Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d00de00-a7c3-4203-8495-81263911fa2c.roa
File: 5d00de00-a7c3-4203-8495-81263911fa2c.roa (raw, json)
Hash identifier: UP+YflxRSZ3vaFrBPQ0Po+0y0tlJgHMAQlhrgm5PK/c=
Subject key identifier: C7:E6:94:45:AB:5A:C5:CE:1E:EF:9F:26:10:99:B9:9E:0F:C3:29:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56222903F924DDC46AF6635BB1249D214C52019E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d00de00-a7c3-4203-8495-81263911fa2c.roa
Signing time: Thu 12 Mar 2026 15:36:46 +0000
ROA not before: Thu 12 Mar 2026 15:36:46 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:22:29:03:f9:24:dd:c4:6a:f6:63:5b:b1:24:9d:21:4c:52:01:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:36:46 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=2f3da1065b86397bf1a8914eb867ae2ec6e715316d940c4b3491bd12c11ae028, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:86:01:54:0f:0d:ba:67:a6:7a:b6:0b:f3:68:
a8:30:81:61:0d:86:ea:1e:7f:72:ca:91:67:59:96:
4a:3f:33:bc:10:ed:29:87:9f:33:27:9b:21:cf:08:
78:cd:eb:82:32:56:80:df:81:b6:dc:b8:65:36:6a:
8e:81:31:09:58:7a:97:d6:c8:05:bd:53:29:f6:5f:
a8:86:03:bd:a2:a6:58:61:89:c9:d8:2f:db:bd:8c:
da:51:a8:9b:53:78:fe:36:e0:6d:1b:dd:75:b2:55:
39:01:33:ab:60:77:3c:45:b5:78:e1:ef:20:62:f8:
cd:a5:59:30:15:d0:1a:91:8b:62:9a:32:33:c9:7b:
0f:fa:cc:ae:59:0f:33:9c:f4:31:65:34:9d:ff:a3:
c8:bf:f3:ed:fc:e2:b5:02:f7:c4:70:ca:91:f5:91:
d0:9c:8b:ef:e3:0b:8c:de:5f:8b:c8:e5:89:9e:28:
3e:79:9a:62:36:43:49:47:5f:a5:4a:93:0d:e7:0e:
4e:f3:f6:d9:30:5f:62:be:4a:f8:8c:9b:a3:b2:ff:
9b:af:ce:07:29:6b:aa:d9:74:df:bc:4a:ff:52:1d:
17:6f:89:37:9a:e7:cb:28:e4:33:fb:3b:e9:a1:71:
6b:4f:e5:f1:bf:4c:b1:a1:f3:d3:97:14:a0:7b:4c:
40:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E6:94:45:AB:5A:C5:CE:1E:EF:9F:26:10:99:B9:9E:0F:C3:29:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d00de00-a7c3-4203-8495-81263911fa2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:8080::/48
Signature Algorithm: sha256WithRSAEncryption
94:ab:47:c2:d6:ac:23:00:10:00:46:24:0f:ff:24:ba:6c:35:
ef:ff:90:ef:8b:c1:a8:b6:f0:63:78:b5:e5:a4:3b:6f:7d:ae:
dd:35:2e:4c:a5:a4:e3:8f:d1:62:8b:3c:96:42:6e:7a:3b:98:
ad:2f:aa:2f:eb:f7:3b:ba:05:a3:74:26:94:5c:51:59:4d:11:
35:2b:a2:14:5c:10:35:f2:9a:5e:31:24:6e:b1:0c:b5:46:f2:
70:ea:dd:26:4d:fa:48:7b:43:56:be:b2:7c:c4:34:e2:fb:13:
6a:65:39:c4:84:cb:a1:8d:7b:27:b4:e0:d8:b7:66:29:8a:0a:
69:7d:cf:0a:57:9e:d0:cb:9a:ad:25:8b:c0:29:00:5e:ba:f3:
39:1d:e5:2e:3b:92:4f:f2:96:5f:b1:b7:4b:4b:41:2a:96:46:
f5:72:a7:24:54:c4:92:3a:a6:9b:5c:36:63:13:3e:46:6e:c7:
04:19:b5:d8:27:a7:68:9b:73:fe:ec:3d:bc:81:43:0f:fe:7c:
e3:64:60:ec:83:fd:07:f2:53:ad:f9:13:a5:c1:a2:6f:3f:18:
70:66:19:82:03:39:96:9b:ba:fb:73:b5:a1:cd:4e:b8:55:2c:
e9:13:57:aa:2c:bc:9a:0e:7e:6a:3a:dd:1f:20:24:bc:80:37:
74:88:04:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUViIpA/kk3cRq9mNbsSSdIUxSAZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM2NDZaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmM2RhMTA2NWI4NjM5N2JmMWE4OTE0ZWI4NjdhZTJlYzZlNzE1MzE2ZDk0
MGM0YjM0OTFiZDEyYzExYWUwMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPiGAVQPDbpnpnq2C/NoqDCBYQ2G6h5/csqRZ1mWSj8zvBDtKYefMyebIc8I
eM3rgjJWgN+Btty4ZTZqjoExCVh6l9bIBb1TKfZfqIYDvaKmWGGJydgv272M2lGo
m1N4/jbgbRvddbJVOQEzq2B3PEW1eOHvIGL4zaVZMBXQGpGLYpoyM8l7D/rMrlkP
M5z0MWU0nf+jyL/z7fzitQL3xHDKkfWR0JyL7+MLjN5fi8jliZ4oPnmaYjZDSUdf
pUqTDecOTvP22TBfYr5K+Iybo7L/m6/OBylrqtl037xK/1IdF2+JN5rnyyjkM/s7
6aFxa0/l8b9MsaHz05cUoHtMQFMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTH5pRF
q1rFzh7vnyYQmbmeD8MpojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQwMGRlMDAtYTdjMy00MjAzLTg0OTUtODEyNjM5MTFmYTJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FqA
gDANBgkqhkiG9w0BAQsFAAOCAQEAlKtHwtasIwAQAEYkD/8kumw17/+Q74vBqLbw
Y3i15aQ7b32u3TUuTKWk44/RYos8lkJuejuYrS+qL+v3O7oFo3QmlFxRWU0RNSui
FFwQNfKaXjEkbrEMtUbycOrdJk36SHtDVr6yfMQ04vsTamU5xITLoY17J7Tg2Ldm
KYoKaX3PClee0MuarSWLwCkAXrrzOR3lLjuST/KWX7G3S0tBKpZG9XKnJFTEkjqm
m1w2YxM+Rm7HBBm12CenaJtz/uw9vIFDD/5842Rg7IP9B/JTrfkTpcGibz8YcGYZ
ggM5lpu6+3O1oc1OuFUs6RNXqiy8mg5+ajrdHyAkvIA3dIgEgw==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:15:17 2026 by rpki-client