Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
File: eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa (raw, json)
Hash identifier: /jaX9yRWBIToyPnGAJhqYjQiJ41xum4+vkO1/nglwTQ=
Subject key identifier: 02:39:EE:7B:B0:D4:EC:D7:EF:19:CD:CE:69:C0:83:5A:E5:30:FE:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DB21D068C05E25C6DE9EE217678407276B362C2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
Signing time: Tue 19 May 2026 05:20:21 +0000
ROA not before: Tue 19 May 2026 05:20:21 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:b2:1d:06:8c:05:e2:5c:6d:e9:ee:21:76:78:40:72:76:b3:62:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:21 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=7cfd63f695ea3e3be730ce425722068cefbbc1140e08511032dcca53f3cffe50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:67:57:f8:b9:f6:28:b1:19:39:2b:ba:b8:60:
db:bf:fd:1b:4f:b3:b3:d8:07:9a:6f:bf:42:d1:f0:
6b:bf:c6:c0:aa:10:fd:86:a5:c6:40:b3:9d:cb:37:
40:71:e2:44:25:9f:3c:ad:63:4c:8d:a6:24:0b:6c:
76:fe:f5:53:31:b8:47:9d:dc:64:27:2d:0d:b7:17:
06:dd:6a:bd:c9:8b:85:d1:2f:0e:af:5c:e9:51:dd:
82:ad:ed:2c:ac:de:e3:25:af:9c:60:f6:60:50:42:
a6:b4:ab:56:34:9c:62:5b:2c:53:be:64:36:c3:8e:
45:9f:4a:5e:e2:64:13:8c:c4:f3:db:06:3c:f3:93:
9d:83:18:27:d7:94:be:21:f7:c0:e5:c6:08:ac:e1:
a1:30:92:3c:ca:9d:2f:ff:59:64:ce:44:55:14:e0:
37:10:36:0c:42:11:76:29:be:bd:ee:32:4f:8f:12:
5e:aa:c5:3f:8b:07:f9:35:62:48:5b:ba:ce:f3:38:
a1:47:6c:09:cf:b1:5a:87:52:fe:76:c0:bf:57:8b:
52:96:00:75:33:f4:d3:a5:36:3e:76:33:d8:75:45:
cd:2f:ca:c6:51:ec:53:a1:19:6a:59:06:09:45:35:
09:12:31:98:40:e8:7b:d9:3d:f8:e2:9a:db:b2:cc:
00:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:39:EE:7B:B0:D4:EC:D7:EF:19:CD:CE:69:C0:83:5A:E5:30:FE:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4040::/48
Signature Algorithm: sha256WithRSAEncryption
b0:ad:bb:36:5b:d9:4c:17:b9:f9:4f:a2:88:3b:6e:bb:91:b9:
83:d8:1f:41:fd:6a:fb:ea:c2:ff:18:83:a0:7a:bc:ad:15:dd:
35:36:88:df:d1:25:63:40:be:6f:68:62:77:fc:49:9e:35:1d:
ce:58:f7:3e:1c:90:55:e8:50:5d:f7:fc:b5:7c:81:c7:ce:30:
9c:e7:09:bd:ec:e5:e3:96:5d:a9:78:37:29:c7:43:08:05:84:
76:e3:64:38:8d:c1:d5:e6:3c:9c:59:cf:00:aa:39:61:26:87:
14:46:20:b3:68:32:02:0d:b8:9f:36:bc:f5:62:74:b8:32:4c:
f7:45:86:25:1a:66:ed:88:6d:f1:98:45:f1:11:5e:d3:93:ef:
aa:3c:5f:8a:62:c1:25:61:07:cb:e4:e3:6f:69:39:14:bf:8c:
9e:85:54:fe:5c:1d:89:10:1e:d2:39:1e:e5:86:6a:54:67:b4:
a2:66:91:0f:f0:a6:44:94:fd:85:51:10:33:b3:75:77:e1:50:
0c:86:a1:a2:ba:8e:c7:d6:39:bb:46:c4:41:b1:67:fd:87:ef:
cc:cb:0e:97:22:ed:05:7d:94:16:37:cf:d3:7a:a2:71:e6:81:
4c:d8:17:a1:35:45:18:a1:89:d8:1d:f2:6e:75:1e:c1:a3:fc:
58:4a:5f:8c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULbIdBowF4lxt6e4hdnhAcnazYsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMjFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjZmQ2M2Y2OTVlYTNlM2JlNzMwY2U0MjU3MjIwNjhjZWZiYmMxMTQwZTA4
NTExMDMyZGNjYTUzZjNjZmZlNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJnV/i59iixGTkrurhg27/9G0+zs9gHmm+/QtHwa7/GwKoQ/YalxkCzncs3
QHHiRCWfPK1jTI2mJAtsdv71UzG4R53cZCctDbcXBt1qvcmLhdEvDq9c6VHdgq3t
LKze4yWvnGD2YFBCprSrVjScYlssU75kNsOORZ9KXuJkE4zE89sGPPOTnYMYJ9eU
viH3wOXGCKzhoTCSPMqdL/9ZZM5EVRTgNxA2DEIRdim+ve4yT48SXqrFP4sH+TVi
SFu6zvM4oUdsCc+xWodS/nbAv1eLUpYAdTP006U2PnYz2HVFzS/KxlHsU6EZalkG
CUU1CRIxmEDoe9k9+OKa27LMADsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQCOe57
sNTs1+8Zzc5pwINa5TD+3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWVkZGRiYmQtMmJiZC00ZTY0LTliMzctZGRkZDMzOTJjZThmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
QDANBgkqhkiG9w0BAQsFAAOCAQEAsK27NlvZTBe5+U+iiDtuu5G5g9gfQf1q++rC
/xiDoHq8rRXdNTaI39ElY0C+b2hid/xJnjUdzlj3PhyQVehQXff8tXyBx84wnOcJ
vezl45ZdqXg3KcdDCAWEduNkOI3B1eY8nFnPAKo5YSaHFEYgs2gyAg24nza89WJ0
uDJM90WGJRpm7Yht8ZhF8RFe05PvqjxfimLBJWEHy+Tjb2k5FL+MnoVU/lwdiRAe
0jke5YZqVGe0omaRD/CmRJT9hVEQM7N1d+FQDIahorqOx9Y5u0bEQbFn/YfvzMsO
lyLtBX2UFjfP03qiceaBTNgXoTVFGKGJ2B3ybnUewaP8WEpfjA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:10 2026 by rpki-client