Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea0e91cd-e265-4578-9172-3a1331586357.roa
File: ea0e91cd-e265-4578-9172-3a1331586357.roa (raw, json)
Hash identifier: hleF0v7ifeAToqLubtfN5BAkEO0AiMXw9e5TcBLGcOA=
Subject key identifier: D1:D9:E9:81:9B:7F:65:6D:C3:D8:F0:87:7E:6F:EF:0A:27:4B:00:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6441F0DACB4372A73E71162D590D3D1F381E09E3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea0e91cd-e265-4578-9172-3a1331586357.roa
Signing time: Fri 15 May 2026 03:50:11 +0000
ROA not before: Fri 15 May 2026 03:50:11 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:41:f0:da:cb:43:72:a7:3e:71:16:2d:59:0d:3d:1f:38:1e:09:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 03:50:11 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=d1923440fe0858fd0b0546c955f3b410f2812ef26ec72cb2275aa465171728d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fb:6c:88:53:6c:28:3d:b0:e0:a1:07:3d:a6:
07:85:4c:89:ae:21:fa:2b:03:19:39:f2:20:cc:c7:
86:61:1b:9b:6d:4a:e4:f2:7d:19:85:6e:db:1e:02:
fd:3b:1b:46:bc:26:3a:a8:9f:db:38:45:aa:24:79:
2b:1c:fc:94:a5:64:7e:1f:01:45:75:98:2d:68:ce:
2a:28:5c:6e:e8:e7:21:6c:23:bd:7e:9f:94:7d:24:
33:cb:c6:24:59:db:a1:5a:4b:03:43:e1:8c:8b:94:
f6:24:d1:bb:ef:67:e8:2e:4f:c7:55:a5:26:47:6e:
2e:fa:cf:8c:55:cc:9e:9e:49:39:1f:b8:7e:3d:e2:
6e:8f:88:00:eb:b3:0f:e5:c0:d8:97:e4:be:dc:4f:
e3:8c:9b:4f:57:8a:51:e1:c8:bc:62:b6:71:3b:fe:
f0:d8:1d:0c:b2:c8:f1:a1:e1:f1:b2:07:a1:8c:83:
7e:c9:95:a2:f4:aa:e7:21:6c:39:5e:59:3f:7b:c3:
9c:24:f0:54:7a:74:3f:43:ca:27:0c:e3:1f:5d:4c:
18:55:85:9f:da:67:2c:dc:6b:92:5a:b7:4e:c9:fe:
a6:f7:86:41:f0:a1:1c:a4:26:f0:a5:ff:28:3c:48:
f2:c8:a1:da:19:a6:e1:db:ae:b4:90:bc:59:e3:16:
51:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D9:E9:81:9B:7F:65:6D:C3:D8:F0:87:7E:6F:EF:0A:27:4B:00:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea0e91cd-e265-4578-9172-3a1331586357.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:f9:28:3e:5c:d6:60:96:74:fc:c1:cb:76:1f:c5:a0:49:08:
ab:c0:1f:bd:0e:b1:0f:52:fa:6b:00:2a:00:12:a7:b9:96:5e:
dd:8a:cb:ad:80:62:22:03:ff:4e:36:2d:d1:32:3b:c6:84:97:
1e:d5:ec:6a:21:84:e4:82:e8:c3:f5:8e:24:f2:ca:88:a6:2d:
89:b2:1b:c3:b5:43:94:0c:8a:de:48:78:8b:e3:9a:bb:b0:c0:
f2:e0:96:78:8d:ca:aa:85:8f:9d:f4:cc:d5:6a:78:4c:e6:48:
43:2e:cc:9c:a3:3e:25:22:7c:b5:21:c1:6a:92:49:d4:1d:23:
f4:ba:11:b4:c4:94:d5:fa:d3:f9:06:05:0a:cc:fe:dc:eb:ae:
68:22:f9:0e:7c:9b:e8:29:e4:5e:81:0c:b5:51:8a:31:be:7b:
6a:61:52:96:4f:f2:fb:cd:e4:46:e3:af:d9:89:2b:b3:41:d0:
04:32:60:c1:4f:f9:60:d9:7b:ca:4c:c5:08:ad:d1:21:d8:48:
14:68:56:d0:3f:bd:e4:ad:f2:2e:8d:c4:03:f2:70:65:a2:a9:
c2:6c:e1:fc:53:e3:94:14:2a:16:d1:92:7b:b3:07:a6:65:87:
24:fc:cc:40:b5:71:0f:f0:6a:be:eb:9b:b5:ab:f8:54:6c:6f:
8a:b0:53:88
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZEHw2stDcqc+cRYtWQ09HzgeCeMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMzUwMTFaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxOTIzNDQwZmUwODU4ZmQwYjA1NDZjOTU1ZjNiNDEwZjI4MTJlZjI2ZWM3
MmNiMjI3NWFhNDY1MTcxNzI4ZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANr7bIhTbCg9sOChBz2mB4VMia4h+isDGTnyIMzHhmEbm21K5PJ9GYVu2x4C
/TsbRrwmOqif2zhFqiR5Kxz8lKVkfh8BRXWYLWjOKihcbujnIWwjvX6flH0kM8vG
JFnboVpLA0PhjIuU9iTRu+9n6C5Px1WlJkduLvrPjFXMnp5JOR+4fj3ibo+IAOuz
D+XA2JfkvtxP44ybT1eKUeHIvGK2cTv+8NgdDLLI8aHh8bIHoYyDfsmVovSq5yFs
OV5ZP3vDnCTwVHp0P0PKJwzjH11MGFWFn9pnLNxrklq3Tsn+pveGQfChHKQm8KX/
KDxI8sih2hmm4duutJC8WeMWUXcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTR2emB
m39lbcPY8Id+b+8KJ0sASzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEwZTkxY2QtZTI2NS00NTc4LTkxNzItM2ExMzMxNTg2MzU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCL+Sg+XNZglnT8wct2H8WgSQirwB+9DrEPUvpr
ACoAEqe5ll7disutgGIiA/9ONi3RMjvGhJce1exqIYTkgujD9Y4k8sqIpi2JshvD
tUOUDIreSHiL45q7sMDy4JZ4jcqqhY+d9MzVanhM5khDLsycoz4lIny1IcFqkknU
HSP0uhG0xJTV+tP5BgUKzP7c665oIvkOfJvoKeRegQy1UYoxvntqYVKWT/L7zeRG
46/ZiSuzQdAEMmDBT/lg2XvKTMUIrdEh2EgUaFbQP73krfIujcQD8nBloqnCbOH8
U+OUFCoW0ZJ7swemZYck/MxAtXEP8Gq+65u1q/hUbG+KsFOI
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:04 2026 by rpki-client