Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
File: 7dbe70b9-8807-4382-b0db-753dfbe69012.roa (raw, json)
Hash identifier: axMUOFgOTueCXuEx0GSblBPxsnYVLDLcz9AW0g4iua8=
Subject key identifier: 46:A8:7B:88:42:2B:F4:56:20:30:C6:AD:4E:13:97:C4:1C:C3:39:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 591F491B289643191D6CDCB9508373EE512CB149
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
Signing time: Tue 19 May 2026 05:40:05 +0000
ROA not before: Tue 19 May 2026 05:40:05 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:1f:49:1b:28:96:43:19:1d:6c:dc:b9:50:83:73:ee:51:2c:b1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:05 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2775feb4d5023e3793b1141acb8e28ae6258015c4554757a7e82499e55aca9a6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5c:29:e1:3d:9d:2b:36:a1:c1:67:77:8f:e1:
b8:cb:c2:f9:3d:51:95:37:45:cb:37:34:10:b0:e3:
7c:a1:3c:ae:0d:32:83:36:e0:96:9e:61:de:82:c9:
a6:2d:39:01:f9:db:06:3b:23:d9:9a:f2:36:ad:b5:
7e:3d:6d:ed:14:64:cf:63:84:30:05:b5:0a:41:9f:
71:36:88:95:fd:78:17:b7:73:da:be:76:1c:d7:64:
31:ed:93:5e:ca:dd:8b:29:2b:46:2f:52:75:af:ba:
36:ed:ed:81:bd:c1:2e:74:ba:4d:58:60:ba:fa:94:
b1:73:26:f9:e5:bb:57:fd:6d:86:ca:c6:0d:6d:e3:
aa:fb:e3:63:ae:dc:31:9e:cc:e3:f2:a1:09:56:39:
b6:3f:03:da:50:23:7d:0b:0d:12:6c:f2:18:6b:3f:
72:c4:e5:b3:6c:d1:83:0e:b9:66:9d:f7:63:f5:e5:
67:4c:03:36:12:c8:f6:0d:1e:80:5f:5a:aa:85:e3:
be:0c:41:f0:cb:40:53:d8:52:c1:a8:95:0d:6b:a5:
ce:79:fa:78:18:7c:4b:ac:69:39:9a:fd:c6:d1:1a:
ad:1a:16:db:1e:a1:ba:58:94:dc:e9:09:e0:32:84:
0f:18:66:7b:3b:15:e2:46:e7:dc:9e:b1:3a:3c:e0:
18:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A8:7B:88:42:2B:F4:56:20:30:C6:AD:4E:13:97:C4:1C:C3:39:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/37
Signature Algorithm: sha256WithRSAEncryption
56:20:18:25:74:b9:3f:f7:62:09:6d:48:64:b9:52:14:86:5c:
bb:ae:38:e6:aa:45:73:8b:37:f5:01:c5:11:30:07:69:2d:e6:
7f:11:01:1a:9d:8d:24:fc:d6:f9:b0:1f:3b:df:a3:b4:13:9e:
48:1c:f1:47:a1:cc:0a:e6:4e:9f:95:9d:df:be:7e:82:78:4a:
3e:a7:03:c2:51:77:63:55:ba:dc:27:34:0b:20:b1:01:d5:8e:
29:84:f3:94:76:94:85:01:a6:e4:b2:2c:b4:c9:be:7f:52:61:
18:ba:c4:a0:46:95:d8:f5:32:3b:c7:b8:42:4d:0e:fb:12:57:
6a:b2:64:b3:16:e4:7d:c2:88:cf:55:17:d8:51:4d:f1:01:6e:
d6:df:1a:e3:40:4e:eb:c5:c2:5c:1b:6d:30:86:f7:ea:e7:17:
aa:51:f9:69:cc:b8:55:2f:cb:df:72:03:cf:22:6e:ca:df:d7:
7f:94:51:ef:bf:fc:6d:87:d4:31:a2:ff:6d:7a:4f:e6:88:88:
9e:7b:f4:e4:c9:62:7a:62:bc:4d:79:6b:68:15:e0:20:d9:f0:
31:be:8d:e9:76:59:3f:35:65:f0:f9:0d:c7:78:de:8d:ba:85:
cb:f1:a8:8c:0d:5b:18:27:d7:43:7a:74:8f:7a:04:0c:7b:b6:
53:67:38:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWR9JGyiWQxkdbNy5UINz7lEssUkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwMDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3NzVmZWI0ZDUwMjNlMzc5M2IxMTQxYWNiOGUyOGFlNjI1ODAxNWM0NTU0
NzU3YTdlODI0OTllNTVhY2E5YTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxcKeE9nSs2ocFnd4/huMvC+T1RlTdFyzc0ELDjfKE8rg0ygzbglp5h3oLJ
pi05AfnbBjsj2ZryNq21fj1t7RRkz2OEMAW1CkGfcTaIlf14F7dz2r52HNdkMe2T
XsrdiykrRi9Sda+6Nu3tgb3BLnS6TVhguvqUsXMm+eW7V/1thsrGDW3jqvvjY67c
MZ7M4/KhCVY5tj8D2lAjfQsNEmzyGGs/csTls2zRgw65Zp33Y/XlZ0wDNhLI9g0e
gF9aqoXjvgxB8MtAU9hSwaiVDWulznn6eBh8S6xpOZr9xtEarRoW2x6huliU3OkJ
4DKEDxhmezsV4kbn3J6xOjzgGMcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGqHuI
Qiv0ViAwxq1OE5fEHMM58zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RiZTcwYjktODgwNy00MzgyLWIwZGItNzUzZGZiZTY5MDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQBWIBgldLk/92IJbUhkuVIUhly7rjjmqkVzizf1
AcURMAdpLeZ/EQEanY0k/Nb5sB8736O0E55IHPFHocwK5k6flZ3fvn6CeEo+pwPC
UXdjVbrcJzQLILEB1Y4phPOUdpSFAabksiy0yb5/UmEYusSgRpXY9TI7x7hCTQ77
EldqsmSzFuR9wojPVRfYUU3xAW7W3xrjQE7rxcJcG20whvfq5xeqUflpzLhVL8vf
cgPPIm7K39d/lFHvv/xth9Qxov9tek/miIiee/TkyWJ6YrxNeWtoFeAg2fAxvo3p
dlk/NWXw+Q3HeN6NuoXL8aiMDVsYJ9dDenSPegQMe7ZTZzg8
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:22 2026 by rpki-client