Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01122183-0f7a-46da-bb81-689dbffa220d.roa
File: 01122183-0f7a-46da-bb81-689dbffa220d.roa (raw, json)
Hash identifier: 3obXin7L2puQOp5Q1psDgOFgNhugtckEfo9BFYVR9Y8=
Subject key identifier: 2F:D4:96:A1:C9:DC:63:4D:3B:DD:44:05:D1:A3:FB:73:E4:48:D2:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39D3419A6DF9EE766FC71112CC8790F34F4EFF9A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01122183-0f7a-46da-bb81-689dbffa220d.roa
Signing time: Thu 12 Mar 2026 15:38:33 +0000
ROA not before: Thu 12 Mar 2026 15:38:33 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:d3:41:9a:6d:f9:ee:76:6f:c7:11:12:cc:87:90:f3:4f:4e:ff:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:38:33 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=bf14eb05d7d4760f6d039dc709c45db49c1087f34a49af15b0e5aaab4c4a1c76, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:42:a7:ec:35:cf:a1:bd:4c:34:f3:a8:d2:72:
21:cb:5a:4e:75:8b:52:73:99:c4:84:23:f2:7c:71:
78:79:32:81:3a:74:53:21:c8:01:f7:0f:7b:2f:dc:
17:c8:fc:e0:f8:b3:3e:69:2e:08:95:81:5c:e2:4b:
4e:d1:91:77:17:16:d1:bf:b5:94:40:b1:66:12:5e:
a6:32:e7:ac:61:41:c2:bf:a0:ee:3e:da:bc:e2:af:
54:fd:8b:92:92:d4:88:a6:eb:9a:96:a3:6a:39:e6:
57:5b:32:22:11:e8:be:1e:30:34:94:2c:df:7c:c4:
49:fc:5c:43:32:12:21:51:15:42:77:d4:02:d6:21:
1f:73:0a:a4:d1:e4:b2:1f:12:df:ee:a3:44:90:27:
81:5d:58:a8:ce:b9:f7:a0:34:93:20:b7:ab:6a:49:
23:ff:41:db:aa:cc:25:bf:e1:cc:1f:f2:99:4b:23:
58:b3:e2:c4:75:24:c5:84:4f:d3:99:fe:77:2f:70:
3b:41:1e:b5:c0:b1:f2:e3:25:51:3e:83:14:a5:e0:
39:18:17:ed:a8:29:a0:ab:6a:df:f3:34:8e:46:b2:
19:c5:bb:23:9c:48:cb:58:2a:82:ff:be:2b:35:a4:
7a:ee:0e:cc:d0:81:87:a3:8b:0b:0c:fd:70:a3:8b:
47:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D4:96:A1:C9:DC:63:4D:3B:DD:44:05:D1:A3:FB:73:E4:48:D2:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01122183-0f7a-46da-bb81-689dbffa220d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
6f:60:ae:fe:6c:9c:91:ce:5a:95:87:e0:e6:c4:45:a9:8d:d4:
2e:df:56:60:e0:ff:1e:d9:fa:3e:6b:43:4f:76:a0:59:18:3f:
ad:75:b8:3d:1a:99:53:2f:13:c0:7e:94:e3:0d:37:7c:79:d0:
54:6f:c5:b7:10:6a:b0:41:b0:7f:d9:fa:59:38:a5:87:10:4d:
90:d7:a8:74:59:0c:d8:8f:37:f8:a6:34:61:2c:5b:db:dc:76:
fd:55:fc:d3:0a:a6:91:58:54:9f:57:7e:4a:5d:1f:11:33:f2:
82:bd:aa:5e:8f:bc:8c:ee:f0:5e:8e:bb:22:61:73:03:9a:90:
ea:b1:fb:b7:d7:80:71:21:62:81:6f:16:79:4c:b8:aa:96:de:
a8:8e:50:8f:a1:c9:7c:a0:8a:aa:01:79:6b:ff:ed:2c:5c:46:
9d:ed:eb:e8:1e:ba:3b:82:43:1a:50:46:a7:07:4d:28:6f:3f:
33:eb:b4:e3:1d:13:ca:46:ba:32:a0:87:3c:ae:bd:1e:37:75:
d7:fc:30:4a:22:cb:ee:71:e8:e9:32:3a:6c:62:89:62:a3:5b:
91:41:55:91:b3:a6:01:06:df:29:2d:6b:81:c1:f1:7f:ec:74:
0a:73:2b:ba:c6:03:b6:2a:bc:91:47:d3:43:58:dd:94:8b:3f:
69:6d:89:be
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOdNBmm357nZvxxESzIeQ809O/5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM4MzNaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmMTRlYjA1ZDdkNDc2MGY2ZDAzOWRjNzA5YzQ1ZGI0OWMxMDg3ZjM0YTQ5
YWYxNWIwZTVhYWFiNGM0YTFjNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJVCp+w1z6G9TDTzqNJyIctaTnWLUnOZxIQj8nxxeHkygTp0UyHIAfcPey/c
F8j84PizPmkuCJWBXOJLTtGRdxcW0b+1lECxZhJepjLnrGFBwr+g7j7avOKvVP2L
kpLUiKbrmpajajnmV1syIhHovh4wNJQs33zESfxcQzISIVEVQnfUAtYhH3MKpNHk
sh8S3+6jRJAngV1YqM6596A0kyC3q2pJI/9B26rMJb/hzB/ymUsjWLPixHUkxYRP
05n+dy9wO0EetcCx8uMlUT6DFKXgORgX7agpoKtq3/M0jkayGcW7I5xIy1gqgv++
KzWkeu4OzNCBh6OLCwz9cKOLRyUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQv1Jah
ydxjTTvdRAXRo/tz5EjSXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDExMjIxODMtMGY3YS00NmRhLWJiODEtNjg5ZGJmZmEyMjBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H1g
wDANBgkqhkiG9w0BAQsFAAOCAQEAb2Cu/myckc5alYfg5sRFqY3ULt9WYOD/Htn6
PmtDT3agWRg/rXW4PRqZUy8TwH6U4w03fHnQVG/FtxBqsEGwf9n6WTilhxBNkNeo
dFkM2I83+KY0YSxb29x2/VX80wqmkVhUn1d+Sl0fETPygr2qXo+8jO7wXo67ImFz
A5qQ6rH7t9eAcSFigW8WeUy4qpbeqI5Qj6HJfKCKqgF5a//tLFxGne3r6B66O4JD
GlBGpwdNKG8/M+u04x0Tyka6MqCHPK69Hjd11/wwSiLL7nHo6TI6bGKJYqNbkUFV
kbOmAQbfKS1rgcHxf+x0CnMrusYDtiq8kUfTQ1jdlIs/aW2Jvg==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:18 2026 by rpki-client