Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: S2AJME5gEkXit/v+w/NzZyg5zFB5XrJ52hs9DuKzHtc=
Subject key identifier: 7F:65:28:D5:69:C9:4E:F3:11:21:42:F0:53:D3:2E:1C:28:F6:9C:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22B6D731A9FE5EAC530CD34F377189832F261FC6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Tue 19 May 2026 04:41:01 +0000
ROA not before: Tue 19 May 2026 04:41:01 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:b6:d7:31:a9:fe:5e:ac:53:0c:d3:4f:37:71:89:83:2f:26:1f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:41:01 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=9f845fdc3d482db5f2b98813df2374656a2d939a39261109f1fd4b4aac71f5d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f0:3c:20:c6:f7:ed:79:a6:77:21:0a:c4:97:
8f:47:2c:dc:bf:c3:97:da:0d:15:78:e1:ae:53:8b:
48:e2:be:8f:88:52:ef:ed:1f:1d:1e:cb:e1:02:78:
89:b1:85:3f:92:73:46:e3:c9:81:83:f5:c3:67:c7:
cc:02:8d:66:b1:12:aa:f7:b9:2f:1b:e5:1d:f9:b2:
ab:a8:40:c8:8e:08:15:ac:b7:ab:c0:82:73:9f:29:
a9:8b:3c:8b:9d:9c:30:12:a6:ae:0a:0f:bc:b6:5f:
27:75:04:29:6e:08:5a:fe:2c:58:05:de:38:8a:f7:
82:48:03:5d:b0:fa:e5:b4:37:b1:c0:48:b3:97:3e:
6b:55:aa:17:83:b2:98:8b:61:05:b7:da:39:4f:98:
ea:a2:8f:a6:6a:bc:2f:61:a5:7c:4a:4a:1a:13:2f:
e1:0d:0e:61:1a:b7:f1:b1:13:9b:77:51:c1:66:f2:
90:18:31:21:5c:ea:fe:f5:42:10:66:e0:6f:83:0b:
c8:9b:43:77:b7:79:8b:78:9c:68:87:ae:97:a6:ce:
9d:8a:87:03:aa:b0:23:1c:db:6e:f1:88:5a:3f:59:
7b:da:ab:61:eb:89:bf:c0:c9:af:82:9d:b2:a1:a0:
78:33:2d:23:89:49:07:58:83:d4:bc:d8:1e:10:25:
c1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:65:28:D5:69:C9:4E:F3:11:21:42:F0:53:D3:2E:1C:28:F6:9C:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
5a:58:d3:4a:a1:fb:53:9e:a3:a6:0f:a1:53:62:61:0e:cf:99:
67:b7:7a:63:b3:23:fa:90:fd:ae:d1:d4:4d:d7:e1:e1:9b:de:
f9:21:b7:77:2b:8e:d1:79:2d:3f:6d:e0:b1:21:7d:94:ee:1e:
10:85:17:14:98:a4:7a:00:e1:f7:68:b4:33:9d:e9:97:c0:df:
f6:7c:31:83:44:fd:7f:4b:3f:dc:2b:d2:f6:0e:7a:f6:3b:5f:
88:52:9a:08:28:67:9e:06:7c:5d:51:4f:9a:8d:76:55:9a:b6:
b6:16:3d:92:3b:78:f8:27:ab:b9:88:5c:8d:8a:dd:9a:7f:fe:
5c:1e:03:68:0e:ab:f6:65:fb:98:cf:a6:70:1b:e0:ce:15:5e:
17:3a:51:44:db:bf:97:53:d7:38:81:39:d7:82:69:e4:c1:a1:
9d:c2:4e:30:f3:a9:b9:8f:da:a7:84:6f:a1:8e:9f:a8:1a:2b:
da:3b:59:63:ef:cf:0b:ab:7d:5f:3c:13:cd:d9:fc:52:c5:21:
16:fe:2e:b1:ba:bb:8e:fb:9e:37:b0:58:13:7b:3b:cc:55:5d:
79:57:43:aa:94:c8:ce:9c:ea:5f:65:e1:b9:23:0c:93:37:01:
86:55:75:9a:29:61:26:19:46:3b:a8:fd:79:1b:ab:97:aa:0d:
c7:3f:3a:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIrbXMan+XqxTDNNPN3GJgy8mH8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQxMDFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmODQ1ZmRjM2Q0ODJkYjVmMmI5ODgxM2RmMjM3NDY1NmEyZDkzOWEzOTI2
MTEwOWYxZmQ0YjRhYWM3MWY1ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrwPCDG9+15pnchCsSXj0cs3L/Dl9oNFXjhrlOLSOK+j4hS7+0fHR7L4QJ4
ibGFP5JzRuPJgYP1w2fHzAKNZrESqve5LxvlHfmyq6hAyI4IFay3q8CCc58pqYs8
i52cMBKmrgoPvLZfJ3UEKW4IWv4sWAXeOIr3gkgDXbD65bQ3scBIs5c+a1WqF4Oy
mIthBbfaOU+Y6qKPpmq8L2GlfEpKGhMv4Q0OYRq38bETm3dRwWbykBgxIVzq/vVC
EGbgb4MLyJtDd7d5i3icaIeul6bOnYqHA6qwIxzbbvGIWj9Ze9qrYeuJv8DJr4Kd
sqGgeDMtI4lJB1iD1LzYHhAlwRECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR/ZSjV
aclO8xEhQvBT0y4cKPac+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQBaWNNKoftTnqOmD6FTYmEOz5lnt3pjsyP6kP2u
0dRN1+Hhm975Ibd3K47ReS0/beCxIX2U7h4QhRcUmKR6AOH3aLQznemXwN/2fDGD
RP1/Sz/cK9L2Dnr2O1+IUpoIKGeeBnxdUU+ajXZVmra2Fj2SO3j4J6u5iFyNit2a
f/5cHgNoDqv2ZfuYz6ZwG+DOFV4XOlFE27+XU9c4gTnXgmnkwaGdwk4w86m5j9qn
hG+hjp+oGivaO1lj788Lq31fPBPN2fxSxSEW/i6xuruO+543sFgTezvMVV15V0Oq
lMjOnOpfZeG5IwyTNwGGVXWaKWEmGUY7qP15G6uXqg3HPzrM
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:27 2026 by rpki-client