Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/136beaae-aae3-4073-94ad-3aac8b2374fc.roa
File: 136beaae-aae3-4073-94ad-3aac8b2374fc.roa (raw, json)
Hash identifier: PZAB8ejmnd1tJS1+GxcgjUGWT800IB1Wc9i2HVg39jo=
Subject key identifier: 54:2C:0C:81:26:CE:7C:41:DE:4C:5D:40:51:CF:14:FB:EE:19:EE:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 477FE5583E38D287177144D731737BCC75462EC0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/136beaae-aae3-4073-94ad-3aac8b2374fc.roa
Signing time: Thu 12 Mar 2026 15:41:34 +0000
ROA not before: Thu 12 Mar 2026 15:41:34 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:7f:e5:58:3e:38:d2:87:17:71:44:d7:31:73:7b:cc:75:46:2e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:41:34 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=0054ac9c75b1c3059c4cf84dd9bb75a3c3a0ff5dd64f38b5746803894e2950e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ed:fc:e6:0e:95:50:09:f4:34:a3:76:17:0d:
07:cd:3c:3b:62:23:f0:41:0f:20:6e:f4:b6:65:1d:
73:83:bf:ea:f6:51:e7:72:9f:39:ed:7a:8b:8f:77:
20:5d:0a:40:01:78:f6:6c:98:b9:78:30:b8:bf:1b:
cb:9b:57:e0:b4:c8:1b:70:63:c0:bc:1b:80:c4:3b:
10:5e:5b:e4:6f:25:e0:a3:6d:d9:bb:48:fc:18:36:
d6:f8:d4:15:05:dc:5b:43:67:6f:1e:ab:36:de:87:
84:e6:a8:f1:ed:86:c3:b2:1e:5c:03:0d:68:88:a8:
b9:ab:8e:d2:8c:f6:c9:30:6a:6a:a9:eb:d1:95:0c:
4a:1f:52:58:8d:d7:d5:ba:56:55:c8:30:ea:f6:c4:
bd:cf:b5:d5:fc:b6:38:ec:02:71:d0:d7:64:94:f8:
f2:da:b6:5c:3a:d3:81:66:60:20:99:79:d4:89:69:
a8:bf:f2:92:26:c5:13:09:6e:9b:91:e7:d6:18:df:
b5:3b:e2:b6:f3:4c:b7:86:e6:eb:83:ef:f4:64:b8:
ed:31:7e:95:25:de:3e:06:a7:51:17:5b:d4:66:ca:
10:ee:78:78:4e:af:1d:53:7d:59:6a:21:6b:12:61:
07:2c:34:f1:22:db:6f:1e:5a:65:71:39:31:ed:2d:
c6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2C:0C:81:26:CE:7C:41:DE:4C:5D:40:51:CF:14:FB:EE:19:EE:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/136beaae-aae3-4073-94ad-3aac8b2374fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:e000::/40
Signature Algorithm: sha256WithRSAEncryption
3f:82:3d:0e:18:77:6e:05:78:9a:52:13:9b:9a:4b:c9:07:50:
75:27:0f:8d:1e:ce:0f:af:a1:f9:ca:b3:94:31:2f:39:c1:70:
06:b9:c9:90:ee:4c:bb:c2:cd:3c:bf:69:f8:96:ea:77:3b:80:
e6:52:de:a5:3f:90:9d:03:82:0e:eb:61:85:24:5d:8c:6a:73:
d5:77:2b:47:17:c7:ab:e2:ec:a3:c1:76:0c:56:cf:cc:b9:95:
b4:2a:49:e9:2f:f1:57:7c:0b:80:c2:7a:96:70:67:a0:fc:51:
e2:79:48:88:41:46:bc:97:45:bc:dc:e2:3f:f3:83:ce:0f:69:
26:ed:47:f7:0b:d1:0d:c8:b5:86:88:a3:27:fe:6d:87:f2:67:
da:65:b8:ed:55:90:05:2f:e9:65:52:f4:8e:38:61:e6:60:18:
3a:fe:7b:fc:b9:48:7e:19:d0:7d:fc:aa:56:92:63:a2:60:c8:
6a:83:43:16:ad:b7:29:00:cc:63:28:e8:00:a3:3c:70:13:01:
09:88:08:4a:43:c8:5f:1b:6e:e2:da:67:c2:87:72:a2:cb:e6:
72:01:bc:a6:0e:be:ae:7a:f6:b3:19:00:d8:24:a1:66:94:06:
52:27:4e:c3:5f:7b:a1:74:c0:a7:47:68:d4:a9:b5:98:6c:15:
a2:9a:72:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR3/lWD440ocXcUTXMXN7zHVGLsAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQxMzRaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwNTRhYzljNzViMWMzMDU5YzRjZjg0ZGQ5YmI3NWEzYzNhMGZmNWRkNjRm
MzhiNTc0NjgwMzg5NGUyOTUwZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3t/OYOlVAJ9DSjdhcNB808O2Ij8EEPIG70tmUdc4O/6vZR53KfOe16i493
IF0KQAF49myYuXgwuL8by5tX4LTIG3BjwLwbgMQ7EF5b5G8l4KNt2btI/Bg21vjU
FQXcW0Nnbx6rNt6HhOao8e2Gw7IeXAMNaIiouauO0oz2yTBqaqnr0ZUMSh9SWI3X
1bpWVcgw6vbEvc+11fy2OOwCcdDXZJT48tq2XDrTgWZgIJl51IlpqL/ykibFEwlu
m5Hn1hjftTvitvNMt4bm64Pv9GS47TF+lSXePganURdb1GbKEO54eE6vHVN9WWoh
axJhByw08SLbbx5aZXE5Me0txgsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRULAyB
Js58Qd5MXUBRzxT77hnuLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTM2YmVhYWUtYWFlMy00MDczLTk0YWQtM2FhYzhiMjM3NGZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H3g
MA0GCSqGSIb3DQEBCwUAA4IBAQA/gj0OGHduBXiaUhObmkvJB1B1Jw+NHs4Pr6H5
yrOUMS85wXAGucmQ7ky7ws08v2n4lup3O4DmUt6lP5CdA4IO62GFJF2ManPVdytH
F8er4uyjwXYMVs/MuZW0KknpL/FXfAuAwnqWcGeg/FHieUiIQUa8l0W83OI/84PO
D2km7Uf3C9ENyLWGiKMn/m2H8mfaZbjtVZAFL+llUvSOOGHmYBg6/nv8uUh+GdB9
/KpWkmOiYMhqg0MWrbcpAMxjKOgAozxwEwEJiAhKQ8hfG27i2mfCh3Kiy+ZyAbym
Dr6uevazGQDYJKFmlAZSJ07DX3uhdMCnR2jUqbWYbBWimnJl
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:14:59 2026 by rpki-client