Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
File: cead5bc0-2620-45bc-b97b-adb00020a426.roa (raw, json)
Hash identifier: G1TXcV4tF0NPRWmMdT+8ilmcDP9paZQk5HGp3ysiAwI=
Subject key identifier: 35:5F:C6:BA:7C:21:44:B4:45:3A:09:8A:50:B3:6D:AC:E5:2D:59:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22E835BE74FE3DAD518FA90FEC94015EF7879E63
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
Signing time: Tue 19 May 2026 05:30:58 +0000
ROA not before: Tue 19 May 2026 05:30:58 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:e8:35:be:74:fe:3d:ad:51:8f:a9:0f:ec:94:01:5e:f7:87:9e:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:58 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=cdaa1654446058686165c91013ef8eb7856861b4bd0f013eea9c74f9076eeb4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fc:b0:2d:a8:f3:98:ee:58:9d:f0:41:80:ab:
02:56:37:2f:a3:ee:15:65:cc:52:97:2b:50:61:c6:
eb:a5:c2:51:83:3e:d7:20:29:e6:cb:0b:b1:da:5f:
a0:26:dc:81:b7:9f:bc:03:67:bd:07:56:5c:ec:37:
ca:bc:32:2f:6b:d8:2a:65:da:3d:da:0f:db:5b:92:
64:06:2f:fb:61:ed:c3:ec:70:0c:fc:09:0d:ea:ab:
09:76:19:39:c9:93:21:6d:b5:ff:2b:18:de:03:b8:
bd:db:18:bf:bc:f9:ed:2d:6a:20:75:7b:13:29:d0:
8a:d9:21:8a:90:59:81:84:e8:14:bb:8f:13:14:cc:
a1:a6:77:61:a0:31:43:18:fd:ff:6a:bf:6f:80:a7:
d8:7c:60:82:ea:fa:ca:41:84:d4:2d:42:e5:33:b2:
3e:7f:c4:8a:5f:d4:2b:c0:f7:80:cd:08:94:30:2a:
44:fa:1b:da:2b:2c:ac:84:7d:89:73:69:d3:4f:80:
57:4e:fa:a7:ed:05:e7:65:e3:ef:ac:b2:29:a5:55:
5f:cd:d1:12:c5:cc:8f:ad:91:43:c0:9b:e4:ad:98:
0d:ad:82:20:a5:7f:af:5f:95:17:fc:11:cf:93:02:
d4:f4:5e:95:ab:85:21:ba:c8:c3:0b:cf:9f:37:8f:
4b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:5F:C6:BA:7C:21:44:B4:45:3A:09:8A:50:B3:6D:AC:E5:2D:59:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e080::/48
Signature Algorithm: sha256WithRSAEncryption
1d:52:b5:0c:e2:0d:a2:9b:6d:9b:c2:77:e6:1e:52:07:1f:6b:
f1:f2:2c:67:53:07:6d:89:b3:24:e7:8b:9a:56:95:40:69:83:
f0:eb:ac:9a:f9:6b:20:bb:2e:b2:40:a6:6e:5b:22:51:bf:22:
fa:08:8f:fb:4b:da:c6:43:95:52:77:2a:e2:1f:05:4b:a3:11:
84:d0:9c:f5:8d:0a:40:30:88:8a:fb:c7:d4:ef:a1:f2:5b:cd:
c7:8f:a6:6e:54:5a:84:d8:50:fa:01:4a:0d:ff:5f:60:61:89:
88:5d:ec:1e:b2:1b:1b:b0:8e:48:29:b0:4d:05:ff:7c:08:52:
48:30:0b:fa:42:1c:0b:ba:c1:63:3c:92:df:79:e9:80:e2:b5:
56:7b:17:5d:f8:21:9d:04:19:8d:ce:42:87:af:24:bf:fc:74:
02:b6:12:ad:55:54:af:aa:e5:38:29:7b:4b:1d:38:52:5d:8c:
da:09:5b:6d:b8:80:4c:4d:ad:33:10:f4:73:74:ae:6d:eb:d0:
0a:36:aa:dd:12:c3:76:4b:b5:71:ee:c0:27:ee:f0:ce:71:95:
bb:4e:f1:c5:bd:eb:07:0e:72:00:a6:9a:a6:53:cd:b7:0b:c5:
dd:00:c3:c0:d8:89:5b:ac:c7:c7:45:e6:0e:21:61:ed:e5:c5:
0e:a1:ab:5d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIug1vnT+Pa1Rj6kP7JQBXveHnmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNThaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkYWExNjU0NDQ2MDU4Njg2MTY1YzkxMDEzZWY4ZWI3ODU2ODYxYjRiZDBm
MDEzZWVhOWM3NGY5MDc2ZWViNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKv8sC2o85juWJ3wQYCrAlY3L6PuFWXMUpcrUGHG66XCUYM+1yAp5ssLsdpf
oCbcgbefvANnvQdWXOw3yrwyL2vYKmXaPdoP21uSZAYv+2Htw+xwDPwJDeqrCXYZ
OcmTIW21/ysY3gO4vdsYv7z57S1qIHV7EynQitkhipBZgYToFLuPExTMoaZ3YaAx
Qxj9/2q/b4Cn2Hxggur6ykGE1C1C5TOyPn/Eil/UK8D3gM0IlDAqRPob2issrIR9
iXNp00+AV076p+0F52Xj76yyKaVVX83REsXMj62RQ8Cb5K2YDa2CIKV/r1+VF/wR
z5MC1PRelauFIbrIwwvPnzePSzECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ1X8a6
fCFEtEU6CYpQs22s5S1ZkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2VhZDViYzAtMjYyMC00NWJjLWI5N2ItYWRiMDAwMjBhNDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
gDANBgkqhkiG9w0BAQsFAAOCAQEAHVK1DOINopttm8J35h5SBx9r8fIsZ1MHbYmz
JOeLmlaVQGmD8OusmvlrILsuskCmblsiUb8i+giP+0vaxkOVUncq4h8FS6MRhNCc
9Y0KQDCIivvH1O+h8lvNx4+mblRahNhQ+gFKDf9fYGGJiF3sHrIbG7COSCmwTQX/
fAhSSDAL+kIcC7rBYzyS33npgOK1VnsXXfghnQQZjc5Ch68kv/x0ArYSrVVUr6rl
OCl7Sx04Ul2M2glbbbiATE2tMxD0c3SubevQCjaq3RLDdku1ce7AJ+7wznGVu07x
xb3rBw5yAKaaplPNtwvF3QDDwNiJW6zHx0XmDiFh7eXFDqGrXQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:51 2026 by rpki-client