Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60e6a684-7f6a-4f3f-8ca5-0d566c2a7875.roa
File: 60e6a684-7f6a-4f3f-8ca5-0d566c2a7875.roa (raw, json)
Hash identifier: WAk1PLgD3fPjErJtzDsgJb33qoXlPTHRE4dtejh5jfw=
Subject key identifier: D1:90:7C:B5:95:14:12:C3:7E:E7:D3:E5:85:12:B8:9F:EE:3C:41:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A45869D21C0F57215B49A6FD00A0BB24BCB5686
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60e6a684-7f6a-4f3f-8ca5-0d566c2a7875.roa
Signing time: Thu 12 Mar 2026 15:36:43 +0000
ROA not before: Thu 12 Mar 2026 15:36:43 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:45:86:9d:21:c0:f5:72:15:b4:9a:6f:d0:0a:0b:b2:4b:cb:56:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:36:43 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=0e7ab518fc46e1e10c39b664cdcc39bd1fd7496b1916d652003f822338c60b25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1b:25:0f:ba:30:46:78:f6:48:86:8b:37:c1:
ea:9e:ae:b5:39:95:9e:38:26:3d:fe:c1:0b:54:64:
c0:9e:10:3c:1e:3e:a0:c0:c7:7a:c2:b9:ca:d3:71:
fd:c3:a0:f8:b9:bf:26:10:2a:52:ae:4c:42:d9:53:
af:4a:90:18:72:03:b2:93:60:69:54:fa:cd:c9:05:
fd:36:ad:b4:a7:10:dd:61:d5:38:6b:94:65:b0:b3:
b5:48:50:cb:13:1b:6c:e7:2e:f0:01:9a:de:24:e6:
f8:92:09:95:d2:65:bf:8d:1a:48:70:d7:9d:37:03:
72:2e:f2:e2:73:55:42:1c:74:a2:0b:19:95:55:fb:
88:2c:52:b2:56:58:d5:4d:b2:ce:35:ad:0b:ba:b8:
c4:3f:9f:d4:6b:3c:bc:07:dc:48:74:47:cd:0f:14:
24:65:72:e2:23:58:ea:cf:46:36:95:05:82:3b:d7:
70:34:5f:d4:b3:a1:61:9d:ea:8c:2f:68:89:45:06:
36:d0:13:8f:3f:d9:9c:a3:65:6f:f7:07:82:e9:30:
44:f2:c0:b0:aa:a6:61:5d:a1:ad:59:ac:28:b8:75:
4d:39:66:6a:60:87:ef:09:75:4c:f4:6b:14:da:d2:
a5:b8:fa:c1:d8:89:42:df:66:a2:0c:78:57:7c:00:
99:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:90:7C:B5:95:14:12:C3:7E:E7:D3:E5:85:12:B8:9F:EE:3C:41:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60e6a684-7f6a-4f3f-8ca5-0d566c2a7875.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
8c:5a:18:3f:d8:3b:12:52:6e:83:59:9d:fe:81:31:fa:37:04:
42:c6:71:d9:d7:4a:29:f3:13:67:48:ee:a1:38:87:94:8c:8e:
39:a8:f8:60:2e:9e:1f:7e:2f:27:22:cf:71:99:59:21:23:c8:
09:c7:bf:05:a4:28:f7:07:d8:44:f6:91:ce:6e:9f:92:b9:d1:
50:e3:f7:53:18:98:dc:89:45:ae:5e:74:83:e9:0a:53:6e:a8:
c1:39:b8:7f:b2:94:d3:e0:6b:19:1c:03:bc:cb:8b:ea:85:d3:
36:6a:79:d6:14:81:04:b5:bf:66:02:10:77:ef:5d:c6:f0:1e:
4e:d1:50:96:a4:74:6e:d7:c5:52:c6:36:9a:df:79:f6:ed:56:
3d:ca:d4:60:a9:b9:9c:b0:8f:3d:31:b4:9d:5a:23:32:90:6a:
6c:b0:bb:61:d5:b7:51:04:53:3b:4d:02:19:f1:95:4e:40:10:
88:12:89:b3:79:29:46:73:39:2c:ff:67:ca:12:e2:29:32:ba:
c8:96:3a:db:89:72:a3:b3:0a:5b:5b:f0:38:01:db:0f:58:a9:
d3:fc:35:0d:c2:40:35:e9:c4:b4:4b:29:26:98:18:cc:ff:c1:
bc:66:38:19:9e:26:0f:4e:31:18:a9:05:40:79:a3:36:6c:30:
62:44:b3:11
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUekWGnSHA9XIVtJpv0AoLskvLVoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM2NDNaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlN2FiNTE4ZmM0NmUxZTEwYzM5YjY2NGNkY2MzOWJkMWZkNzQ5NmIxOTE2
ZDY1MjAwM2Y4MjIzMzhjNjBiMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANobJQ+6MEZ49kiGizfB6p6utTmVnjgmPf7BC1RkwJ4QPB4+oMDHesK5ytNx
/cOg+Lm/JhAqUq5MQtlTr0qQGHIDspNgaVT6zckF/TattKcQ3WHVOGuUZbCztUhQ
yxMbbOcu8AGa3iTm+JIJldJlv40aSHDXnTcDci7y4nNVQhx0ogsZlVX7iCxSslZY
1U2yzjWtC7q4xD+f1Gs8vAfcSHRHzQ8UJGVy4iNY6s9GNpUFgjvXcDRf1LOhYZ3q
jC9oiUUGNtATjz/ZnKNlb/cHgukwRPLAsKqmYV2hrVmsKLh1TTlmamCH7wl1TPRr
FNrSpbj6wdiJQt9mogx4V3wAmekCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTRkHy1
lRQSw37n0+WFErif7jxBnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBlNmE2ODQtN2Y2YS00ZjNmLThjYTUtMGQ1NjZjMmE3ODc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FpQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAjFoYP9g7ElJug1md/oEx+jcEQsZx2ddKKfMT
Z0juoTiHlIyOOaj4YC6eH34vJyLPcZlZISPICce/BaQo9wfYRPaRzm6fkrnRUOP3
UxiY3IlFrl50g+kKU26owTm4f7KU0+BrGRwDvMuL6oXTNmp51hSBBLW/ZgIQd+9d
xvAeTtFQlqR0btfFUsY2mt959u1WPcrUYKm5nLCPPTG0nVojMpBqbLC7YdW3UQRT
O00CGfGVTkAQiBKJs3kpRnM5LP9nyhLiKTK6yJY624lyo7MKW1vwOAHbD1ip0/w1
DcJANenEtEspJpgYzP/BvGY4GZ4mD04xGKkFQHmjNmwwYkSzEQ==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:14:57 2026 by rpki-client