Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
File: ed0f44c7-c286-45c9-9156-5644f580ab41.roa (raw, json)
Hash identifier: ig3Y0OwW846CG4SwRltEI9uBE0Lq04rli+KelBpHLbw=
Subject key identifier: 34:3D:4A:1D:34:51:AD:0E:AD:06:9B:5E:FA:D9:84:A1:DE:0B:86:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09427729C2FDE88D394D98F9F9A699092E301D3D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
Signing time: Tue 19 May 2026 05:10:58 +0000
ROA not before: Tue 19 May 2026 05:10:58 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:42:77:29:c2:fd:e8:8d:39:4d:98:f9:f9:a6:99:09:2e:30:1d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:58 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=ecc0abdca408cda9b258df473021dd2e640a61c2087cf701e2cf9d765a87945f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:25:2d:56:1d:53:27:ba:eb:3c:85:98:32:ab:
b3:ba:68:a0:8d:1e:af:fa:aa:e7:05:08:f3:32:46:
47:58:74:03:f9:76:26:0f:79:eb:09:ae:4c:ec:34:
ac:eb:b9:77:80:4e:cd:8b:d6:53:6a:28:aa:11:24:
d1:81:0e:3f:b6:4a:dc:6d:89:1f:27:28:cd:db:c7:
fa:4f:51:61:bb:1b:a2:c1:5c:9e:31:a7:e7:2c:91:
33:c0:95:3d:58:38:46:d9:6b:c0:1d:42:6e:d5:24:
17:cf:9c:eb:b6:6a:18:6f:1d:74:51:15:cc:d9:48:
04:64:ac:61:de:56:0c:b3:09:43:73:b3:c8:c1:0e:
b1:28:f0:15:b6:9f:36:e1:db:fc:38:e1:0d:a2:64:
40:b7:57:30:18:c8:ff:2a:1d:54:e8:ae:c4:1c:9a:
d0:05:a8:ff:d8:de:91:1d:83:2c:c6:3b:24:3c:42:
40:58:7f:48:89:b0:0e:65:03:3f:b3:6f:5c:c9:cb:
3c:e8:39:80:db:5a:b6:6d:0e:98:9b:89:d2:20:bb:
c9:65:20:4d:89:84:ea:54:ea:85:ea:0f:13:40:ae:
47:15:8e:00:55:ee:b9:56:26:e7:2f:dd:cf:df:59:
b7:ce:66:d6:f8:ea:05:17:32:f8:75:c2:78:21:02:
3a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3D:4A:1D:34:51:AD:0E:AD:06:9B:5E:FA:D9:84:A1:DE:0B:86:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:b000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:f9:c5:f8:93:cb:3b:04:86:46:8b:0e:bd:67:23:2e:9a:50:
9e:67:88:e6:03:26:4b:d1:39:83:fc:18:88:a6:03:3f:b1:15:
2e:25:3a:9f:be:42:92:61:f7:1c:91:2f:a3:65:6c:96:20:fb:
3f:3c:45:5c:a6:b0:8b:96:4f:59:62:68:39:52:1f:59:1d:45:
e2:a6:93:9c:d0:4f:f0:d2:5d:82:b1:d7:d3:17:2a:72:01:d7:
fd:10:43:9d:a0:b3:a8:7d:94:53:b7:8b:ef:ad:c1:9a:d1:01:
79:99:e4:e9:74:ec:86:92:98:3b:bc:a2:1e:95:93:29:40:5c:
8d:12:15:06:42:fc:fc:dd:3b:25:70:0a:85:19:0f:af:2b:60:
53:dc:a7:ad:7b:5b:73:6d:14:2e:70:65:48:51:eb:a4:28:1e:
2e:3f:54:dd:07:a3:91:62:9c:c2:34:e2:89:2b:17:19:3f:0d:
0f:dd:3f:73:56:82:12:fe:b1:5b:a5:d2:a9:e5:44:ab:4b:ea:
66:92:84:7b:cc:eb:98:ee:be:45:da:de:9c:c0:49:0c:a3:f8:
1c:bb:5d:ea:f3:bb:e0:4f:a9:1d:15:f7:c5:05:e8:4b:00:dc:
8c:2f:ee:c8:9a:4a:84:86:8e:42:21:c1:f4:2e:48:9b:2e:e2:
8f:f9:99:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCUJ3KcL96I05TZj5+aaZCS4wHT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwNThaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjYzBhYmRjYTQwOGNkYTliMjU4ZGY0NzMwMjFkZDJlNjQwYTYxYzIwODdj
ZjcwMWUyY2Y5ZDc2NWE4Nzk0NWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIlLVYdUye66zyFmDKrs7pooI0er/qq5wUI8zJGR1h0A/l2Jg956wmuTOw0
rOu5d4BOzYvWU2ooqhEk0YEOP7ZK3G2JHycozdvH+k9RYbsbosFcnjGn5yyRM8CV
PVg4RtlrwB1CbtUkF8+c67ZqGG8ddFEVzNlIBGSsYd5WDLMJQ3OzyMEOsSjwFbaf
NuHb/DjhDaJkQLdXMBjI/yodVOiuxBya0AWo/9jekR2DLMY7JDxCQFh/SImwDmUD
P7NvXMnLPOg5gNtatm0OmJuJ0iC7yWUgTYmE6lTqheoPE0CuRxWOAFXuuVYm5y/d
z99Zt85m1vjqBRcy+HXCeCECOqECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0PUod
NFGtDq0Gm1762YSh3guGQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQwZjQ0YzctYzI4Ni00NWM5LTkxNTYtNTY0NGY1ODBhYjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fiw
MA0GCSqGSIb3DQEBCwUAA4IBAQCs+cX4k8s7BIZGiw69ZyMumlCeZ4jmAyZL0TmD
/BiIpgM/sRUuJTqfvkKSYfcckS+jZWyWIPs/PEVcprCLlk9ZYmg5Uh9ZHUXippOc
0E/w0l2CsdfTFypyAdf9EEOdoLOofZRTt4vvrcGa0QF5meTpdOyGkpg7vKIelZMp
QFyNEhUGQvz83TslcAqFGQ+vK2BT3Kete1tzbRQucGVIUeukKB4uP1TdB6ORYpzC
NOKJKxcZPw0P3T9zVoIS/rFbpdKp5USrS+pmkoR7zOuY7r5F2t6cwEkMo/gcu13q
87vgT6kdFffFBehLANyML+7ImkqEho5CIcH0LkibLuKP+Zmv
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:44 2026 by rpki-client