Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
File: e584cad3-b485-48b5-a920-636e55268d8b.roa (raw, json)
Hash identifier: D+LXTaBleCFODxgXfZskySbUzvQLwd/PujW7U8UowHw=
Subject key identifier: 6A:BF:80:97:87:FB:B9:26:C6:AD:15:2D:B6:E5:FB:60:A0:BC:DF:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1077A21BD560BA71D8E1700A3F9652471768E5C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
Signing time: Tue 19 May 2026 05:21:03 +0000
ROA not before: Tue 19 May 2026 05:21:03 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:77:a2:1b:d5:60:ba:71:d8:e1:70:0a:3f:96:52:47:17:68:e5:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:21:03 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=909ff20689407ab95fe27b872641595c5bce101894dec05d4c63a83d0ebf1f1e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:28:fc:de:04:c6:76:ec:82:be:03:b8:e6:e2:
ce:fa:f5:1b:9b:c8:ce:41:1c:78:a5:9e:14:de:24:
95:d6:da:a1:63:f6:a2:5f:67:89:c1:06:2a:ce:db:
0d:20:2d:04:03:61:e1:23:16:80:0e:33:fa:18:c6:
c4:56:06:e6:b5:a0:6a:0b:fe:b9:a0:85:15:aa:1c:
3c:4b:d4:5b:8e:84:80:e0:29:db:7b:a3:7a:92:b2:
20:43:9e:c5:a2:c3:35:5f:2d:24:77:58:7d:1c:51:
7d:1e:9d:cf:06:a9:f3:aa:eb:39:58:f4:b5:1e:2d:
6e:1b:d2:f2:ae:4f:eb:43:6d:12:c8:51:d8:80:53:
80:e9:ef:53:0f:91:47:8d:bf:5d:f2:01:9b:eb:e2:
1f:04:08:d8:89:c5:6e:80:7a:f5:e2:ad:0a:c7:cc:
78:7b:54:1f:bc:51:f1:c3:8a:7f:15:4c:cd:38:b8:
ba:19:26:99:ff:a6:d5:c4:12:9e:59:1e:b9:35:5e:
6c:40:05:e0:8b:1b:c1:61:da:fc:16:50:be:5d:f3:
55:9a:00:e0:a8:56:8e:a9:9e:cc:38:11:af:88:cb:
f8:53:c3:03:fd:e1:bf:32:ef:90:9b:8d:2a:5d:43:
56:52:6b:f8:5c:c4:ce:e8:a6:e3:71:f1:d8:22:36:
f5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BF:80:97:87:FB:B9:26:C6:AD:15:2D:B6:E5:FB:60:A0:BC:DF:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
19:8e:47:ff:95:2b:89:ee:36:72:d2:b6:3e:03:3c:eb:ff:1c:
71:a7:0c:fb:3e:88:6c:79:51:73:14:e3:e9:21:44:2e:c4:96:
b2:ed:66:04:2c:82:a4:0b:a0:09:a0:ee:bf:7c:7c:9a:61:05:
9a:09:c4:39:6c:17:e1:35:24:c4:46:f2:c9:00:15:c2:a7:d6:
3f:1c:e9:61:c4:73:38:fc:4b:56:5b:26:e1:af:dd:84:d9:00:
15:2f:52:a8:67:77:07:25:8f:d8:69:98:48:0b:a4:66:d2:c6:
d0:68:92:81:34:66:b9:02:67:68:d0:17:0c:92:78:76:11:16:
0c:15:88:98:45:96:58:b9:d8:15:0e:0a:96:25:4b:b4:3a:e9:
0c:23:2b:5c:e3:e8:71:d3:47:ab:c3:93:8a:10:03:ab:df:18:
a0:5f:2c:7a:35:79:c3:7d:dd:49:45:9d:24:0d:73:df:05:f3:
c8:d4:6b:2a:73:1c:99:d7:ea:9f:55:be:f4:b6:c4:d3:c3:e9:
07:87:eb:f2:d6:19:e5:a0:cc:83:16:a7:41:98:e9:9a:45:a5:
4a:a0:23:73:02:07:d2:de:7c:11:8d:d2:42:81:f2:0f:52:49:
0f:b8:33:9b:33:25:3a:bf:6b:67:94:73:00:f8:ed:de:f7:ff:
4b:b3:7d:05
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEHeiG9VgunHY4XAKP5ZSRxdo5ccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIxMDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwOWZmMjA2ODk0MDdhYjk1ZmUyN2I4NzI2NDE1OTVjNWJjZTEwMTg5NGRl
YzA1ZDRjNjNhODNkMGViZjFmMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYo/N4Exnbsgr4DuObizvr1G5vIzkEceKWeFN4kldbaoWP2ol9nicEGKs7b
DSAtBANh4SMWgA4z+hjGxFYG5rWgagv+uaCFFaocPEvUW46EgOAp23ujepKyIEOe
xaLDNV8tJHdYfRxRfR6dzwap86rrOVj0tR4tbhvS8q5P60NtEshR2IBTgOnvUw+R
R42/XfIBm+viHwQI2InFboB69eKtCsfMeHtUH7xR8cOKfxVMzTi4uhkmmf+m1cQS
nlkeuTVebEAF4IsbwWHa/BZQvl3zVZoA4KhWjqmezDgRr4jL+FPDA/3hvzLvkJuN
Kl1DVlJr+FzEzuim43Hx2CI29RkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRqv4CX
h/u5JsatFS225ftgoLzfUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTU4NGNhZDMtYjQ4NS00OGI1LWE5MjAtNjM2ZTU1MjY4ZDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
wDANBgkqhkiG9w0BAQsFAAOCAQEAGY5H/5Urie42ctK2PgM86/8ccacM+z6IbHlR
cxTj6SFELsSWsu1mBCyCpAugCaDuv3x8mmEFmgnEOWwX4TUkxEbyyQAVwqfWPxzp
YcRzOPxLVlsm4a/dhNkAFS9SqGd3ByWP2GmYSAukZtLG0GiSgTRmuQJnaNAXDJJ4
dhEWDBWImEWWWLnYFQ4KliVLtDrpDCMrXOPocdNHq8OTihADq98YoF8sejV5w33d
SUWdJA1z3wXzyNRrKnMcmdfqn1W+9LbE08PpB4fr8tYZ5aDMgxanQZjpmkWlSqAj
cwIH0t58EY3SQoHyD1JJD7gzmzMlOr9rZ5RzAPjt3vf/S7N9BQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:46 2026 by rpki-client