:f2:33:31:7d:c0:8d:46:76:d8:bb:d1:df:ed:b0:
2c:e3:7f:c2:0e:3c:22:8f:a2:96:54:10:f5:2e:b2:f4:33:0c:
3a:9b:35:35:80:fc:56:79:12:9b:37:91:1f:2d:56:8d:e9:05:
d5:ad:03:7e:44:cc:b1:78:ef:9a:6c:82:e6:1e:ba:43:c1:81:
5a:d4:3d:2d:c5:c1:43:54:c5:91:7c:d1:39:38:37:c7:bf:64:
41:24:92:79:4a:73:d8:ce:ae:00:58:23:ae:5c:1d:18:08:b7:
83:3f:1b:b3:c1:4f:e3:27:67:94:2c:df:26:f4:4c:88:32:9f:
53:c1:f4:88:99:36:5f:51:47:37:6c:e3:58:3b:d7:0e:95:ca:
27:58:14:eb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIUFHebVwuMv9E0mKMDtWWKMjLa0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4ZTliN2U3Mjk2MzI2ZTUxYWQxNTdjMjg4ZTNjYmFhZjZiNjBjMzc1Y2Uz
MGQ3ODU0NmU5NTBhMTRkZGExOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcwFoc4i6pDe7xd3tZvwjiJhUEYB6cVwT8f5ljH+huALtrHInOZ9r0Z/BHF
oX1F2QV+p6u/RYjuYKofKS9nhZ4FMYVtlEzeh9M4R0kBu1R6B+yA+gw86BUkV9Ed
7WsW/sTbCc2lEJzvOG4QI+6ARg+gF4zaUGuXBF8BAMIinLZR30x6/u2lM6tuS3RV
Zhsx6rEuAGo+ymdDKEO7jp+VhblXkh6dNYkdgGS2EDaipz9Md2SxzZGuZQNh/btp
wDbbN09ahCDmJJu8unr+NR8CaLpx5osD1A+PZ0v8zU6PyDlHJ+gSCQutT/tYnI/H
VCKSLu+q+0WWHYRxDTVLEsJ1sQMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQNtI31
B4tR4GzqwkOHiNvaPTgsuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzk0NDAzODctNjZhMy00ODUyLWE5NGItOGEzMjUwZjIwNzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
QDANBgkqhkiG9w0BAQsFAAOCAQEAAuGmHYbOxPSSXLYpS0ET9Fgr9a17duXb2hgo
aEw3MyREHuarrHRwhSgvkz8N2uxV5K8U1VOrVz6WtKwNeRFfgVXppFa2jzHobTbJ
bz2SnppE+p85BiHKjagGtls1c646xHDDtoinj2s3rC62SBT6AfIzMX3AjUZ22LvR
3+2wLON/wg48Io+illQQ9S6y9DMMOps1NYD8VnkSmzeRHy1WjekF1a0DfkTMsXjv
mmyC5h66Q8GBWtQ9LcXBQ1TFkXzROTg3x79kQSSSeUpz2M6uAFgjrlwdGAi3gz8b
s8FP4ydnlCzfJvRMiDKfU8H0iJk2X1FHN2zjWDvXDpXKJ1gU6w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:14:21 2026 by rpki-client