Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/edfb9a00-daaa-4562-af30-a180134fd503.roa
File: edfb9a00-daaa-4562-af30-a180134fd503.roa (raw, json)
Hash identifier: 8z5bPo2dMncL7LgMN5pwPm6ge9kdoYypjsaE2uzV+Qc=
Subject key identifier: A5:38:D3:9C:1C:DB:D4:0A:23:51:B7:9C:53:F8:DF:B7:18:CF:C1:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 742AC7DEC419DD5BA9C4D400DC36A16A3641143B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/edfb9a00-daaa-4562-af30-a180134fd503.roa
Signing time: Fri 22 May 2026 16:01:57 +0000
ROA not before: Fri 22 May 2026 16:01:57 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d062:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:2a:c7:de:c4:19:dd:5b:a9:c4:d4:00:dc:36:a1:6a:36:41:14:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:01:57 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=09d7e48b17e6ad67aced1c530d0a16c04110b297046e23acc51714fa13f303a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e0:a7:cb:26:50:21:87:32:b1:70:72:8c:3d:
ec:9f:b5:89:78:78:ce:2c:26:1d:df:91:97:b5:0f:
4a:a4:ae:ef:5f:46:20:60:dc:4b:53:ca:dd:d8:17:
b1:d0:1c:75:d7:25:9b:e6:0b:6b:88:5a:0c:d5:a2:
47:c7:ca:aa:84:66:46:e8:bf:bb:cd:83:7b:7f:b8:
c9:e9:19:1b:dd:e8:d9:a7:21:13:67:9b:1f:e3:ce:
c7:60:3d:5c:d7:40:21:cd:11:58:18:e8:f7:f2:23:
bf:b8:b7:6a:e0:18:ce:f0:b3:92:26:c1:59:71:51:
e3:f4:ab:b4:e0:27:2c:ed:6b:aa:8d:92:72:1d:1a:
89:62:98:15:40:f1:71:ac:65:1a:dc:09:f8:c1:e9:
e4:9b:5f:c4:ca:60:97:3a:6d:23:3c:83:91:79:72:
62:5a:8c:55:d5:35:21:34:79:5a:c7:c8:51:22:a0:
fc:06:bc:05:21:85:8f:8a:be:46:be:26:a0:6a:98:
fc:d6:2e:44:57:7f:45:3c:8b:b2:ff:2e:4d:64:b4:
4e:b9:ac:f3:9b:0d:c9:43:31:15:6a:9d:ea:5e:27:
dc:47:13:5b:bf:e0:1e:8d:00:7c:28:b7:f0:3e:05:
54:f6:d8:44:3c:2b:e4:e3:df:6f:76:f9:98:95:34:
4d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:38:D3:9C:1C:DB:D4:0A:23:51:B7:9C:53:F8:DF:B7:18:CF:C1:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/edfb9a00-daaa-4562-af30-a180134fd503.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d062:8000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:bd:f2:48:77:e5:c9:26:de:23:b0:3e:78:10:ca:05:56:f9:
54:9a:b7:3f:16:1a:63:10:bf:0f:a8:cd:e5:66:34:3b:ad:ce:
5e:35:59:7f:f3:1e:a0:66:4b:20:e1:28:4d:68:a1:80:69:91:
84:9c:f5:2a:8e:b5:c3:fa:7e:80:6a:8b:3d:f1:4e:69:38:03:
06:af:e8:80:56:4d:12:d7:e2:f1:60:6f:ef:1e:09:7e:f0:0b:
45:08:61:a5:d1:5c:f4:84:ec:0e:7c:0f:b0:c1:09:4e:06:52:
fc:57:be:e7:80:cb:be:16:b8:fd:1c:f7:27:28:9f:ff:46:16:
d6:c4:13:f1:79:e2:8d:69:ba:50:06:65:36:7b:1c:ce:a0:ff:
2c:bb:cc:11:c3:d6:f3:ee:ed:17:3f:06:ca:c2:21:c1:93:36:
70:45:18:d1:b2:06:7e:1f:8d:c7:db:59:5c:0b:6e:f1:aa:9d:
5c:86:fc:d2:ff:f7:9f:64:e7:7f:eb:c3:d4:cd:4c:7a:42:bc:
96:72:fd:d5:a8:16:f9:95:08:fd:5d:3e:03:40:d1:d3:eb:ce:
8f:ca:cc:e1:39:9f:71:48:6b:c2:e2:ab:bf:98:26:89:af:60:
ab:9b:cc:8e:bb:31:be:7d:53:8d:c3:8a:29:fc:34:27:61:fd:
18:23:52:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdCrH3sQZ3VupxNQA3DahajZBFDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAxNTdaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5ZDdlNDhiMTdlNmFkNjdhY2VkMWM1MzBkMGExNmMwNDExMGIyOTcwNDZl
MjNhY2M1MTcxNGZhMTNmMzAzYTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPgp8smUCGHMrFwcow97J+1iXh4ziwmHd+Rl7UPSqSu719GIGDcS1PK3dgX
sdAcddclm+YLa4haDNWiR8fKqoRmRui/u82De3+4yekZG93o2achE2ebH+POx2A9
XNdAIc0RWBjo9/Ijv7i3auAYzvCzkibBWXFR4/SrtOAnLO1rqo2Sch0aiWKYFUDx
caxlGtwJ+MHp5JtfxMpglzptIzyDkXlyYlqMVdU1ITR5WsfIUSKg/Aa8BSGFj4q+
Rr4moGqY/NYuRFd/RTyLsv8uTWS0Trms85sNyUMxFWqd6l4n3EcTW7/gHo0AfCi3
8D4FVPbYRDwr5OPfb3b5mJU0Td8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSlONOc
HNvUCiNRt5xT+N+3GM/BVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRmYjlhMDAtZGFhYS00NTYyLWFmMzAtYTE4MDEzNGZkNTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GKA
MA0GCSqGSIb3DQEBCwUAA4IBAQCavfJId+XJJt4jsD54EMoFVvlUmrc/FhpjEL8P
qM3lZjQ7rc5eNVl/8x6gZksg4ShNaKGAaZGEnPUqjrXD+n6Aaos98U5pOAMGr+iA
Vk0S1+LxYG/vHgl+8AtFCGGl0Vz0hOwOfA+wwQlOBlL8V77ngMu+Frj9HPcnKJ//
RhbWxBPxeeKNabpQBmU2exzOoP8su8wRw9bz7u0XPwbKwiHBkzZwRRjRsgZ+H43H
21lcC27xqp1chvzS//efZOd/68PUzUx6QryWcv3VqBb5lQj9XT4DQNHT686Pyszh
OZ9xSGvC4qu/mCaJr2Crm8yOuzG+fVONw4op/DQnYf0YI1Jq
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:16:53 2026 by rpki-client