Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
File: dedc9540-e267-4454-a449-e65933af6f0f.roa (raw, json)
Hash identifier: xDgtSoHNjpmE9mo5p+QNWSY3NxD50I0wLBqV4QyI2To=
Subject key identifier: F2:8D:4C:90:A0:40:C4:27:31:F6:C1:64:56:D9:01:4B:A2:77:91:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 75B3D815050B3E68808AEB5E0F208C7D00372EF1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
Signing time: Tue 19 May 2026 05:40:51 +0000
ROA not before: Tue 19 May 2026 05:40:51 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:b3:d8:15:05:0b:3e:68:80:8a:eb:5e:0f:20:8c:7d:00:37:2e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:51 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=97eb83027980ff2074ae24de69ad2bd1ecc900fb3ed635c91af960d424e92111, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:89:a6:d7:37:8c:37:41:57:d1:04:0d:a6:3b:
c3:50:b7:3e:eb:44:9e:78:0e:e1:f9:df:30:6d:9a:
86:25:8f:32:67:a9:c6:64:90:f4:e0:f4:4c:c2:16:
3b:44:56:3e:1a:6c:0d:0d:9c:7a:b7:9e:47:b2:81:
83:33:40:e3:86:67:cc:f3:44:43:0d:ac:16:bc:40:
32:7f:8e:8d:53:35:61:8c:72:09:74:2c:5e:65:5d:
a3:42:43:4e:8c:1b:9c:f8:2b:ca:ee:3a:85:b3:16:
3f:82:78:da:39:ed:a1:df:b0:d9:24:ee:70:cf:e9:
d3:11:0c:c4:9e:5b:ad:d7:f1:aa:3e:41:d4:df:c0:
81:a3:9d:71:42:27:fc:01:17:2c:0d:f0:7d:82:0a:
e1:1c:a7:1c:c2:f8:21:f3:a6:af:14:00:58:88:95:
83:aa:4c:ab:ab:ae:88:42:0c:87:8d:dc:bd:0a:cf:
ae:30:12:c2:1b:70:df:a7:f0:65:55:1a:f7:1b:f1:
6a:b1:7f:8d:9a:10:aa:32:5b:d9:e2:5a:9a:bc:cf:
e2:23:bc:5f:82:87:11:e6:52:b3:eb:76:18:b3:62:
6a:a3:6a:fc:5f:47:10:43:4c:47:30:85:d7:dd:0f:
9d:11:fb:1c:e7:47:e0:9f:b9:2b:82:cf:42:ec:a8:
93:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:8D:4C:90:A0:40:C4:27:31:F6:C1:64:56:D9:01:4B:A2:77:91:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:1000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:6e:c7:62:71:b4:0d:88:5d:53:d7:6e:d3:da:18:f5:dd:19:
66:45:46:5e:57:70:43:31:aa:12:1a:af:31:40:7d:8d:57:92:
7c:fa:9c:b2:0e:c9:df:8c:70:7c:2e:68:03:98:56:61:cd:52:
1a:9f:79:f3:83:4f:c4:26:24:80:3e:5c:67:a0:48:b3:bf:4d:
ac:51:04:ea:8c:c6:c4:80:dc:75:ae:d2:6f:c4:b2:bb:fa:3a:
32:ac:8d:00:56:e4:2f:5f:c3:8c:84:7b:a8:bf:1f:b0:ab:8b:
31:fb:49:2f:3c:98:f8:1b:22:b0:84:46:85:87:19:55:a0:52:
27:29:c4:37:7c:c9:b2:4b:23:98:03:5d:87:ad:d2:84:d5:4c:
3d:4c:d1:f5:7c:ef:68:2b:6c:5f:7a:95:cb:4e:47:78:a4:f0:
f0:93:29:93:ad:c0:30:01:cd:3b:b8:00:b2:f1:3b:54:fd:5f:
80:6d:d2:0d:2b:95:7c:8f:0d:fa:38:26:44:9c:d4:52:b5:2b:
e6:74:f8:09:9c:d8:45:b8:43:5c:c9:ad:ac:be:5d:ed:12:68:
29:4d:be:f5:5c:30:6a:85:59:e4:16:6f:dc:b2:cd:a7:74:73:
32:cd:39:d6:d3:fb:51:6b:67:8f:7a:0f:f3:70:9a:41:e2:ac:
1d:49:72:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdbPYFQULPmiAiuteDyCMfQA3LvEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3ZWI4MzAyNzk4MGZmMjA3NGFlMjRkZTY5YWQyYmQxZWNjOTAwZmIzZWQ2
MzVjOTFhZjk2MGQ0MjRlOTIxMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSJptc3jDdBV9EEDaY7w1C3PutEnngO4fnfMG2ahiWPMmepxmSQ9OD0TMIW
O0RWPhpsDQ2cereeR7KBgzNA44ZnzPNEQw2sFrxAMn+OjVM1YYxyCXQsXmVdo0JD
TowbnPgryu46hbMWP4J42jntod+w2STucM/p0xEMxJ5brdfxqj5B1N/AgaOdcUIn
/AEXLA3wfYIK4RynHML4IfOmrxQAWIiVg6pMq6uuiEIMh43cvQrPrjASwhtw36fw
ZVUa9xvxarF/jZoQqjJb2eJamrzP4iO8X4KHEeZSs+t2GLNiaqNq/F9HEENMRzCF
190PnRH7HOdH4J+5K4LPQuyok/kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyjUyQ
oEDEJzH2wWRW2QFLoneRFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVkYzk1NDAtZTI2Ny00NDU0LWE0NDktZTY1OTMzYWY2ZjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA8bsdicbQNiF1T127T2hj13RlmRUZeV3BDMaoS
Gq8xQH2NV5J8+pyyDsnfjHB8LmgDmFZhzVIan3nzg0/EJiSAPlxnoEizv02sUQTq
jMbEgNx1rtJvxLK7+joyrI0AVuQvX8OMhHuovx+wq4sx+0kvPJj4GyKwhEaFhxlV
oFInKcQ3fMmySyOYA12HrdKE1Uw9TNH1fO9oK2xfepXLTkd4pPDwkymTrcAwAc07
uACy8TtU/V+AbdINK5V8jw36OCZEnNRStSvmdPgJnNhFuENcya2svl3tEmgpTb71
XDBqhVnkFm/css2ndHMyzTnW0/tRa2ePeg/zcJpB4qwdSXJI
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:26 2026 by rpki-client