Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
File: 57cdb107-9a3c-4e41-87e2-149f989f7fae.roa (raw, json)
Hash identifier: 3dMbsKnQTqkBlppsnnGSEflRbTOFB7H1ZlE/IyQSG+8=
Subject key identifier: C6:87:2F:20:CC:FA:F4:D2:DD:2F:A2:20:3F:38:5B:02:9F:A9:B1:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10A3FF5F8DE2648FB43F6C0D2A86CB91C118B54D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
Signing time: Mon 27 Apr 2026 00:30:08 +0000
ROA not before: Mon 27 Apr 2026 00:30:08 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:a3:ff:5f:8d:e2:64:8f:b4:3f:6c:0d:2a:86:cb:91:c1:18:b5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:30:08 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=963f173242a62232753f27e197fabfba5096dc7c4ef489824ec760a4bb1eb74f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:84:c1:a3:97:be:56:0c:7a:a7:25:2c:cb:fc:
b5:b7:1f:e1:28:22:37:c4:3b:65:b7:5c:dc:9f:b1:
75:35:8e:e1:98:86:6f:56:fb:30:fd:0d:f8:bd:f8:
46:25:f7:9e:72:60:f0:ff:7e:9e:19:49:e3:e9:57:
ac:51:81:c9:66:3a:e3:05:ba:f2:d6:0c:44:5a:84:
2c:02:b3:28:b3:c6:c8:06:40:89:03:16:cf:20:9b:
81:de:53:c6:6e:16:63:ed:67:3d:b6:ae:49:ce:f4:
86:5f:0a:2a:f2:e8:c4:a2:de:3b:1f:4f:e8:6a:41:
59:4d:f8:fa:aa:d3:ed:83:b7:3e:40:f7:d1:86:5b:
08:06:64:78:49:cd:04:b7:a4:04:f8:fc:46:4b:0e:
de:bb:f4:d6:1b:9c:9e:45:1b:ae:d5:ec:d3:a1:6b:
03:93:a7:95:84:3d:5c:dc:aa:66:1a:e1:f5:e5:ea:
db:d0:b2:34:6b:9f:f5:7d:a6:b2:a3:e6:1d:2f:a7:
f6:4a:f6:16:15:0f:87:e7:34:ce:3b:92:85:7a:01:
7c:3c:df:2a:2d:65:d0:68:28:0a:1d:52:eb:36:4b:
56:e5:67:c0:0b:d7:a2:bf:40:5b:9e:90:2f:49:79:
0f:3f:7a:4c:fa:ea:51:cc:bd:88:c4:3d:d0:40:ba:
a4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:87:2F:20:CC:FA:F4:D2:DD:2F:A2:20:3F:38:5B:02:9F:A9:B1:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
01:8b:9d:6c:5a:e1:0a:90:57:36:22:ff:2b:51:d3:fc:8e:17:
94:f4:4c:b7:bf:00:5d:e7:aa:7f:94:be:41:59:8f:ca:0a:a6:
66:84:39:e1:2c:cc:19:35:ca:a3:bb:dd:b4:26:1c:34:d7:14:
9f:52:2a:36:e7:aa:76:f6:a4:b6:ef:c7:45:cb:be:a8:5a:f2:
b9:0e:02:8b:87:49:9d:5f:ad:ba:9f:ba:d8:3c:5b:af:0f:db:
05:f4:7f:66:ed:9c:be:6e:94:8f:38:40:50:26:4f:2d:e7:00:
77:6f:1a:bb:15:26:83:bd:99:dd:e7:f1:4e:d7:75:c9:b0:81:
5f:af:33:97:13:07:45:b8:8f:96:7c:13:d5:f8:fd:9e:f4:6b:
ec:4f:cb:8e:cd:43:a6:c2:df:8f:dd:eb:0f:94:61:55:13:85:
49:67:06:39:fa:7a:6b:16:c1:1b:3b:c2:c6:0d:ee:f1:d8:e0:
a1:bd:79:81:78:e0:9e:88:28:3d:b6:9b:ce:bf:ae:f7:62:fb:
ea:6d:c4:b9:c9:db:f1:df:48:0a:99:3d:5f:1d:fa:17:c7:8c:
02:a7:60:05:81:8d:63:b9:9b:b0:fe:67:7c:7b:54:92:66:ad:
42:4d:67:4a:18:2f:8c:1d:82:80:74:0b:93:0f:b1:f0:e4:2e:
23:67:11:c6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEKP/X43iZI+0P2wNKobLkcEYtU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDMwMDhaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2M2YxNzMyNDJhNjIyMzI3NTNmMjdlMTk3ZmFiZmJhNTA5NmRjN2M0ZWY0
ODk4MjRlYzc2MGE0YmIxZWI3NGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCEwaOXvlYMeqclLMv8tbcf4SgiN8Q7Zbdc3J+xdTWO4ZiGb1b7MP0N+L34
RiX3nnJg8P9+nhlJ4+lXrFGByWY64wW68tYMRFqELAKzKLPGyAZAiQMWzyCbgd5T
xm4WY+1nPbauSc70hl8KKvLoxKLeOx9P6GpBWU34+qrT7YO3PkD30YZbCAZkeEnN
BLekBPj8RksO3rv01hucnkUbrtXs06FrA5OnlYQ9XNyqZhrh9eXq29CyNGuf9X2m
sqPmHS+n9kr2FhUPh+c0zjuShXoBfDzfKi1l0GgoCh1S6zZLVuVnwAvXor9AW56Q
L0l5Dz96TPrqUcy9iMQ90EC6pIcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTGhy8g
zPr00t0voiA/OFsCn6mxBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdjZGIxMDctOWEzYy00ZTQxLTg3ZTItMTQ5Zjk4OWY3ZmFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
wDANBgkqhkiG9w0BAQsFAAOCAQEAAYudbFrhCpBXNiL/K1HT/I4XlPRMt78AXeeq
f5S+QVmPygqmZoQ54SzMGTXKo7vdtCYcNNcUn1IqNueqdvaktu/HRcu+qFryuQ4C
i4dJnV+tup+62Dxbrw/bBfR/Zu2cvm6UjzhAUCZPLecAd28auxUmg72Z3efxTtd1
ybCBX68zlxMHRbiPlnwT1fj9nvRr7E/Ljs1DpsLfj93rD5RhVROFSWcGOfp6axbB
GzvCxg3u8djgob15gXjgnogoPbabzr+u92L76m3Eucnb8d9ICpk9Xx36F8eMAqdg
BYGNY7mbsP5nfHtUkmatQk1nShgvjB2CgHQLkw+x8OQuI2cRxg==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:31:32 2026 by rpki-client