Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
File: be609ec8-2ad0-42f7-9159-0a3ece35241f.roa (raw, json)
Hash identifier: iApbNpEg1fSbcBNXxAWAEjzdYnkNvPA8V8cp0cN1dUw=
Subject key identifier: 5C:6D:97:89:BE:BB:0F:6C:A1:0D:B2:D1:7B:1B:21:3C:4E:BD:FD:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 75B7FB0E58E806E70F102E17034356A8F3997F4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
Signing time: Sun 17 May 2026 02:00:09 +0000
ROA not before: Sun 17 May 2026 02:00:09 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:b7:fb:0e:58:e8:06:e7:0f:10:2e:17:03:43:56:a8:f3:99:7f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:09 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=d3d1196b631cb1912e833df6a7d7c766374c036da821e3f9ab4faf1fba9ef0b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9f:00:66:23:e3:d7:b6:74:78:4c:c8:6c:63:
1c:f9:8d:2f:ac:2a:9c:e2:10:ce:0d:b1:9a:1f:06:
e7:c4:e9:33:de:80:50:3c:24:27:d8:31:d8:51:4e:
1f:9a:90:3d:de:c0:fd:5e:af:ef:a3:f8:b1:25:8c:
41:fa:05:fe:56:7b:21:99:9e:2d:44:dc:65:c5:34:
ad:5d:02:71:1a:06:9a:d4:ff:be:48:80:76:8c:bc:
18:d7:4a:88:92:a1:83:ce:e8:09:0e:07:53:33:83:
97:ee:6b:db:95:66:71:90:0e:6d:ae:02:61:86:7c:
18:99:f3:dc:ec:bc:07:0b:68:67:39:c9:df:48:92:
18:69:71:eb:b2:a6:f7:ca:1f:ab:66:6e:fe:f5:fd:
d1:4c:99:18:d9:ce:ee:a8:18:21:a5:08:9c:34:6f:
f0:db:59:c9:63:1f:62:a8:39:8c:74:95:ea:dd:0a:
6e:02:28:f8:c6:57:37:99:1d:46:ed:13:89:fc:6f:
1f:af:e5:fb:a8:b1:6b:0b:79:58:1e:7a:27:64:2c:
92:90:aa:3b:08:11:3e:5c:8c:22:61:63:de:45:4f:
05:7a:6c:27:06:eb:db:e7:33:75:ba:00:02:f9:b7:
1a:d5:43:da:f3:3d:0b:4d:24:91:a7:64:a3:bb:a8:
f3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:6D:97:89:BE:BB:0F:6C:A1:0D:B2:D1:7B:1B:21:3C:4E:BD:FD:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:800::/40
Signature Algorithm: sha256WithRSAEncryption
9c:dd:0b:64:56:af:e4:c4:1d:49:c9:d0:75:9d:72:df:41:d8:
c2:01:d8:4d:9a:c4:95:41:73:27:4e:ab:55:55:90:1b:e2:19:
78:23:c9:ee:52:50:62:da:d6:98:0c:19:c3:b7:31:77:22:18:
14:8b:40:0f:fc:b0:83:6a:2c:df:76:e5:38:15:a3:d6:fd:90:
fd:d3:fa:a3:c5:be:fd:1b:62:2b:bb:c2:8a:ba:f1:3e:4b:26:
81:c7:78:09:ec:a9:52:0c:f9:75:4c:ae:da:17:f4:70:03:f8:
0d:53:47:24:b2:fb:f4:eb:c9:cc:eb:d1:a0:06:06:70:3f:39:
8a:9d:6c:88:89:22:50:48:cb:00:6e:03:cb:e1:55:57:d3:1c:
6c:60:c9:ef:5c:b4:6a:9a:ba:b6:88:74:ee:cf:81:90:31:cf:
2e:97:cd:ba:3f:0d:9a:c0:3a:dd:46:5c:63:ad:c5:21:bd:e7:
f9:20:56:88:a9:5e:bb:f1:49:5f:f0:2f:ca:8c:d7:ab:89:9d:
19:4e:ea:76:13:4d:67:0c:3f:69:dc:2f:9c:95:f8:e0:ed:56:
90:d7:36:84:17:45:ca:07:33:5b:9e:a6:5b:b1:04:53:9e:df:
dc:fc:3c:4c:78:a5:95:ee:9f:39:4f:db:20:77:f1:a2:83:41:
42:c9:f7:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdbf7DljoBucPEC4XA0NWqPOZf0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDlaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzZDExOTZiNjMxY2IxOTEyZTgzM2RmNmE3ZDdjNzY2Mzc0YzAzNmRhODIx
ZTNmOWFiNGZhZjFmYmE5ZWYwYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIyfAGYj49e2dHhMyGxjHPmNL6wqnOIQzg2xmh8G58TpM96AUDwkJ9gx2FFO
H5qQPd7A/V6v76P4sSWMQfoF/lZ7IZmeLUTcZcU0rV0CcRoGmtT/vkiAdoy8GNdK
iJKhg87oCQ4HUzODl+5r25VmcZAOba4CYYZ8GJnz3Oy8BwtoZznJ30iSGGlx67Km
98ofq2Zu/vX90UyZGNnO7qgYIaUInDRv8NtZyWMfYqg5jHSV6t0KbgIo+MZXN5kd
Ru0TifxvH6/l+6ixawt5WB56J2QskpCqOwgRPlyMImFj3kVPBXpsJwbr2+czdboA
Avm3GtVD2vM9C00kkadko7uo8/UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcbZeJ
vrsPbKENstF7GyE8Tr39kjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MDllYzgtMmFkMC00MmY3LTkxNTktMGEzZWNlMzUyNDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAI
MA0GCSqGSIb3DQEBCwUAA4IBAQCc3QtkVq/kxB1JydB1nXLfQdjCAdhNmsSVQXMn
TqtVVZAb4hl4I8nuUlBi2taYDBnDtzF3IhgUi0AP/LCDaizfduU4FaPW/ZD90/qj
xb79G2Iru8KKuvE+SyaBx3gJ7KlSDPl1TK7aF/RwA/gNU0cksvv068nM69GgBgZw
PzmKnWyIiSJQSMsAbgPL4VVX0xxsYMnvXLRqmrq2iHTuz4GQMc8ul826Pw2awDrd
RlxjrcUhvef5IFaIqV678Ulf8C/KjNeriZ0ZTup2E01nDD9p3C+clfjg7VaQ1zaE
F0XKBzNbnqZbsQRTnt/c/DxMeKWV7p85T9sgd/Gig0FCyfde
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:53 2026 by rpki-client