Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76e23380-f760-4573-8d9a-544a7dd4391f.roa
File: 76e23380-f760-4573-8d9a-544a7dd4391f.roa (raw, json)
Hash identifier: yY74NYQ8s9mkd4uF/4m4BwrX9KdnlXFiI5GW3L+2FMs=
Subject key identifier: E7:83:A1:3A:FD:1F:F0:CE:CC:31:F6:1A:CB:99:86:41:25:32:71:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C5878C90EF03747708BB4A6955CA1793489BC1C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76e23380-f760-4573-8d9a-544a7dd4391f.roa
Signing time: Thu 12 Mar 2026 15:40:06 +0000
ROA not before: Thu 12 Mar 2026 15:40:06 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d033:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:58:78:c9:0e:f0:37:47:70:8b:b4:a6:95:5c:a1:79:34:89:bc:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:40:06 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=3df43f24f46224dad873e44acb678a909aea77fc057247ae8b3a51e70dee7cdc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fe:5d:7a:ab:a4:7a:c1:34:6a:cd:cd:d6:14:
b8:c4:e3:1c:4b:7e:9f:d0:f3:f8:1e:05:0c:5b:92:
da:12:c0:44:54:52:29:b7:33:67:84:56:3c:8f:7a:
0a:d1:97:85:13:df:cd:cb:91:6a:a7:70:a8:5b:18:
8b:5b:e0:0b:d6:34:fd:72:87:92:e3:56:5c:3d:27:
76:45:5b:f5:5a:62:92:e5:00:91:f1:8c:c1:82:d3:
1a:2b:5e:ba:95:bb:59:f7:7a:ce:1e:d1:b3:96:e4:
71:7a:16:16:4f:d9:03:fb:ef:7a:a7:7c:7a:97:25:
7d:e0:d0:f5:73:f1:77:72:71:5c:6d:58:d6:1e:ff:
74:43:6d:6a:29:66:5a:52:8e:2c:7b:f5:cb:b6:9f:
5e:cf:42:dd:bb:b0:40:8f:08:7b:9d:e5:65:7b:68:
ac:c1:fb:07:3b:f0:7e:a7:82:ac:ad:79:f0:a2:1f:
9e:21:a2:f1:93:59:64:6b:f2:b8:2f:86:9e:95:80:
e6:b4:fe:57:99:6a:32:ee:6e:72:e2:23:b5:65:b6:
b8:08:f2:ad:e1:04:cb:35:10:ba:38:48:4f:c0:3d:
8f:de:8e:9b:6e:08:ad:1b:4c:f5:80:7d:90:3d:69:
2b:f3:29:f8:b0:8c:8e:15:7d:a6:db:49:9e:ef:ec:
ae:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:83:A1:3A:FD:1F:F0:CE:CC:31:F6:1A:CB:99:86:41:25:32:71:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76e23380-f760-4573-8d9a-544a7dd4391f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d033:8000::/40
Signature Algorithm: sha256WithRSAEncryption
06:5b:7e:0c:fa:85:ba:ed:c0:7e:7c:32:9f:71:37:bd:24:9a:
d9:75:40:dd:3d:88:93:93:6f:9d:9c:8c:7b:46:7f:ca:9b:d6:
9a:be:42:e3:b2:3a:89:72:13:c2:21:96:45:5b:08:cf:e6:55:
e7:1c:a9:f8:24:32:04:02:c1:dd:ca:c7:eb:52:ac:c0:69:23:
b0:04:e9:0b:0b:3b:a3:cc:a8:3f:c4:95:7d:3b:aa:e1:56:99:
0b:ef:77:a3:25:29:54:d8:27:ac:7d:d1:90:2d:f0:36:b2:0e:
a2:82:23:46:7f:45:86:6b:3c:89:5b:c5:eb:21:e4:c1:e4:21:
56:e8:76:7d:32:5e:80:18:df:30:1b:68:a7:a6:70:f2:22:b1:
32:3c:64:8f:17:53:2e:8f:e5:70:f3:a5:75:40:55:85:51:a3:
76:60:71:2c:00:6b:3a:82:18:42:d3:99:69:e2:f1:8b:00:8a:
e1:fa:df:d1:1a:22:bd:d6:0f:ec:e4:23:16:23:b5:9f:2f:ab:
30:86:fc:85:5e:df:34:13:87:fc:29:bb:4b:b3:7d:ba:12:f9:
ee:4e:d7:94:3d:db:b3:8a:a5:b8:fb:24:84:31:e6:9d:67:02:
b7:fd:91:f4:5a:97:12:c9:b9:70:bd:8a:63:10:2a:cc:fd:1c:
97:60:f7:ce
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDFh4yQ7wN0dwi7SmlVyheTSJvBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQwMDZaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkZjQzZjI0ZjQ2MjI0ZGFkODczZTQ0YWNiNjc4YTkwOWFlYTc3ZmMwNTcy
NDdhZThiM2E1MWU3MGRlZTdjZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/+XXqrpHrBNGrNzdYUuMTjHEt+n9Dz+B4FDFuS2hLARFRSKbczZ4RWPI96
CtGXhRPfzcuRaqdwqFsYi1vgC9Y0/XKHkuNWXD0ndkVb9VpikuUAkfGMwYLTGite
upW7Wfd6zh7Rs5bkcXoWFk/ZA/vveqd8epclfeDQ9XPxd3JxXG1Y1h7/dENtailm
WlKOLHv1y7afXs9C3buwQI8Ie53lZXtorMH7BzvwfqeCrK158KIfniGi8ZNZZGvy
uC+GnpWA5rT+V5lqMu5ucuIjtWW2uAjyreEEyzUQujhIT8A9j96Om24IrRtM9YB9
kD1pK/Mp+LCMjhV9pttJnu/srqUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTng6E6
/R/wzswx9hrLmYZBJTJxljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZlMjMzODAtZjc2MC00NTczLThkOWEtNTQ0YTdkZDQzOTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DOA
MA0GCSqGSIb3DQEBCwUAA4IBAQAGW34M+oW67cB+fDKfcTe9JJrZdUDdPYiTk2+d
nIx7Rn/Km9aavkLjsjqJchPCIZZFWwjP5lXnHKn4JDIEAsHdysfrUqzAaSOwBOkL
CzujzKg/xJV9O6rhVpkL73ejJSlU2CesfdGQLfA2sg6igiNGf0WGazyJW8XrIeTB
5CFW6HZ9Ml6AGN8wG2inpnDyIrEyPGSPF1Muj+Vw86V1QFWFUaN2YHEsAGs6ghhC
05lp4vGLAIrh+t/RGiK91g/s5CMWI7WfL6swhvyFXt80E4f8KbtLs326EvnuTteU
PduziqW4+ySEMeadZwK3/ZH0WpcSyblwvYpjECrM/RyXYPfO
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:15:16 2026 by rpki-client