Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
File: bed4158d-91b8-4ba5-81d9-75a65b550b92.roa (raw, json)
Hash identifier: FlE4tUJyScA+AYAUeFdjqMARQZkvDL44qbVlt6dGklI=
Subject key identifier: 94:59:AE:1E:81:2E:5C:5C:73:40:4C:9A:FB:88:C6:45:9D:E0:63:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 339A1972C450CCCB19F77A783F6D88186FF74543
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
Signing time: Tue 19 May 2026 04:30:12 +0000
ROA not before: Tue 19 May 2026 04:30:12 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:9a:19:72:c4:50:cc:cb:19:f7:7a:78:3f:6d:88:18:6f:f7:45:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:12 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f4dc754b4cb3b2154a64ef8858ccaae024daf9de7b4f80a37ed9ad9ebf6096ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:55:92:eb:59:13:c3:6d:56:c3:c5:b9:b4:04:
d2:44:9a:79:2f:ae:46:2c:6c:b2:fe:69:e8:e4:e6:
be:97:5d:aa:29:b7:66:54:6b:38:a6:a6:fc:79:fa:
35:fa:00:e1:a1:00:f6:5f:5d:c9:45:53:a0:08:e6:
e9:81:ab:f0:f7:4b:0c:c2:8d:29:fb:0a:cb:d0:63:
75:2f:f8:26:68:0a:d6:ce:24:72:e6:70:00:4d:6f:
47:be:b9:65:9f:91:21:00:73:87:25:00:ae:ac:2d:
b6:41:48:aa:af:3b:7e:24:6e:f4:db:18:df:9e:a1:
5c:12:68:1a:e4:71:ff:51:b8:cf:ff:6b:87:60:d2:
af:8e:c0:01:01:0c:e3:86:e1:d9:eb:e3:68:15:f5:
52:01:af:a9:48:2e:9a:1c:fb:1c:4e:4e:b1:09:60:
44:58:85:e4:68:d3:69:03:91:f3:0b:80:08:aa:b3:
94:fb:19:ea:41:4e:c2:46:1b:31:17:96:fd:e2:63:
74:f4:94:a2:58:42:19:0a:1d:b2:51:71:53:1e:ee:
cf:c7:60:dd:6f:67:df:2e:f4:c6:a5:25:00:ba:1e:
86:f1:f7:8b:8c:b6:c7:f3:bb:72:d0:98:e4:41:3e:
3c:04:8c:da:fc:03:ce:25:26:e1:42:8c:58:23:f8:
72:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:59:AE:1E:81:2E:5C:5C:73:40:4C:9A:FB:88:C6:45:9D:E0:63:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
38:e0:f5:77:28:81:8d:4d:37:4c:7c:c6:ef:9c:25:2e:c3:8c:
a6:ec:5f:b3:56:ed:f3:e3:b2:72:8d:db:87:2b:1b:cc:62:fd:
79:bd:1f:76:0d:77:61:81:da:59:8c:08:7f:30:d4:d4:af:2b:
b7:4a:66:e1:45:b0:33:39:bc:15:3b:06:a8:62:4f:7d:e8:75:
34:e4:59:8c:75:e3:f1:d0:56:59:83:18:4b:4e:0a:94:7e:02:
c6:6d:75:4d:7d:b7:5c:39:55:89:83:12:59:3f:8d:1c:26:ee:
41:44:01:d2:35:fe:a5:a4:12:6e:1a:92:c9:9d:81:7f:e1:44:
f5:90:85:1b:8c:36:6d:14:8c:4a:ce:31:7b:7d:aa:ea:00:c2:
46:bc:22:e5:c2:a8:95:96:4a:fd:c3:6b:d0:9a:83:ac:74:6f:
20:2a:ed:db:f6:ca:b7:c0:58:4c:b4:ac:c4:45:1c:3c:9c:32:
0a:23:0e:18:d6:ff:b0:a1:f5:a5:f9:d7:07:53:5d:6a:c7:d3:
c4:f8:8d:04:f4:a1:8e:db:22:35:49:85:b2:3c:13:ca:7a:04:
32:8f:79:f3:a4:23:01:2f:6d:43:56:44:8c:3e:66:12:30:df:
79:bc:bc:e2:3d:05:64:e2:12:7c:c0:4f:48:a0:06:b9:a0:3a:
cb:a0:a4:f0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUM5oZcsRQzMsZ93p4P22IGG/3RUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0ZGM3NTRiNGNiM2IyMTU0YTY0ZWY4ODU4Y2NhYWUwMjRkYWY5ZGU3YjRm
ODBhMzdlZDlhZDllYmY2MDk2YWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRVkutZE8NtVsPFubQE0kSaeS+uRixssv5p6OTmvpddqim3ZlRrOKam/Hn6
NfoA4aEA9l9dyUVToAjm6YGr8PdLDMKNKfsKy9BjdS/4JmgK1s4kcuZwAE1vR765
ZZ+RIQBzhyUArqwttkFIqq87fiRu9NsY356hXBJoGuRx/1G4z/9rh2DSr47AAQEM
44bh2evjaBX1UgGvqUgumhz7HE5OsQlgRFiF5GjTaQOR8wuACKqzlPsZ6kFOwkYb
MReW/eJjdPSUolhCGQodslFxUx7uz8dg3W9n3y70xqUlALoehvH3i4y2x/O7ctCY
5EE+PASM2vwDziUm4UKMWCP4ck8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSUWa4e
gS5cXHNATJr7iMZFneBjyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmVkNDE1OGQtOTFiOC00YmE1LTgxZDktNzVhNjViNTUwYjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
wDANBgkqhkiG9w0BAQsFAAOCAQEAOOD1dyiBjU03THzG75wlLsOMpuxfs1bt8+Oy
co3bhysbzGL9eb0fdg13YYHaWYwIfzDU1K8rt0pm4UWwMzm8FTsGqGJPfeh1NORZ
jHXj8dBWWYMYS04KlH4Cxm11TX23XDlViYMSWT+NHCbuQUQB0jX+paQSbhqSyZ2B
f+FE9ZCFG4w2bRSMSs4xe32q6gDCRrwi5cKolZZK/cNr0JqDrHRvICrt2/bKt8BY
TLSsxEUcPJwyCiMOGNb/sKH1pfnXB1NdasfTxPiNBPShjtsiNUmFsjwTynoEMo95
86QjAS9tQ1ZEjD5mEjDfeby84j0FZOISfMBPSKAGuaA6y6Ck8A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:28 2026 by rpki-client