Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7799f50-6acc-4097-88e1-1a281b4503e4.roa
File: c7799f50-6acc-4097-88e1-1a281b4503e4.roa (raw, json)
Hash identifier: JHMdTk64bd9wve708YL9w5RJeZQ+PTGByvS6ISzXGpg=
Subject key identifier: E8:21:A4:1D:35:39:4F:BB:DB:D2:87:75:05:76:98:50:40:B2:9E:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FFD7DA179DEB6B8139EC64CE4FB136D79876B7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7799f50-6acc-4097-88e1-1a281b4503e4.roa
Signing time: Sun 31 May 2026 01:00:52 +0000
ROA not before: Sun 31 May 2026 01:00:52 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:fd:7d:a1:79:de:b6:b8:13:9e:c6:4c:e4:fb:13:6d:79:87:6b:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:52 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=72a78a4b9389d79062ace67a19c91904f0d1ff11bb9dda65509921ab1aad9d47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7f:11:9e:09:36:ea:dc:b3:3f:f8:6c:78:6f:
8f:aa:79:9b:ff:6f:ea:cf:02:3e:67:19:1c:f0:cb:
8c:81:11:b3:e1:48:7d:88:7b:47:ce:fc:89:af:0a:
f6:53:e4:91:00:79:90:2b:66:40:ac:2a:f3:76:b9:
48:96:eb:fc:8a:96:52:2b:c6:88:d9:f5:43:18:27:
78:65:be:93:ae:4a:31:a8:82:fd:21:1b:b6:22:dc:
68:a0:cc:8e:05:ce:fe:2b:d2:15:28:ee:4b:da:65:
5d:d1:8c:eb:7b:f6:ea:fd:46:e4:7f:a6:d4:3c:eb:
04:6d:d7:5b:dd:97:f3:b0:40:3c:ea:eb:ca:89:e5:
65:e4:99:ae:16:18:a1:9e:9f:3e:25:3f:b3:64:04:
82:8e:8e:ed:cc:6a:37:9f:8f:67:41:94:d2:9a:80:
af:37:78:e6:c9:07:9a:7d:b0:b4:fc:37:b5:88:8e:
8a:7c:79:7b:b1:39:58:c6:2c:d5:e2:a7:5b:88:0a:
37:04:9d:5c:a4:b0:65:7b:91:83:8b:b1:1a:73:56:
0a:c3:41:e6:9d:51:30:6b:28:f3:24:e9:5a:c7:2a:
48:b0:d1:1f:ff:07:42:28:d1:89:4d:74:d8:01:e3:
00:55:76:3c:5b:ff:b5:e5:1a:a7:f9:a2:eb:22:75:
a5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:21:A4:1D:35:39:4F:BB:DB:D2:87:75:05:76:98:50:40:B2:9E:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7799f50-6acc-4097-88e1-1a281b4503e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:c000::/40
Signature Algorithm: sha256WithRSAEncryption
36:4b:fe:44:54:14:7b:06:b9:74:d3:2e:c2:e1:7c:14:69:54:
b7:44:7a:85:d2:18:93:0d:ec:65:a8:06:5e:69:83:08:06:4a:
a7:64:2b:a1:17:ec:e3:6f:ee:19:a9:29:51:cd:fd:f8:2d:85:
43:b4:9d:f1:02:40:88:95:a0:b0:ef:aa:a7:f8:e0:eb:08:2c:
a8:d4:ff:0c:43:7d:1f:9a:42:30:e6:23:b1:8f:b9:64:5a:e8:
4c:1e:d0:7b:7b:a2:28:9b:fb:d3:29:68:1d:66:20:85:d6:5c:
49:fd:fa:c5:4f:f8:2a:07:d5:ae:88:ab:d4:b3:5f:05:b7:f1:
c5:0b:ae:5b:ee:8e:68:0e:97:b8:48:f8:93:e5:ae:4e:48:fd:
d1:ad:75:1f:8f:a4:aa:f5:7a:a1:de:a0:e7:b2:cb:02:fd:be:
bf:0c:f3:6b:f4:35:9d:0b:41:cf:7f:79:c3:65:de:98:7d:71:
e8:a9:2e:b6:e3:eb:56:26:83:bd:5e:22:8f:55:63:2e:fe:aa:
2c:b8:86:0e:84:01:42:d7:3a:53:6e:13:8f:09:0e:7c:ec:2c:
e9:b2:04:52:fa:c5:58:72:71:00:42:bf:fb:bc:fb:13:0a:f2:
84:fc:a1:9b:24:de:25:67:36:5c:36:f8:ec:fb:87:b8:7d:eb:
71:c8:8e:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX/19oXnetrgTnsZM5PsTbXmHa30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwNTJaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyYTc4YTRiOTM4OWQ3OTA2MmFjZTY3YTE5YzkxOTA0ZjBkMWZmMTFiYjlk
ZGE2NTUwOTkyMWFiMWFhZDlkNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALp/EZ4JNurcsz/4bHhvj6p5m/9v6s8CPmcZHPDLjIERs+FIfYh7R878ia8K
9lPkkQB5kCtmQKwq83a5SJbr/IqWUivGiNn1QxgneGW+k65KMaiC/SEbtiLcaKDM
jgXO/ivSFSjuS9plXdGM63v26v1G5H+m1DzrBG3XW92X87BAPOrryonlZeSZrhYY
oZ6fPiU/s2QEgo6O7cxqN5+PZ0GU0pqArzd45skHmn2wtPw3tYiOinx5e7E5WMYs
1eKnW4gKNwSdXKSwZXuRg4uxGnNWCsNB5p1RMGso8yTpWscqSLDRH/8HQijRiU10
2AHjAFV2PFv/teUap/mi6yJ1pZ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBToIaQd
NTlPu9vSh3UFdphQQLKeszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc3OTlmNTAtNmFjYy00MDk3LTg4ZTEtMWEyODFiNDUwM2U0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H3A
MA0GCSqGSIb3DQEBCwUAA4IBAQA2S/5EVBR7Brl00y7C4XwUaVS3RHqF0hiTDexl
qAZeaYMIBkqnZCuhF+zjb+4ZqSlRzf34LYVDtJ3xAkCIlaCw76qn+ODrCCyo1P8M
Q30fmkIw5iOxj7lkWuhMHtB7e6Iom/vTKWgdZiCF1lxJ/frFT/gqB9WuiKvUs18F
t/HFC65b7o5oDpe4SPiT5a5OSP3RrXUfj6Sq9Xqh3qDnsssC/b6/DPNr9DWdC0HP
f3nDZd6YfXHoqS624+tWJoO9XiKPVWMu/qosuIYOhAFC1zpTbhOPCQ587CzpsgRS
+sVYcnEAQr/7vPsTCvKE/KGbJN4lZzZcNvjs+4e4fetxyI4E
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:54 2026 by rpki-client