Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa
File: 71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa (raw, json)
Hash identifier: jJZ3Jr1JxZdKytsc7YsimJooc1zXwrVSFSpQHnwACtQ=
Subject key identifier: 32:C5:E4:AA:57:32:9B:73:7B:B6:F5:57:B3:7A:97:42:CA:3D:84:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D25E989D18EE21224B7718261F346D6ED1A1CE6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa
Signing time: Mon 27 Apr 2026 00:30:15 +0000
ROA not before: Mon 27 Apr 2026 00:30:15 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:25:e9:89:d1:8e:e2:12:24:b7:71:82:61:f3:46:d6:ed:1a:1c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:30:15 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=3b956efa027f940aba738122e4a7b89db12720ba54e5e549de8768e9a9b605ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ae:8f:b6:9c:74:9e:e0:10:fb:e0:28:ce:3d:
06:ea:fb:9c:ac:17:01:4c:56:26:8a:44:c0:68:59:
65:e7:a7:f1:2b:e2:b9:2e:3b:f9:b0:ec:be:3d:64:
38:a7:da:d9:26:a1:9f:bf:d3:9d:2e:5b:c9:e8:a4:
b9:2e:3c:1a:fc:f3:85:54:1c:98:fe:31:94:14:16:
9e:c2:85:b9:8b:a3:37:bb:1b:2a:bc:69:21:93:88:
c1:68:42:5e:d8:97:c1:a0:29:50:05:45:55:a3:bd:
d1:2f:aa:2f:ce:35:c2:07:e5:ae:5e:7d:11:e4:46:
bc:5d:f5:bb:2c:4e:ee:b2:16:a1:7c:9d:1a:4d:46:
2d:76:8c:5b:5a:2c:f9:57:9a:3e:2b:85:55:bf:72:
e1:bc:6c:24:45:9f:3f:f4:64:d0:1f:a6:e9:5c:54:
32:0b:c1:12:2c:02:89:a7:f6:19:4e:6d:77:c5:d8:
d7:66:15:35:19:c9:49:01:ee:ba:10:b3:51:0c:4b:
9f:9d:af:39:88:36:44:25:e3:b7:f5:9e:d7:f5:5a:
89:fb:dc:0e:0c:82:82:4d:8f:81:90:11:98:22:c7:
77:5f:7a:0d:b2:a2:fd:73:39:da:c5:93:8a:48:27:
c0:e5:22:05:df:76:c6:ac:c9:c1:96:32:5d:45:a2:
46:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C5:E4:AA:57:32:9B:73:7B:B6:F5:57:B3:7A:97:42:CA:3D:84:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6080::/48
Signature Algorithm: sha256WithRSAEncryption
bd:64:76:1f:58:a4:d8:72:e1:53:c7:da:68:31:20:ac:78:c2:
25:8a:41:cf:a0:e2:9a:04:18:e9:12:20:c0:df:66:7f:1c:92:
5e:45:15:57:05:ec:36:30:bf:a4:56:69:78:55:53:5b:f3:ef:
4c:42:c3:ae:8e:32:fb:b3:f1:02:a2:ac:85:9d:26:35:dd:45:
a5:8b:2f:87:2b:20:8e:b8:98:76:5e:8f:fb:2b:de:59:1d:05:
86:97:6b:f9:70:4f:9f:8d:87:79:07:70:a3:18:c5:ea:1a:bd:
6e:db:c4:38:5e:c6:ad:71:69:f4:7d:51:c9:64:12:a7:2a:d9:
9a:d6:d9:6c:53:63:29:fc:05:be:b0:01:e1:81:28:6b:31:71:
b5:16:b2:79:2f:3c:ac:cd:24:aa:bb:67:1a:5b:48:22:ca:79:
cd:a0:3f:1d:1c:0e:fc:2f:3c:f4:2f:02:97:74:03:05:08:52:
7d:0a:94:a3:e5:36:ba:1a:1d:19:cf:c0:df:21:40:a9:cb:51:
fb:01:e0:09:6f:cc:c7:7d:2a:f2:9e:03:73:f0:70:75:67:2c:
f7:f7:eb:68:49:8b:a0:79:4b:88:34:bb:e1:88:cc:62:63:79:
04:12:1a:71:0f:43:65:fb:3f:2e:b2:f3:54:3a:c6:c5:07:4c:
9c:93:35:ac
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTSXpidGO4hIkt3GCYfNG1u0aHOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDMwMTVaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiOTU2ZWZhMDI3Zjk0MGFiYTczODEyMmU0YTdiODlkYjEyNzIwYmE1NGU1
ZTU0OWRlODc2OGU5YTliNjA1Y2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMiuj7acdJ7gEPvgKM49Bur7nKwXAUxWJopEwGhZZeen8SviuS47+bDsvj1k
OKfa2Sahn7/TnS5byeikuS48GvzzhVQcmP4xlBQWnsKFuYujN7sbKrxpIZOIwWhC
XtiXwaApUAVFVaO90S+qL841wgflrl59EeRGvF31uyxO7rIWoXydGk1GLXaMW1os
+VeaPiuFVb9y4bxsJEWfP/Rk0B+m6VxUMgvBEiwCiaf2GU5td8XY12YVNRnJSQHu
uhCzUQxLn52vOYg2RCXjt/We1/VaifvcDgyCgk2PgZARmCLHd196DbKi/XM52sWT
ikgnwOUiBd92xqzJwZYyXUWiRokCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQyxeSq
VzKbc3u29VezepdCyj2EnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzFkMTJlZjgtOTZiMy00Y2MxLTliNWItYjliNTk4Y2QxOGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
gDANBgkqhkiG9w0BAQsFAAOCAQEAvWR2H1ik2HLhU8faaDEgrHjCJYpBz6DimgQY
6RIgwN9mfxySXkUVVwXsNjC/pFZpeFVTW/PvTELDro4y+7PxAqKshZ0mNd1FpYsv
hysgjriYdl6P+yveWR0Fhpdr+XBPn42HeQdwoxjF6hq9btvEOF7GrXFp9H1RyWQS
pyrZmtbZbFNjKfwFvrAB4YEoazFxtRayeS88rM0kqrtnGltIIsp5zaA/HRwO/C88
9C8Cl3QDBQhSfQqUo+U2uhodGc/A3yFAqctR+wHgCW/Mx30q8p4Dc/BwdWcs9/fr
aEmLoHlLiDS74YjMYmN5BBIacQ9DZfs/LrLzVDrGxQdMnJM1rA==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:32:42 2026 by rpki-client