Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdfda4b5-843e-4797-9739-e616ff3d5825.roa
File: bdfda4b5-843e-4797-9739-e616ff3d5825.roa (raw, json)
Hash identifier: RC0mrlRUwQhzuF3d5gl/iGhSznWANZuDtE3HAR2W7Ic=
Subject key identifier: 79:D5:A4:F1:68:BD:97:07:63:C9:63:24:0B:27:26:DA:DA:E8:24:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BA604390D86B789E569F65E73C79C7015AABC4A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdfda4b5-843e-4797-9739-e616ff3d5825.roa
Signing time: Mon 11 May 2026 01:50:39 +0000
ROA not before: Mon 11 May 2026 01:50:39 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:a6:04:39:0d:86:b7:89:e5:69:f6:5e:73:c7:9c:70:15:aa:bc:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:39 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=2ecea250ace201788bef18b137b93d52181956bf1bba7a88730731defa0cf1b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:37:f0:2c:2a:75:0c:1e:e0:21:23:67:82:41:
37:cf:d7:23:b3:08:34:42:9b:b4:2c:44:fa:d0:4f:
dc:ac:12:fb:b4:6f:eb:cb:1c:d2:90:85:a5:bb:cd:
bb:00:9f:19:f2:48:f2:c5:3e:07:12:48:5a:cb:6e:
11:60:db:ea:80:14:c8:1c:bd:c3:6d:a6:21:a6:55:
c7:7c:2f:cc:64:53:af:d4:16:70:cc:21:5b:72:e8:
c5:20:63:d4:d6:35:6a:a2:79:69:ad:e5:1f:f2:a6:
ad:43:7a:11:1d:2c:4d:dc:63:3b:47:3f:47:26:99:
ff:34:cb:e3:10:3a:56:47:33:62:01:df:fe:c8:17:
c6:2e:02:03:7d:51:39:fe:8f:95:5e:ab:03:18:01:
14:46:06:3f:b2:fb:a3:e2:dd:9f:a4:7d:77:74:dc:
58:a5:9d:53:8b:59:f9:83:6c:b2:8e:6e:18:ca:36:
58:dc:a9:4a:60:bf:b4:c9:17:cf:e2:d4:76:d5:1d:
a8:3e:55:7f:a0:a0:fc:5c:69:17:78:21:cf:36:0a:
31:76:28:ac:74:d4:dd:d8:e6:5b:1f:8d:d6:73:32:
97:90:e2:60:2d:12:f8:54:81:f2:56:fa:d4:64:4a:
3e:39:60:16:c1:c1:54:d1:f8:6d:2c:86:f7:0f:2a:
06:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:D5:A4:F1:68:BD:97:07:63:C9:63:24:0B:27:26:DA:DA:E8:24:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdfda4b5-843e-4797-9739-e616ff3d5825.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
46:be:d6:d7:f2:df:91:93:a6:11:05:fa:ea:d0:f3:7f:c3:0d:
cf:5e:88:b6:ae:bb:b5:b9:9a:20:98:82:63:98:bf:c1:1a:a3:
a3:51:c0:a6:46:51:eb:ae:9b:92:22:ab:3b:3e:5e:23:e6:57:
1f:ea:d1:80:e9:59:5c:4f:e9:50:99:5a:c6:fc:2d:a9:45:86:
c1:81:50:8d:ae:8f:a7:28:11:db:32:95:74:09:4f:98:84:35:
13:3d:96:b3:ed:ad:aa:2a:8d:f1:de:e5:69:9b:74:de:80:a1:
2a:31:f9:8d:67:d3:78:aa:88:cb:58:b8:e9:1a:ef:43:9b:6f:
86:96:54:13:d3:45:81:b5:0c:42:6c:61:1b:ee:28:f4:49:0b:
4d:a4:af:b9:6d:97:84:a1:a9:75:c0:83:11:3b:3f:2f:fe:66:
ee:30:eb:98:24:1e:bf:d8:20:13:2f:37:31:95:bf:4f:4b:5c:
e6:4b:bc:13:c4:1f:85:f2:b4:c3:a9:93:9e:5c:58:7b:6f:c2:
c9:5b:c6:4b:62:e9:ea:a3:21:e6:75:95:ea:7d:c5:e8:a9:03:
47:be:8e:f0:ab:21:7a:32:31:fe:25:bb:96:19:af:c1:5e:aa:
a0:7e:e8:12:a5:c0:99:02:0c:41:a8:24:7e:2f:e0:d8:ba:98:
57:67:2f:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa6YEOQ2Gt4nlafZec8eccBWqvEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMzlaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlY2VhMjUwYWNlMjAxNzg4YmVmMThiMTM3YjkzZDUyMTgxOTU2YmYxYmJh
N2E4ODczMDczMWRlZmEwY2YxYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJg38CwqdQwe4CEjZ4JBN8/XI7MINEKbtCxE+tBP3KwS+7Rv68sc0pCFpbvN
uwCfGfJI8sU+BxJIWstuEWDb6oAUyBy9w22mIaZVx3wvzGRTr9QWcMwhW3LoxSBj
1NY1aqJ5aa3lH/KmrUN6ER0sTdxjO0c/RyaZ/zTL4xA6VkczYgHf/sgXxi4CA31R
Of6PlV6rAxgBFEYGP7L7o+Ldn6R9d3TcWKWdU4tZ+YNsso5uGMo2WNypSmC/tMkX
z+LUdtUdqD5Vf6Cg/FxpF3ghzzYKMXYorHTU3djmWx+N1nMyl5DiYC0S+FSB8lb6
1GRKPjlgFsHBVNH4bSyG9w8qBnUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR51aTx
aL2XB2PJYyQLJyba2ugkmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRmZGE0YjUtODQzZS00Nzk3LTk3MzktZTYxNmZmM2Q1ODI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBGvtbX8t+Rk6YRBfrq0PN/ww3PXoi2rru1uZog
mIJjmL/BGqOjUcCmRlHrrpuSIqs7Pl4j5lcf6tGA6VlcT+lQmVrG/C2pRYbBgVCN
ro+nKBHbMpV0CU+YhDUTPZaz7a2qKo3x3uVpm3TegKEqMfmNZ9N4qojLWLjpGu9D
m2+GllQT00WBtQxCbGEb7ij0SQtNpK+5bZeEoal1wIMROz8v/mbuMOuYJB6/2CAT
Lzcxlb9PS1zmS7wTxB+F8rTDqZOeXFh7b8LJW8ZLYunqoyHmdZXqfcXoqQNHvo7w
qyF6MjH+JbuWGa/BXqqgfugSpcCZAgxBqCR+L+DYuphXZy8+
-----END CERTIFICATE-----
Generated at Tue May 12 23:36:05 2026 by rpki-client