Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15bf53f7-6178-4ad2-be9e-7b945a1e8547.roa
File: 15bf53f7-6178-4ad2-be9e-7b945a1e8547.roa (raw, json)
Hash identifier: TAclxPEnYXUUuH2/t6LmsZL6XxtGJv+nbHckpLbWafw=
Subject key identifier: CF:94:3A:E9:AC:56:A8:B1:5F:45:6F:51:F8:8D:16:33:6E:C0:9D:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0108A4C9AA14589F341174C8C9BACB65ECF8A13F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15bf53f7-6178-4ad2-be9e-7b945a1e8547.roa
Signing time: Thu 12 Mar 2026 15:36:42 +0000
ROA not before: Thu 12 Mar 2026 15:36:42 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:08:a4:c9:aa:14:58:9f:34:11:74:c8:c9:ba:cb:65:ec:f8:a1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:36:42 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=07ceac8ab659bf83beec4b4710643b9dd59f84d4f9a3c750bbc1371301c5102d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a7:4b:e0:79:e6:8c:2b:d2:9a:2e:81:29:e0:
fb:58:a2:d6:80:7a:4f:93:9e:29:fc:f1:cf:9c:31:
3b:a0:7a:a6:f7:00:af:35:ee:f1:04:ce:ac:e2:a3:
66:b1:a4:5f:d2:bb:af:63:c1:ee:c3:8e:48:12:cb:
1d:c3:a8:f6:42:40:ad:da:70:31:72:b4:e0:06:4c:
ef:c7:d2:70:bd:64:0e:ec:05:2c:ca:71:a4:88:63:
e2:4a:72:7a:c3:e6:6f:6a:c1:4b:8a:59:16:e8:0e:
d0:dc:8b:43:cc:5b:0f:75:4b:1c:40:de:eb:b3:ce:
36:e0:ec:b7:78:97:cc:f8:aa:cd:85:36:f3:72:53:
96:ec:1b:c6:ba:ad:44:b1:2c:05:d5:50:b7:54:75:
64:39:32:60:fe:d1:0e:c5:e1:b1:3d:b7:a9:65:75:
00:92:ed:83:de:49:ce:b0:64:41:da:b7:d7:be:51:
62:9e:34:20:e3:2f:11:34:92:4d:01:ae:81:f9:e3:
30:c6:92:98:d9:ea:49:c5:74:e6:04:b4:6d:0a:f7:
95:b0:bf:8d:1e:c6:e4:a8:05:f5:ca:07:9c:d0:4e:
33:b1:ea:22:c6:a0:30:8e:8c:36:d4:0b:60:31:6c:
56:11:d7:40:50:ea:35:14:15:59:61:fb:4b:c5:06:
46:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:94:3A:E9:AC:56:A8:B1:5F:45:6F:51:F8:8D:16:33:6E:C0:9D:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15bf53f7-6178-4ad2-be9e-7b945a1e8547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:5040::/48
Signature Algorithm: sha256WithRSAEncryption
03:c2:d6:2b:7b:07:8f:e8:b6:56:a5:9c:01:fb:06:8a:40:dd:
23:46:36:0f:37:cb:a3:e4:22:43:98:79:53:21:b7:86:e0:82:
46:f7:12:c0:24:97:04:63:00:4e:64:51:bf:92:d6:a1:7e:db:
e0:62:15:ce:29:d2:be:f4:17:34:e7:d4:68:1d:ff:d7:01:6f:
8b:b6:75:01:fc:1d:d3:ef:24:35:6d:98:e8:52:84:5b:b1:67:
9d:ce:21:8a:c2:ab:55:92:7d:14:40:6c:e0:6e:c1:22:55:0e:
ad:68:ca:af:9d:9d:81:16:4d:8d:8d:ac:47:ac:79:34:fd:f9:
d0:9b:14:88:35:e1:38:60:65:53:6c:43:10:78:90:4f:27:e3:
e0:f0:90:74:c9:df:3e:e1:37:43:be:1e:6c:06:88:f6:14:3a:
35:de:13:80:a9:52:bb:6c:3e:4e:b2:89:c7:b3:de:c9:54:0e:
74:aa:c0:28:78:9d:eb:03:4a:60:f5:7c:8e:1c:21:14:2a:47:
34:19:81:82:cc:48:61:b2:95:ab:fb:2c:70:4e:6f:a0:9a:5e:
30:bc:c9:4a:32:ec:cb:03:d9:71:d6:99:fa:8f:8f:cd:77:7f:
5c:47:8d:d3:9d:27:61:f7:90:cd:a9:3a:7b:10:80:87:5b:96:
5b:7f:86:78
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAQikyaoUWJ80EXTIybrLZez4oT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM2NDJaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3Y2VhYzhhYjY1OWJmODNiZWVjNGI0NzEwNjQzYjlkZDU5Zjg0ZDRmOWEz
Yzc1MGJiYzEzNzEzMDFjNTEwMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+nS+B55owr0pougSng+1ii1oB6T5OeKfzxz5wxO6B6pvcArzXu8QTOrOKj
ZrGkX9K7r2PB7sOOSBLLHcOo9kJArdpwMXK04AZM78fScL1kDuwFLMpxpIhj4kpy
esPmb2rBS4pZFugO0NyLQ8xbD3VLHEDe67PONuDst3iXzPiqzYU283JTluwbxrqt
RLEsBdVQt1R1ZDkyYP7RDsXhsT23qWV1AJLtg95JzrBkQdq3175RYp40IOMvETSS
TQGugfnjMMaSmNnqScV05gS0bQr3lbC/jR7G5KgF9coHnNBOM7HqIsagMI6MNtQL
YDFsVhHXQFDqNRQVWWH7S8UGRpUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTPlDrp
rFaosV9Fb1H4jRYzbsCd8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTViZjUzZjctNjE3OC00YWQyLWJlOWUtN2I5NDVhMWU4NTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FpQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAA8LWK3sHj+i2VqWcAfsGikDdI0Y2DzfLo+Qi
Q5h5UyG3huCCRvcSwCSXBGMATmRRv5LWoX7b4GIVzinSvvQXNOfUaB3/1wFvi7Z1
Afwd0+8kNW2Y6FKEW7Fnnc4hisKrVZJ9FEBs4G7BIlUOrWjKr52dgRZNjY2sR6x5
NP350JsUiDXhOGBlU2xDEHiQTyfj4PCQdMnfPuE3Q74ebAaI9hQ6Nd4TgKlSu2w+
TrKJx7PeyVQOdKrAKHid6wNKYPV8jhwhFCpHNBmBgsxIYbKVq/sscE5voJpeMLzJ
SjLsywPZcdaZ+o+PzXd/XEeN050nYfeQzak6exCAh1uWW3+GeA==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:14:54 2026 by rpki-client