Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6876b754-8507-46c1-9acb-e5620665b9d1.roa
File: 6876b754-8507-46c1-9acb-e5620665b9d1.roa (raw, json)
Hash identifier: DzD5JIsqRVnmwFDyU+UEChqFRY94OL6MeCGg9SM4NQo=
Subject key identifier: 5E:31:14:1D:98:E9:B8:0D:4B:68:CF:E9:35:32:85:3D:1A:23:92:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 482403789FD6C8B7CB1400BCB54ABB3E837BF598
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6876b754-8507-46c1-9acb-e5620665b9d1.roa
Signing time: Thu 12 Mar 2026 15:40:04 +0000
ROA not before: Thu 12 Mar 2026 15:40:04 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d033:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:24:03:78:9f:d6:c8:b7:cb:14:00:bc:b5:4a:bb:3e:83:7b:f5:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:40:04 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=de9325c9dcda4581369b508d49b9b38018d8438c33aae0e1553adb316224e61f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5e:91:6e:2a:05:45:f2:78:69:d8:3c:4b:bb:
59:37:2d:e4:34:e1:dc:57:3d:87:7f:1c:e7:25:c8:
f6:95:a5:2c:3e:3b:96:33:e8:82:b7:58:83:e0:9f:
77:3f:8c:2a:96:d6:d8:2d:e3:3f:44:88:6c:38:81:
ae:5a:3e:38:c0:55:7a:fd:04:9c:08:3d:f3:81:b0:
3a:34:01:0d:a7:99:94:f2:e2:61:c5:43:f2:eb:68:
d7:63:c8:6c:b2:f7:0f:82:ee:12:db:97:6a:5e:0f:
36:81:89:4a:f0:01:a8:68:aa:3d:4b:e3:a1:aa:88:
ee:9e:32:17:9a:10:3b:2a:9e:58:ed:bf:33:28:72:
68:02:27:01:e9:11:d0:42:b5:84:68:6b:b5:34:a7:
a9:15:c8:9c:71:b4:0a:34:23:e7:d9:15:b4:46:70:
81:73:76:0e:0c:78:da:3a:67:f4:3b:dd:62:1f:01:
e8:e4:b6:f8:d6:6c:2d:01:18:da:2e:75:17:70:f4:
94:6b:eb:60:bd:ae:9e:d7:94:88:91:da:e7:2c:48:
13:e7:2c:95:22:05:7b:72:e7:38:d7:2d:7d:23:9c:
c0:58:c6:2b:8c:b4:58:3d:ea:39:bf:d1:6d:4c:ab:
d5:89:83:0e:89:82:79:29:5b:26:20:63:ff:8b:be:
bc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:31:14:1D:98:E9:B8:0D:4B:68:CF:E9:35:32:85:3D:1A:23:92:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6876b754-8507-46c1-9acb-e5620665b9d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d033:2000::/40
Signature Algorithm: sha256WithRSAEncryption
96:fa:d1:56:26:3a:36:d9:d3:e1:f7:52:f5:aa:53:78:85:cf:
86:ba:03:1b:07:ab:ed:4a:fb:d1:ef:10:ee:d0:52:ba:15:f3:
11:a5:f3:95:8e:a5:f0:82:f7:d1:83:4c:8d:90:f1:59:24:fb:
4f:14:8f:eb:73:a9:5c:c6:30:f0:d8:b6:c2:d5:68:98:00:8b:
d6:f5:5a:1e:4d:35:8c:87:b8:ea:ff:e4:48:7b:92:10:30:50:
44:ad:a0:a0:8d:14:ed:19:e6:51:b0:1f:c2:ba:0f:e9:de:19:
03:20:4a:5a:ce:e7:7f:23:c2:02:af:b4:19:e8:5e:ae:a0:5a:
66:3d:e9:6f:89:66:4e:d4:7d:0a:1c:b6:95:13:c1:80:8a:64:
6f:41:45:dc:77:c6:89:e8:12:3f:9a:31:c1:17:c4:ef:4c:94:
c0:2d:91:6a:f6:42:2f:17:d8:14:c7:65:be:a2:58:56:0a:ea:
56:6f:ef:09:78:ea:95:85:02:7f:8f:40:7c:36:a7:74:a0:42:
6b:50:05:41:ae:36:22:d7:c2:f1:c0:de:a5:24:9d:94:b4:f2:
18:5f:65:e5:a9:73:5a:8f:2c:04:6a:9d:a2:89:12:cc:18:94:
b8:3b:aa:b1:b4:f0:92:de:05:41:e2:f5:b2:7c:0e:48:b3:86:
00:f9:e9:f2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSCQDeJ/WyLfLFAC8tUq7PoN79ZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQwMDRaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlOTMyNWM5ZGNkYTQ1ODEzNjliNTA4ZDQ5YjliMzgwMThkODQzOGMzM2Fh
ZTBlMTU1M2FkYjMxNjIyNGU2MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9ekW4qBUXyeGnYPEu7WTct5DTh3Fc9h38c5yXI9pWlLD47ljPogrdYg+Cf
dz+MKpbW2C3jP0SIbDiBrlo+OMBVev0EnAg984GwOjQBDaeZlPLiYcVD8uto12PI
bLL3D4LuEtuXal4PNoGJSvABqGiqPUvjoaqI7p4yF5oQOyqeWO2/MyhyaAInAekR
0EK1hGhrtTSnqRXInHG0CjQj59kVtEZwgXN2Dgx42jpn9DvdYh8B6OS2+NZsLQEY
2i51F3D0lGvrYL2unteUiJHa5yxIE+cslSIFe3LnONctfSOcwFjGK4y0WD3qOb/R
bUyr1YmDDomCeSlbJiBj/4u+vOUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReMRQd
mOm4DUtoz+k1MoU9GiOSfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg3NmI3NTQtODUwNy00NmMxLTlhY2ItZTU2MjA2NjViOWQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DMg
MA0GCSqGSIb3DQEBCwUAA4IBAQCW+tFWJjo22dPh91L1qlN4hc+GugMbB6vtSvvR
7xDu0FK6FfMRpfOVjqXwgvfRg0yNkPFZJPtPFI/rc6lcxjDw2LbC1WiYAIvW9Voe
TTWMh7jq/+RIe5IQMFBEraCgjRTtGeZRsB/Cug/p3hkDIEpazud/I8ICr7QZ6F6u
oFpmPelviWZO1H0KHLaVE8GAimRvQUXcd8aJ6BI/mjHBF8TvTJTALZFq9kIvF9gU
x2W+olhWCupWb+8JeOqVhQJ/j0B8Nqd0oEJrUAVBrjYi18LxwN6lJJ2UtPIYX2Xl
qXNajywEap2iiRLMGJS4O6qxtPCS3gVB4vWyfA5Is4YA+eny
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:14:58 2026 by rpki-client