Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
File: 0ca11d15-d37b-4319-9b90-152e667f85ef.roa (raw, json)
Hash identifier: IZA7j0rpJrdKoVo63XpqagELCtIKfueQuNE93GYjAq4=
Subject key identifier: 38:7D:88:E7:67:D1:05:CF:7E:33:B3:69:C9:B9:C0:51:59:9C:BF:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79081CC3868686BEB812B581661512B96F094679
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
Signing time: Mon 27 Apr 2026 00:30:14 +0000
ROA not before: Mon 27 Apr 2026 00:30:14 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:08:1c:c3:86:86:86:be:b8:12:b5:81:66:15:12:b9:6f:09:46:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:30:14 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=e6fbf073437e080491b37e5a0fe0b3a9b49f76a6b87695221eb00a6cbc1bae84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f2:2a:8b:58:e4:f8:9b:72:45:b9:d7:2d:4e:
72:f1:cd:8e:ef:eb:b5:47:58:ac:72:9f:77:5a:82:
bb:71:bd:06:5e:ea:7c:b9:e6:bf:a5:d6:c0:44:57:
fb:46:18:6d:60:96:4b:c4:b8:a3:92:bf:8f:f2:40:
bf:05:8a:61:b9:f0:50:ee:17:f6:51:0a:64:12:10:
53:33:08:35:8a:bc:2d:8b:69:07:a5:8f:cb:da:43:
36:cd:e2:ea:9f:25:86:cf:a4:c0:fe:61:47:3d:69:
87:51:f1:1a:2e:a7:05:43:e0:a5:77:53:df:ad:a0:
7a:69:58:cf:a3:0c:00:d7:62:41:26:7f:3f:22:01:
52:e2:d6:78:67:70:85:ed:94:71:13:66:56:0e:21:
96:67:65:14:48:5e:56:b8:19:1f:3a:52:7a:c6:52:
21:c5:f6:e8:f6:4a:3b:5d:26:29:e4:e0:aa:f1:72:
82:3f:d9:af:59:1e:24:1c:74:1c:d9:bc:1f:c1:c1:
18:6a:1b:a3:c2:ec:d2:de:84:67:62:55:33:f7:a8:
51:d2:be:f0:1d:a3:68:19:b4:9b:bf:b4:a2:e2:ad:
c9:e4:44:3b:57:e7:02:10:e9:b6:e8:14:d8:99:bd:
29:8b:f7:d6:8c:30:21:93:ab:4b:bf:08:2d:27:a1:
cb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7D:88:E7:67:D1:05:CF:7E:33:B3:69:C9:B9:C0:51:59:9C:BF:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:a5:aa:be:b9:48:73:62:ca:82:f2:68:e6:30:3b:f3:9a:24:
7e:46:ab:d5:92:0f:cb:af:1a:fc:ad:2e:74:66:a2:6f:44:45:
bc:05:e5:5b:12:04:35:b4:97:db:92:28:12:0c:f3:01:fc:0c:
a0:98:4c:18:2c:a6:11:83:97:7f:e7:45:1f:85:db:cb:c6:c4:
35:39:d0:c0:f3:96:c8:c6:b4:91:be:4e:39:3a:42:f9:17:d1:
3e:cf:80:4c:8c:92:a4:11:48:ee:ef:01:30:f5:e6:9f:db:35:
76:e9:c8:b6:c4:f3:2d:95:22:1b:d1:7b:c1:8d:57:a6:c7:95:
46:bf:e0:ca:51:b9:b9:5f:db:63:16:9f:dc:28:37:3f:dc:99:
68:23:6d:80:f7:d0:6c:69:65:6e:13:b1:ce:d3:c6:06:47:09:
bd:e2:c8:20:2a:0d:62:f2:6e:de:c1:ea:62:5e:d1:8f:af:d1:
3c:c3:93:06:56:30:41:0e:28:89:1e:97:1f:9c:18:4e:03:25:
a0:5d:21:c7:14:8c:b2:fd:7b:f9:b2:59:36:62:53:a5:50:43:
a5:74:a5:a6:32:2f:72:d9:d9:a8:75:33:f8:06:40:bf:19:e2:
af:4e:ed:2d:9e:0e:4e:83:cf:28:bf:97:06:95:03:ad:e8:69:
da:3c:8e:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeQgcw4aGhr64ErWBZhUSuW8JRnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDMwMTRaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2ZmJmMDczNDM3ZTA4MDQ5MWIzN2U1YTBmZTBiM2E5YjQ5Zjc2YTZiODc2
OTUyMjFlYjAwYTZjYmMxYmFlODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnyKotY5PibckW51y1OcvHNju/rtUdYrHKfd1qCu3G9Bl7qfLnmv6XWwERX
+0YYbWCWS8S4o5K/j/JAvwWKYbnwUO4X9lEKZBIQUzMINYq8LYtpB6WPy9pDNs3i
6p8lhs+kwP5hRz1ph1HxGi6nBUPgpXdT362gemlYz6MMANdiQSZ/PyIBUuLWeGdw
he2UcRNmVg4hlmdlFEheVrgZHzpSesZSIcX26PZKO10mKeTgqvFygj/Zr1keJBx0
HNm8H8HBGGobo8Ls0t6EZ2JVM/eoUdK+8B2jaBm0m7+0ouKtyeREO1fnAhDptugU
2Jm9KYv31owwIZOrS78ILSehy7ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4fYjn
Z9EFz34zs2nJucBRWZy/iDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhMTFkMTUtZDM3Yi00MzE5LTliOTAtMTUyZTY2N2Y4NWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1g
MA0GCSqGSIb3DQEBCwUAA4IBAQA8paq+uUhzYsqC8mjmMDvzmiR+RqvVkg/Lrxr8
rS50ZqJvREW8BeVbEgQ1tJfbkigSDPMB/AygmEwYLKYRg5d/50UfhdvLxsQ1OdDA
85bIxrSRvk45OkL5F9E+z4BMjJKkEUju7wEw9eaf2zV26ci2xPMtlSIb0XvBjVem
x5VGv+DKUbm5X9tjFp/cKDc/3JloI22A99BsaWVuE7HO08YGRwm94sggKg1i8m7e
wepiXtGPr9E8w5MGVjBBDiiJHpcfnBhOAyWgXSHHFIyy/Xv5slk2YlOlUEOldKWm
Mi9y2dmodTP4BkC/GeKvTu0tng5Og88ov5cGlQOt6GnaPI5o
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:33:46 2026 by rpki-client