Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: eN1nEGctkBBbveDPvojmKaiJDGrho5cliQsmPGLfW10=
Subject key identifier: 57:72:A8:A4:45:19:E9:A1:77:4D:6A:F7:21:B4:F3:C2:09:21:1E:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F5ED05EC32ACD1629850490873F60D4DCB4C232
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Tue 19 May 2026 05:20:37 +0000
ROA not before: Tue 19 May 2026 05:20:37 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:5e:d0:5e:c3:2a:cd:16:29:85:04:90:87:3f:60:d4:dc:b4:c2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:37 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=25ad2f66402111e4e5b9767ae04fecade648834bafea549a0c3b4dec9b189ba4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0e:3a:b1:41:47:20:ef:93:ae:b4:d6:20:d1:
20:18:f5:14:15:25:80:cb:61:7f:3a:0f:a9:6c:17:
48:23:72:e5:98:55:53:70:aa:78:ce:75:03:8c:26:
f2:50:29:d9:d1:0f:8c:bd:b4:d3:16:ff:5c:a0:95:
19:26:4d:39:6d:62:ba:5c:23:6c:b6:29:7b:cc:8e:
ef:f6:e1:ab:10:1e:9a:ae:08:97:93:56:87:6c:43:
66:bd:f0:25:d2:85:5d:e6:6e:56:ba:07:a2:df:e1:
d5:41:d7:7f:0e:92:2d:02:43:04:01:e7:2a:0d:fd:
34:3c:8d:ca:4e:1e:20:ae:e2:35:2c:df:7f:38:25:
c2:0e:95:4e:63:08:f5:be:e1:7a:ae:f8:cb:0b:4b:
2f:5e:53:f9:6b:3c:81:09:53:85:de:b4:51:61:11:
f8:f5:3c:20:96:1f:93:ea:08:09:c5:24:e3:09:13:
a1:b2:28:fb:ea:e7:52:3f:0c:a5:88:c5:b7:a7:68:
c3:a7:d1:d5:ec:aa:67:6d:25:8f:7e:ac:44:2b:d8:
30:99:d2:2d:09:50:2e:c4:21:98:41:23:3a:de:c9:
9e:5c:0f:a1:ff:8c:7d:bd:05:d1:bd:f8:88:62:d0:
60:bd:b2:d5:b0:97:7c:8f:b1:8f:32:50:37:cd:dc:
62:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:72:A8:A4:45:19:E9:A1:77:4D:6A:F7:21:B4:F3:C2:09:21:1E:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
af:9d:90:41:67:66:1f:0c:5e:99:9e:72:f1:c0:60:28:d6:4d:
a3:78:aa:6a:20:b0:42:48:59:7e:2a:98:75:71:6d:f1:8f:30:
f9:9f:8f:06:6e:b3:7b:10:15:94:7f:43:11:f5:25:39:1c:38:
50:32:4d:62:9a:76:de:c2:56:88:33:1b:74:d2:7d:0c:af:d5:
62:d4:20:6a:b1:0b:ca:9d:a4:4d:07:b5:d5:76:9a:09:3f:a2:
1a:71:dd:1d:5a:b4:c7:35:b8:15:fd:81:91:9b:36:9c:06:f3:
8a:93:84:ee:af:d9:8d:eb:4d:20:09:2c:1c:9d:ef:b8:a3:77:
ab:8a:06:ff:fb:38:81:78:21:df:6c:3e:27:ad:45:4a:5d:f7:
e6:b6:b1:80:f6:0b:4a:76:fc:f0:29:0c:30:b7:27:fb:07:ea:
39:59:17:a0:06:94:fd:0f:a0:d1:5c:c4:a8:8d:bf:b9:a8:de:
fb:e8:00:5a:8d:02:5a:fb:f5:f9:b5:98:b1:d0:e7:11:11:40:
64:f1:fb:d3:0b:35:8a:4c:89:75:60:fa:45:6a:42:ec:00:37:
ad:bb:a7:90:65:02:12:cb:e8:c8:1d:5f:8d:15:8b:5d:14:11:
7d:b3:35:6c:22:45:74:fb:97:03:a2:00:f0:2a:1f:7d:75:e6:
b1:d0:41:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb17QXsMqzRYphQSQhz9g1Ny0wjIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMzdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1YWQyZjY2NDAyMTExZTRlNWI5NzY3YWUwNGZlY2FkZTY0ODgzNGJhZmVh
NTQ5YTBjM2I0ZGVjOWIxODliYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcOOrFBRyDvk6601iDRIBj1FBUlgMthfzoPqWwXSCNy5ZhVU3CqeM51A4wm
8lAp2dEPjL200xb/XKCVGSZNOW1iulwjbLYpe8yO7/bhqxAemq4Il5NWh2xDZr3w
JdKFXeZuVroHot/h1UHXfw6SLQJDBAHnKg39NDyNyk4eIK7iNSzffzglwg6VTmMI
9b7heq74ywtLL15T+Ws8gQlThd60UWER+PU8IJYfk+oICcUk4wkTobIo++rnUj8M
pYjFt6dow6fR1eyqZ20lj36sRCvYMJnSLQlQLsQhmEEjOt7JnlwPof+Mfb0F0b34
iGLQYL2y1bCXfI+xjzJQN83cYjsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRXcqik
RRnpoXdNavchtPPCCSEe4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQCvnZBBZ2YfDF6ZnnLxwGAo1k2jeKpqILBCSFl+
Kph1cW3xjzD5n48GbrN7EBWUf0MR9SU5HDhQMk1imnbewlaIMxt00n0Mr9Vi1CBq
sQvKnaRNB7XVdpoJP6Iacd0dWrTHNbgV/YGRmzacBvOKk4Tur9mN600gCSwcne+4
o3erigb/+ziBeCHfbD4nrUVKXffmtrGA9gtKdvzwKQwwtyf7B+o5WRegBpT9D6DR
XMSojb+5qN776ABajQJa+/X5tZix0OcREUBk8fvTCzWKTIl1YPpFakLsADetu6eQ
ZQISy+jIHV+NFYtdFBF9szVsIkV0+5cDogDwKh99deax0EFe
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:41 2026 by rpki-client