Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa
File: cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa (raw, json)
Hash identifier: 8GElk/+VJzXmPSNOfwBt7dT94oIfepPCNdQmgC/Vl4A=
Subject key identifier: 85:40:40:C2:03:23:E5:D6:18:5A:21:48:1A:1A:94:19:3B:96:44:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F55DAD2226701D6D99FC9DA0B2C69A406D23BEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa
Signing time: Fri 15 May 2026 02:20:10 +0000
ROA not before: Fri 15 May 2026 02:20:10 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:f000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:55:da:d2:22:67:01:d6:d9:9f:c9:da:0b:2c:69:a4:06:d2:3b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:20:10 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=cbd1f0b3b3c29cb82bfb96a144d9b43700eea4679310d90129d76570a2dca705, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:aa:e7:f0:70:e4:94:e5:e1:69:c3:e9:0e:60:
57:ce:6f:1c:aa:ac:39:f1:62:f1:94:bb:c8:7e:59:
e0:d1:87:f1:72:6a:d3:f8:b1:4f:1f:7d:a7:4a:04:
1d:ba:16:ba:6f:9a:b3:92:94:d3:4b:89:63:82:d2:
65:56:46:cc:c2:0b:42:d9:44:f3:3a:6e:20:0b:93:
9c:f3:c1:d4:e8:b2:78:50:f6:18:cb:8b:e1:65:0b:
92:9e:db:a0:8c:ea:8d:50:4a:45:12:27:2e:d9:6c:
68:95:ea:54:75:73:2e:b3:8c:35:07:5c:fe:d1:75:
78:7e:13:56:4f:00:9e:49:b7:8a:66:f4:b9:3f:ad:
5f:69:40:c3:09:72:25:c8:20:c0:18:65:13:42:68:
72:a7:ca:8b:75:e1:e1:ba:d7:88:8b:02:48:82:bc:
c1:a5:e7:e2:85:ad:54:57:a2:a1:1d:7c:de:31:20:
9c:24:2c:b8:cf:6e:0c:3c:04:04:06:80:ad:aa:52:
24:fe:92:24:b8:14:bd:73:bb:03:81:15:3e:fb:5f:
79:d3:91:84:d6:4f:9b:8f:a2:7e:3e:22:6c:43:15:
db:d1:b8:f4:72:e5:d2:cc:b8:e5:5c:89:40:3d:19:
f1:33:43:b0:e6:27:95:17:2c:30:2f:59:f6:ad:2d:
e0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:40:40:C2:03:23:E5:D6:18:5A:21:48:1A:1A:94:19:3B:96:44:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:f000::/40
Signature Algorithm: sha256WithRSAEncryption
71:a9:dc:60:33:00:e4:e4:86:4f:42:b3:e1:88:86:e4:e6:11:
9a:f9:87:46:be:a2:c2:15:a6:87:62:89:27:99:b1:b2:66:ce:
5b:61:88:65:03:3e:c7:20:1a:00:83:4b:41:41:0f:20:00:98:
54:20:d0:48:05:1c:a5:1e:a6:e4:83:c4:80:de:1b:68:cd:3a:
33:b4:5a:a6:67:e1:14:a4:3e:9d:3a:0b:4f:ba:45:15:f5:45:
ac:0d:98:99:a7:49:fa:d5:83:28:ed:ab:17:05:e7:26:80:91:
10:74:cb:d2:bd:d3:ce:3e:5d:3d:09:05:cd:1d:ec:a7:10:8a:
2f:3b:1d:5b:5b:c4:05:b8:08:6d:50:80:88:d5:fe:90:09:2d:
90:29:77:a3:18:91:44:e1:46:57:98:07:01:a6:dc:7d:a5:ef:
ac:e3:87:f4:d3:be:2c:66:d4:04:c5:ec:13:21:58:b1:68:89:
f3:63:5b:a4:38:40:0f:12:45:64:a1:0a:2a:51:b2:33:c4:0e:
d5:56:69:fb:89:33:e7:e4:fa:9a:53:98:03:4c:e4:41:a5:da:
0f:86:b3:a0:df:65:5e:bd:e4:7c:09:5a:10:75:30:fb:9f:36:
c6:4f:04:db:3a:0c:53:3c:f2:6e:e2:7e:2a:3c:69:aa:70:f8:
ec:49:92:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb1Xa0iJnAdbZn8naCyxppAbSO+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjIwMTBaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiZDFmMGIzYjNjMjljYjgyYmZiOTZhMTQ0ZDliNDM3MDBlZWE0Njc5MzEw
ZDkwMTI5ZDc2NTcwYTJkY2E3MDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuq5/Bw5JTl4WnD6Q5gV85vHKqsOfFi8ZS7yH5Z4NGH8XJq0/ixTx99p0oE
HboWum+as5KU00uJY4LSZVZGzMILQtlE8zpuIAuTnPPB1OiyeFD2GMuL4WULkp7b
oIzqjVBKRRInLtlsaJXqVHVzLrOMNQdc/tF1eH4TVk8Ankm3imb0uT+tX2lAwwly
JcggwBhlE0JocqfKi3Xh4brXiIsCSIK8waXn4oWtVFeioR183jEgnCQsuM9uDDwE
BAaArapSJP6SJLgUvXO7A4EVPvtfedORhNZPm4+ifj4ibEMV29G49HLl0sy45VyJ
QD0Z8TNDsOYnlRcsMC9Z9q0t4D8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSFQEDC
AyPl1hhaIUgaGpQZO5ZEgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I3NWU1M2UtNGU0NC00MWI3LTk1ZGQtZTNkNTRmZjM2Mzg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADw
MA0GCSqGSIb3DQEBCwUAA4IBAQBxqdxgMwDk5IZPQrPhiIbk5hGa+YdGvqLCFaaH
YoknmbGyZs5bYYhlAz7HIBoAg0tBQQ8gAJhUINBIBRylHqbkg8SA3htozToztFqm
Z+EUpD6dOgtPukUV9UWsDZiZp0n61YMo7asXBecmgJEQdMvSvdPOPl09CQXNHeyn
EIovOx1bW8QFuAhtUICI1f6QCS2QKXejGJFE4UZXmAcBptx9pe+s44f0074sZtQE
xewTIVixaInzY1ukOEAPEkVkoQoqUbIzxA7VVmn7iTPn5PqaU5gDTORBpdoPhrOg
32VeveR8CVoQdTD7nzbGTwTbOgxTPPJu4n4qPGmqcPjsSZI1
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:06 2026 by rpki-client