Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/066563bf-c5a6-4655-8a52-d38439ed7ebd.roa
File: 066563bf-c5a6-4655-8a52-d38439ed7ebd.roa (raw, json)
Hash identifier: DoAMEMPK6qL7mNE4+z4bNjGbU8M2aewB0lbwaDo5DJc=
Subject key identifier: 21:68:62:60:21:2D:19:C3:D6:DC:FD:C1:11:1F:67:60:71:5A:CB:53
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48D46205A829CCFCD055EC95AC50932BCFAF1C7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/066563bf-c5a6-4655-8a52-d38439ed7ebd.roa
Signing time: Thu 12 Mar 2026 15:39:56 +0000
ROA not before: Thu 12 Mar 2026 15:39:56 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:d4:62:05:a8:29:cc:fc:d0:55:ec:95:ac:50:93:2b:cf:af:1c:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:39:56 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=422dc585961326ebd86f7f1f2cd33fa35f75ff10913a4281a14c8986b4870a2d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d8:91:4b:10:45:ac:00:bc:f9:a8:76:e9:d7:
bf:75:b5:18:81:a3:0b:cd:a4:56:85:56:95:f5:ca:
ea:3b:ea:10:f5:6d:68:89:ca:0b:e5:7b:bf:dd:21:
93:a8:84:51:2a:44:a1:29:a3:a9:6f:20:cb:8f:8a:
68:88:51:b6:ac:0a:7b:35:7f:5c:0d:b9:80:d2:4e:
7d:21:82:37:f6:b6:14:55:9f:ff:4f:e0:31:ba:46:
e5:e2:37:ff:6b:bf:0e:21:b1:37:3e:13:21:26:a6:
72:20:2d:b1:87:29:a1:54:90:a1:9b:f5:0c:fa:53:
7d:9e:44:89:65:53:58:27:00:16:66:27:ab:dc:6e:
28:45:8f:08:e5:7b:83:5c:ea:bb:27:3d:19:de:26:
ae:62:bb:c8:f3:2a:94:f6:31:54:94:89:61:a6:e0:
24:5a:55:ff:85:2c:a9:cb:42:bc:e7:56:7f:2a:ce:
e8:e7:c2:8e:72:ca:59:1c:f0:e6:c5:d3:e1:35:43:
46:78:30:44:1f:36:98:b8:c5:6b:4a:a9:12:c8:cc:
a2:59:a8:54:76:7d:bf:0a:13:64:9f:ff:b9:35:d0:
ea:71:6b:31:d4:0b:fd:cb:f3:4b:59:12:ff:7a:bf:
9e:34:a3:27:5e:3b:16:6d:e0:1b:6f:d8:a0:a5:4f:
dd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:68:62:60:21:2D:19:C3:D6:DC:FD:C1:11:1F:67:60:71:5A:CB:53
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/066563bf-c5a6-4655-8a52-d38439ed7ebd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
82:e5:73:f4:68:95:38:57:37:69:b3:10:af:9b:d5:69:f8:13:
e4:8a:98:5b:dc:6a:62:36:8d:7c:af:e5:89:ce:e3:f4:0e:53:
a8:db:a7:a1:7f:1e:e1:60:96:d1:3b:b4:5d:41:0c:db:bb:fb:
99:3c:82:c1:df:a1:09:a3:0c:b8:52:e6:b1:0d:38:5d:80:cd:
93:cb:d0:63:34:ce:33:79:4e:92:9f:51:75:a5:84:62:21:3f:
4d:f8:72:75:01:8a:26:20:89:b1:a7:03:3f:ed:83:aa:49:36:
c9:c9:b1:eb:75:c7:a8:bb:75:b0:a3:5e:af:b0:cf:66:31:83:
85:3c:51:02:56:8b:b9:05:df:bf:39:5e:5e:e4:5f:3a:8d:e1:
22:e4:a8:8e:94:c0:f4:9e:2b:b7:0d:ea:a3:72:98:96:6e:53:
53:11:d6:9c:37:56:ec:29:81:0a:8c:54:13:fc:c7:09:4a:d5:
52:e6:e6:db:ee:ac:ae:2a:5b:d4:d1:49:9e:37:55:46:37:40:
5b:fd:28:b1:1b:0c:f6:d1:af:bb:bb:dd:a6:57:6d:49:9e:ef:
7d:a5:5a:cf:53:9b:0b:2e:13:ca:25:d6:b3:ff:f8:55:90:6a:
8f:9f:16:cf:a9:bc:8f:5e:7a:41:fa:e7:78:34:47:4c:70:d4:
9d:d7:00:b1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSNRiBagpzPzQVeyVrFCTK8+vHHwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM5NTZaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyMmRjNTg1OTYxMzI2ZWJkODZmN2YxZjJjZDMzZmEzNWY3NWZmMTA5MTNh
NDI4MWExNGM4OTg2YjQ4NzBhMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDYkUsQRawAvPmodunXv3W1GIGjC82kVoVWlfXK6jvqEPVtaInKC+V7v90h
k6iEUSpEoSmjqW8gy4+KaIhRtqwKezV/XA25gNJOfSGCN/a2FFWf/0/gMbpG5eI3
/2u/DiGxNz4TISamciAtsYcpoVSQoZv1DPpTfZ5EiWVTWCcAFmYnq9xuKEWPCOV7
g1zquyc9Gd4mrmK7yPMqlPYxVJSJYabgJFpV/4UsqctCvOdWfyrO6OfCjnLKWRzw
5sXT4TVDRngwRB82mLjFa0qpEsjMolmoVHZ9vwoTZJ//uTXQ6nFrMdQL/cvzS1kS
/3q/njSjJ147Fm3gG2/YoKVP3YUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQhaGJg
IS0Zw9bc/cERH2dgcVrLUzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDY2NTYzYmYtYzVhNi00NjU1LThhNTItZDM4NDM5ZWQ3ZWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H2Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAguVz9GiVOFc3abMQr5vVafgT5IqYW9xqYjaN
fK/lic7j9A5TqNunoX8e4WCW0Tu0XUEM27v7mTyCwd+hCaMMuFLmsQ04XYDNk8vQ
YzTOM3lOkp9RdaWEYiE/TfhydQGKJiCJsacDP+2Dqkk2ycmx63XHqLt1sKNer7DP
ZjGDhTxRAlaLuQXfvzleXuRfOo3hIuSojpTA9J4rtw3qo3KYlm5TUxHWnDdW7CmB
CoxUE/zHCUrVUubm2+6sripb1NFJnjdVRjdAW/0osRsM9tGvu7vdpldtSZ7vfaVa
z1ObCy4TyiXWs//4VZBqj58Wz6m8j156QfrneDRHTHDUndcAsQ==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:17 2026 by rpki-client