Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22c23fff-b8b0-4a09-aa3b-9af2f5471b2d.roa
File: 22c23fff-b8b0-4a09-aa3b-9af2f5471b2d.roa (raw, json)
Hash identifier: kXQ14WETHvfrn35G1QLTolWO8sTj2MlXwLM77nlHaQc=
Subject key identifier: 03:31:70:EE:9F:A3:4A:0F:89:8E:9A:AE:CE:4B:6C:8A:C2:8D:72:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F0DA0749DDCB685C57AD7E574D42EC0E5EEF5B7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22c23fff-b8b0-4a09-aa3b-9af2f5471b2d.roa
Signing time: Thu 12 Mar 2026 15:36:47 +0000
ROA not before: Thu 12 Mar 2026 15:36:47 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:0d:a0:74:9d:dc:b6:85:c5:7a:d7:e5:74:d4:2e:c0:e5:ee:f5:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:36:47 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=433f3e89f51dba2f6f96fa6a347dd4571dec59f12b265484e1e0396ded141b26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:f9:ff:12:16:96:73:0c:b6:fb:bb:87:96:3b:
65:46:fb:e9:38:be:23:56:64:9a:53:1a:3a:51:24:
1e:12:60:3f:90:37:97:dd:0a:ff:97:51:42:43:d4:
de:e1:c3:c8:83:b6:e0:ab:fa:97:1b:0d:c5:91:7e:
dc:fb:29:da:ba:9c:b5:f4:64:ab:7f:b7:ff:8b:88:
db:5e:2c:37:3a:ea:06:8a:6d:70:ea:54:0e:9c:d0:
13:4a:f1:64:e6:9c:e2:60:e5:b2:c6:42:05:b0:65:
8e:dd:88:e5:13:f5:7e:f4:93:85:aa:aa:35:49:86:
ce:60:4f:b1:77:67:05:ac:28:41:a2:11:d8:33:e0:
9e:bd:73:11:dc:e0:ad:f7:94:59:cf:09:35:c2:40:
dc:b3:f1:94:fb:a1:8a:79:7b:25:e6:9a:0d:a1:17:
3b:0a:5f:84:bd:d1:3f:fe:b2:14:40:26:9d:85:c8:
94:bf:99:fd:af:f6:3d:2c:29:c8:50:c7:ac:59:55:
bb:3f:c2:27:87:20:ea:99:92:7b:7a:cc:72:8b:93:
c4:54:63:95:c8:fe:85:3b:b2:72:d7:7c:fb:59:e8:
c7:ff:f6:25:32:76:ea:4f:af:78:57:78:52:39:59:
61:31:ee:32:8d:2d:c9:75:a9:9d:7d:54:fe:c7:67:
5a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:31:70:EE:9F:A3:4A:0F:89:8E:9A:AE:CE:4B:6C:8A:C2:8D:72:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22c23fff-b8b0-4a09-aa3b-9af2f5471b2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:840::/48
Signature Algorithm: sha256WithRSAEncryption
45:e2:97:f3:e0:b9:e1:35:87:40:65:23:3e:18:7f:f6:f3:da:
af:58:59:59:6e:8b:bd:68:c5:30:62:4f:eb:66:ef:b0:23:f9:
70:fe:85:25:71:3d:f3:00:ee:ed:ca:96:ae:08:4b:3f:b3:03:
1c:56:a2:59:9f:76:86:7e:1f:c4:59:87:48:e8:6e:97:aa:80:
6e:29:e9:6f:62:75:85:83:04:68:2f:3a:58:a8:50:e3:32:bd:
e8:8c:83:d0:ab:2d:b3:84:32:88:53:99:f8:82:99:1f:ec:d5:
cf:ac:e7:40:74:5d:71:df:d6:0b:db:9f:39:83:c0:42:1e:e0:
e1:e8:f3:9a:4e:e5:17:f7:81:e7:1f:01:86:9e:a8:79:78:24:
86:26:f1:89:5e:5c:55:68:a5:24:e1:77:fb:cc:7b:19:fe:c9:
07:42:5d:e9:77:23:bf:4d:72:5a:02:87:ea:c7:ec:e9:9e:01:
c7:1c:3c:17:da:1d:cb:21:d5:78:b6:be:48:b5:6e:2d:73:3f:
e2:e6:00:53:e9:ae:d6:00:f0:f1:38:e4:6f:59:74:0b:44:56:
3a:69:df:1f:5c:86:f7:82:6a:10:72:63:3a:6c:b6:91:c7:e6:
b6:d8:d5:ce:89:14:7d:35:6a:86:a8:3e:8a:ac:40:a2:66:27:
97:06:7d:98
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTw2gdJ3ctoXFetfldNQuwOXu9bcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM2NDdaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzM2YzZTg5ZjUxZGJhMmY2Zjk2ZmE2YTM0N2RkNDU3MWRlYzU5ZjEyYjI2
NTQ4NGUxZTAzOTZkZWQxNDFiMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPP5/xIWlnMMtvu7h5Y7ZUb76Ti+I1ZkmlMaOlEkHhJgP5A3l90K/5dRQkPU
3uHDyIO24Kv6lxsNxZF+3Psp2rqctfRkq3+3/4uI214sNzrqBoptcOpUDpzQE0rx
ZOac4mDlssZCBbBljt2I5RP1fvSThaqqNUmGzmBPsXdnBawoQaIR2DPgnr1zEdzg
rfeUWc8JNcJA3LPxlPuhinl7JeaaDaEXOwpfhL3RP/6yFEAmnYXIlL+Z/a/2PSwp
yFDHrFlVuz/CJ4cg6pmSe3rMcouTxFRjlcj+hTuyctd8+1nox//2JTJ26k+veFd4
UjlZYTHuMo0tyXWpnX1U/sdnWnECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQDMXDu
n6NKD4mOmq7OS2yKwo1yXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjJjMjNmZmYtYjhiMC00YTA5LWFhM2ItOWFmMmY1NDcxYjJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FoI
QDANBgkqhkiG9w0BAQsFAAOCAQEAReKX8+C54TWHQGUjPhh/9vPar1hZWW6LvWjF
MGJP62bvsCP5cP6FJXE98wDu7cqWrghLP7MDHFaiWZ92hn4fxFmHSOhul6qAbinp
b2J1hYMEaC86WKhQ4zK96IyD0Ksts4QyiFOZ+IKZH+zVz6znQHRdcd/WC9ufOYPA
Qh7g4ejzmk7lF/eB5x8Bhp6oeXgkhibxiV5cVWilJOF3+8x7Gf7JB0Jd6Xcjv01y
WgKH6sfs6Z4Bxxw8F9odyyHVeLa+SLVuLXM/4uYAU+mu1gDw8Tjkb1l0C0RWOmnf
H1yG94JqEHJjOmy2kcfmttjVzokUfTVqhqg+iqxAomYnlwZ9mA==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:18 2026 by rpki-client