Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b8b2d8f-53b3-4a11-9bc5-462e4a702e73.roa
File: 1b8b2d8f-53b3-4a11-9bc5-462e4a702e73.roa (raw, json)
Hash identifier: i8crhZ+q2zxPV7o6jX20QKr6vPSnIgYR0iZvKcrxopg=
Subject key identifier: C3:17:63:DD:04:6B:42:96:9D:17:72:54:49:5B:40:AA:C6:27:2A:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AC9642EDB02508B7ED3E8A30102CA9D2EBC50DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b8b2d8f-53b3-4a11-9bc5-462e4a702e73.roa
Signing time: Thu 12 Mar 2026 15:41:27 +0000
ROA not before: Thu 12 Mar 2026 15:41:27 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:c9:64:2e:db:02:50:8b:7e:d3:e8:a3:01:02:ca:9d:2e:bc:50:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:41:27 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=036776e59cbe95f7ff0008ab0c75d7b510ac9eb63e72263e37284328b13e8063, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fb:2d:d5:02:39:10:99:22:f5:84:9b:be:c9:
27:b6:74:40:1d:ad:13:51:67:28:93:4b:b2:56:d5:
6e:4e:9e:48:4b:fb:69:f8:c5:5d:57:67:40:db:ed:
e2:a0:c4:f9:e5:13:85:6d:c9:f4:5c:ce:9d:93:01:
fe:5d:7a:5b:c8:a1:22:f7:8c:a8:fb:3b:87:da:f1:
5d:e3:a8:ef:21:2b:9d:64:56:89:56:4a:82:7c:55:
8f:5e:b8:0f:49:2f:b4:de:f5:fa:24:db:ab:bd:2f:
8c:b9:25:11:5d:9e:7b:dc:cb:ac:d1:bb:8d:4c:d9:
30:02:e0:8e:b3:02:8e:f2:b7:21:31:b4:93:ab:90:
1f:fb:5e:17:3e:76:d9:88:ae:0c:34:5b:67:c0:7e:
24:b7:8b:07:e5:4b:59:fe:96:08:ed:c8:45:c8:42:
b5:25:8b:18:0a:17:f5:b0:d0:b6:a8:89:29:52:15:
cb:0f:05:c8:a4:76:45:1e:58:cc:f1:62:54:67:e5:
9f:6c:9b:b0:53:20:20:36:86:19:a7:06:20:db:5b:
3a:8c:78:3e:7c:d0:bb:e2:21:df:3b:5b:5d:3d:9c:
17:58:9b:29:b9:dc:ae:e3:2e:cd:71:3c:9a:31:ca:
06:fd:fa:4e:39:3e:9d:54:64:06:60:0e:44:90:b6:
4c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:17:63:DD:04:6B:42:96:9D:17:72:54:49:5B:40:AA:C6:27:2A:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b8b2d8f-53b3-4a11-9bc5-462e4a702e73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:b000::/40
Signature Algorithm: sha256WithRSAEncryption
34:b3:67:25:0d:ea:c1:28:8e:49:56:d6:b3:01:15:3c:ab:1f:
ec:33:86:b2:e3:a9:ec:3e:ed:e8:08:1d:59:b3:fa:4b:4d:bf:
3a:34:73:78:f6:b4:f4:f8:f7:99:35:51:71:00:f0:51:3f:7d:
51:2f:a6:b4:c3:e2:d0:6e:81:8e:41:d4:f3:9c:8f:a1:fa:37:
e3:c5:9c:c8:61:9c:d4:b9:66:72:5e:0a:35:e6:3e:3f:76:a3:
14:b5:d4:f8:3d:3a:10:b5:81:27:35:78:a6:e2:04:ff:bd:a2:
db:76:10:99:11:8b:ca:be:77:31:c6:2b:82:75:7f:c1:94:12:
9c:39:52:df:76:31:10:85:4c:db:75:33:c6:53:6d:27:40:64:
56:82:78:1e:00:26:00:ee:79:ee:85:3f:e9:01:2f:d1:02:e4:
bb:18:d8:49:4a:78:49:bb:0e:07:28:8f:4c:e5:34:c4:55:63:
42:4d:5b:c5:1e:a7:de:cc:8a:e0:bf:97:e6:9f:0f:7a:b5:ab:
dd:2a:7a:58:5a:87:2a:45:a8:6c:c0:b4:0e:a9:18:0f:a9:51:
a8:00:cd:af:ea:21:92:48:4e:68:99:87:be:4c:29:21:f7:a1:
3b:c7:8c:6d:d4:55:b9:43:0f:00:2c:d0:53:e6:b3:82:66:83:
51:85:46:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOslkLtsCUIt+0+ijAQLKnS68UNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQxMjdaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzNjc3NmU1OWNiZTk1ZjdmZjAwMDhhYjBjNzVkN2I1MTBhYzllYjYzZTcy
MjYzZTM3Mjg0MzI4YjEzZTgwNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKX7LdUCORCZIvWEm77JJ7Z0QB2tE1FnKJNLslbVbk6eSEv7afjFXVdnQNvt
4qDE+eUThW3J9FzOnZMB/l16W8ihIveMqPs7h9rxXeOo7yErnWRWiVZKgnxVj164
D0kvtN71+iTbq70vjLklEV2ee9zLrNG7jUzZMALgjrMCjvK3ITG0k6uQH/teFz52
2YiuDDRbZ8B+JLeLB+VLWf6WCO3IRchCtSWLGAoX9bDQtqiJKVIVyw8FyKR2RR5Y
zPFiVGfln2ybsFMgIDaGGacGINtbOox4PnzQu+Ih3ztbXT2cF1ibKbncruMuzXE8
mjHKBv36Tjk+nVRkBmAORJC2TC8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDF2Pd
BGtClp0XclRJW0CqxicqBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWI4YjJkOGYtNTNiMy00YTExLTliYzUtNDYyZTRhNzAyZTczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fqw
MA0GCSqGSIb3DQEBCwUAA4IBAQA0s2clDerBKI5JVtazARU8qx/sM4ay46nsPu3o
CB1Zs/pLTb86NHN49rT0+PeZNVFxAPBRP31RL6a0w+LQboGOQdTznI+h+jfjxZzI
YZzUuWZyXgo15j4/dqMUtdT4PToQtYEnNXim4gT/vaLbdhCZEYvKvncxxiuCdX/B
lBKcOVLfdjEQhUzbdTPGU20nQGRWgngeACYA7nnuhT/pAS/RAuS7GNhJSnhJuw4H
KI9M5TTEVWNCTVvFHqfezIrgv5fmnw96tavdKnpYWocqRahswLQOqRgPqVGoAM2v
6iGSSE5omYe+TCkh96E7x4xt1FW5Qw8ALNBT5rOCZoNRhUY8
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:14:59 2026 by rpki-client