Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
File: e875eadd-6478-4ac0-8792-06722aa80dd0.roa (raw, json)
Hash identifier: L0zyL+QBjagX/JiMGc5TYCJwdi1LZwe1uv3xOsxoLYk=
Subject key identifier: 6A:73:9D:50:D4:CF:8A:53:04:17:7D:0E:9D:B0:F4:F5:6B:0F:7C:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39A62552C15C9D1919C304563EE58F291D31074C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
Signing time: Tue 19 May 2026 04:50:28 +0000
ROA not before: Tue 19 May 2026 04:50:28 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:a6:25:52:c1:5c:9d:19:19:c3:04:56:3e:e5:8f:29:1d:31:07:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:28 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=71127ff90466acae0d5b328858f927a1c0f36593332c75227021e6e25c3ed9d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:03:7d:6a:e0:9d:b3:52:ea:5e:3c:8e:f4:8f:
1e:18:8d:98:2a:b8:fc:56:cd:d7:5b:5c:07:b7:10:
73:d5:07:f8:55:f6:e5:6a:53:3f:5c:3a:1b:0d:7f:
a3:5d:5d:d0:8c:43:65:9f:d8:ca:99:c7:eb:5e:b8:
eb:a4:69:a7:a5:da:d5:08:a7:13:c7:37:37:cb:eb:
4e:57:34:c8:9a:f6:34:4e:0a:28:2b:ea:53:d8:7a:
1a:e8:3c:4e:9a:03:36:92:16:85:fb:e9:64:0d:cb:
c3:61:af:92:76:99:7e:f7:b5:af:24:1b:b4:e0:4a:
38:ac:ce:10:ca:80:b4:28:eb:60:84:28:c5:e9:50:
73:91:71:c9:4d:53:9b:78:93:c9:ff:05:c3:84:63:
ad:22:25:1d:f1:78:1e:cd:ee:42:f7:cf:c2:34:72:
87:30:66:70:73:7c:ed:6b:e6:3e:f2:aa:12:15:94:
24:bd:22:bd:ba:f7:c9:ee:15:38:b7:03:93:72:32:
fd:f5:20:f7:08:1e:dd:99:23:c8:56:a3:21:ea:c3:
8b:ad:80:b9:28:a7:ea:05:89:fe:f6:7a:e4:33:47:
b1:51:df:c8:e8:35:2a:fa:9c:a5:65:30:7d:bf:2d:
dd:95:00:13:19:19:4a:0c:54:83:32:db:5d:1a:50:
62:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:73:9D:50:D4:CF:8A:53:04:17:7D:0E:9D:B0:F4:F5:6B:0F:7C:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
54:96:60:f6:d3:47:47:db:8b:e2:14:e3:2e:94:27:44:fa:1d:
35:5c:4a:45:86:dc:a4:65:6f:1f:70:af:82:eb:56:a4:c0:58:
13:c1:69:35:26:a6:a8:3d:24:d6:c3:c9:a1:a3:70:2b:b0:21:
81:c8:08:09:a9:5a:91:61:76:b2:f7:c6:96:2a:f7:1d:b1:7c:
92:5e:9a:f8:3f:7c:14:5e:ff:19:dc:2f:00:7a:e4:fb:7f:f3:
29:61:99:66:70:b7:49:3c:eb:8b:82:6f:db:3f:c0:a6:a8:2e:
7a:f6:3c:6e:ea:ef:29:2f:50:55:ea:3e:2c:86:fb:2d:03:16:
15:80:6d:c1:1c:01:8a:44:4c:9c:e9:a7:d2:6f:59:12:c6:36:
e0:4f:3c:95:ed:3b:9c:5a:cb:65:c4:59:36:a8:ff:04:80:b4:
df:d4:da:c2:5d:94:ba:a5:c3:3c:46:55:c5:8e:65:6c:80:77:
e8:ea:76:84:36:a4:2e:65:db:ee:96:01:18:96:b9:09:09:53:
0f:1e:93:03:7b:be:3d:6f:5b:a6:cb:23:5b:1a:38:db:c6:21:
34:ab:e0:80:78:bd:f2:83:0f:1f:93:ed:0c:d7:3a:22:0d:88:
93:f9:88:bc:35:f3:79:35:74:65:7e:75:14:53:cc:4d:ff:5f:
3b:09:78:b9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOaYlUsFcnRkZwwRWPuWPKR0xB0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMjhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxMTI3ZmY5MDQ2NmFjYWUwZDViMzI4ODU4ZjkyN2ExYzBmMzY1OTMzMzJj
NzUyMjcwMjFlNmUyNWMzZWQ5ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwDfWrgnbNS6l48jvSPHhiNmCq4/FbN11tcB7cQc9UH+FX25WpTP1w6Gw1/
o11d0IxDZZ/YypnH616466Rpp6Xa1QinE8c3N8vrTlc0yJr2NE4KKCvqU9h6Gug8
TpoDNpIWhfvpZA3Lw2GvknaZfve1ryQbtOBKOKzOEMqAtCjrYIQoxelQc5FxyU1T
m3iTyf8Fw4RjrSIlHfF4Hs3uQvfPwjRyhzBmcHN87WvmPvKqEhWUJL0ivbr3ye4V
OLcDk3Iy/fUg9wge3ZkjyFajIerDi62AuSin6gWJ/vZ65DNHsVHfyOg1KvqcpWUw
fb8t3ZUAExkZSgxUgzLbXRpQYpMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRqc51Q
1M+KUwQXfQ6dsPT1aw98iDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3NWVhZGQtNjQ3OC00YWMwLTg3OTItMDY3MjJhYTgwZGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
wDANBgkqhkiG9w0BAQsFAAOCAQEAVJZg9tNHR9uL4hTjLpQnRPodNVxKRYbcpGVv
H3CvgutWpMBYE8FpNSamqD0k1sPJoaNwK7AhgcgICalakWF2svfGlir3HbF8kl6a
+D98FF7/GdwvAHrk+3/zKWGZZnC3STzri4Jv2z/ApqguevY8burvKS9QVeo+LIb7
LQMWFYBtwRwBikRMnOmn0m9ZEsY24E88le07nFrLZcRZNqj/BIC039Tawl2UuqXD
PEZVxY5lbIB36Op2hDakLmXb7pYBGJa5CQlTDx6TA3u+PW9bpssjWxo428YhNKvg
gHi98oMPH5PtDNc6Ig2Ik/mIvDXzeTV0ZX51FFPMTf9fOwl4uQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:33 2026 by rpki-client