Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77b6b975-322f-4b1f-ae7c-9f5f58f00cf6.roa
File: 77b6b975-322f-4b1f-ae7c-9f5f58f00cf6.roa (raw, json)
Hash identifier: 1qzB6p73ceQ03i3Or2PUgc+UBqInUt4ZObh7IWzfEQE=
Subject key identifier: 87:77:EF:DD:58:E5:77:7B:FF:0E:F9:40:D1:F8:52:74:0B:E5:87:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 584E518B6B793C029B51C35ECE3404CC512A9775
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77b6b975-322f-4b1f-ae7c-9f5f58f00cf6.roa
Signing time: Thu 12 Mar 2026 15:41:27 +0000
ROA not before: Thu 12 Mar 2026 15:41:27 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:4e:51:8b:6b:79:3c:02:9b:51:c3:5e:ce:34:04:cc:51:2a:97:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:41:27 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=2937feb05f2a6ddae6ca3e9cf0cb46005d583f5213777b084210170a18f20e2f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:66:3c:51:2a:03:e4:80:c5:e8:34:6b:43:d0:
dd:f5:34:1a:75:d6:42:18:43:85:a8:8d:8d:d5:5b:
34:21:d0:56:37:ae:85:3b:72:da:f8:07:51:9f:7d:
25:f2:78:cc:c8:c6:92:01:3f:b7:d6:f9:d2:5d:04:
e4:e1:23:1a:22:3d:0d:7c:87:bb:8a:ee:7a:7a:2b:
97:15:0c:8b:f9:c9:e3:00:a0:36:4a:e7:78:00:9d:
a5:78:d9:ed:66:db:e6:11:da:b8:9b:e2:07:66:69:
6c:a0:42:a0:d8:cf:3a:93:f7:91:03:c5:b6:fe:6f:
0e:42:4f:6f:54:bf:dc:d5:aa:c1:8f:f5:75:f0:80:
23:4a:91:97:7e:54:93:24:db:5b:43:0b:eb:f9:8d:
39:eb:48:86:da:06:39:aa:14:19:53:98:c9:6f:6b:
86:7b:6a:a9:c8:37:49:37:64:c1:e2:b2:05:ec:4d:
79:5a:0d:c4:4c:f6:eb:37:c6:be:c0:cc:b4:6f:81:
b1:11:5d:74:ee:52:2d:44:bb:80:d5:92:1c:05:98:
c3:00:e9:7d:48:78:75:6b:6c:20:a7:64:30:f9:aa:
d9:eb:09:8c:8d:f4:3d:5a:42:2d:c1:08:f7:7c:83:
72:78:67:30:7f:69:ec:63:1f:0e:66:d7:94:4c:28:
83:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:77:EF:DD:58:E5:77:7B:FF:0E:F9:40:D1:F8:52:74:0B:E5:87:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77b6b975-322f-4b1f-ae7c-9f5f58f00cf6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
64:e3:9c:b5:a4:b5:ec:52:e2:13:5c:c8:98:ac:d7:30:76:d9:
c9:45:c7:cd:b3:01:6d:c9:50:9d:8b:60:ca:2e:58:6a:d8:7a:
e5:ac:30:b8:ff:92:12:62:0e:ad:f3:68:2c:81:01:a9:f3:67:
55:b2:bc:42:33:04:43:d0:c7:fe:82:d6:62:c6:f1:72:7a:86:
9e:40:f9:fb:4c:a9:25:6f:fa:02:10:58:f8:00:e6:81:b8:c2:
62:4f:a3:fe:9a:30:1d:19:40:39:e9:bb:6c:b6:98:2c:29:ae:
e4:8f:dd:4c:1d:e6:ba:32:03:b2:cc:72:88:73:04:10:b6:26:
b8:e6:24:f8:58:a8:76:aa:a5:25:49:e2:f0:2d:a6:9f:53:aa:
68:21:f9:df:fb:c1:e4:59:bb:33:fc:d7:86:4f:38:55:27:7e:
f6:81:3f:26:61:27:8b:63:99:01:9c:07:cf:9c:bf:b5:a0:1d:
83:32:65:ec:f8:03:dc:c8:67:89:d8:8d:da:bb:be:62:c8:ee:
9e:09:27:98:d2:41:f9:6b:05:c7:10:3a:2c:d0:f0:06:b3:94:
e1:a2:88:02:e9:0b:4f:9f:10:d8:cc:cb:fa:15:56:8e:fd:0d:
62:ee:a1:79:f8:dc:30:ea:2d:ff:1a:dd:ac:9e:6c:0c:3a:ca:
e8:f6:df:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWE5Ri2t5PAKbUcNezjQEzFEql3UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQxMjdaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MzdmZWIwNWYyYTZkZGFlNmNhM2U5Y2YwY2I0NjAwNWQ1ODNmNTIxMzc3
N2IwODQyMTAxNzBhMThmMjBlMmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJmPFEqA+SAxeg0a0PQ3fU0GnXWQhhDhaiNjdVbNCHQVjeuhTty2vgHUZ99
JfJ4zMjGkgE/t9b50l0E5OEjGiI9DXyHu4ruenorlxUMi/nJ4wCgNkrneACdpXjZ
7Wbb5hHauJviB2ZpbKBCoNjPOpP3kQPFtv5vDkJPb1S/3NWqwY/1dfCAI0qRl35U
kyTbW0ML6/mNOetIhtoGOaoUGVOYyW9rhntqqcg3STdkweKyBexNeVoNxEz26zfG
vsDMtG+BsRFddO5SLUS7gNWSHAWYwwDpfUh4dWtsIKdkMPmq2esJjI30PVpCLcEI
93yDcnhnMH9p7GMfDmbXlEwog1kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHd+/d
WOV3e/8O+UDR+FJ0C+WH1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzdiNmI5NzUtMzIyZi00YjFmLWFlN2MtOWY1ZjU4ZjAwY2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fqg
MA0GCSqGSIb3DQEBCwUAA4IBAQBk45y1pLXsUuITXMiYrNcwdtnJRcfNswFtyVCd
i2DKLlhq2HrlrDC4/5ISYg6t82gsgQGp82dVsrxCMwRD0Mf+gtZixvFyeoaeQPn7
TKklb/oCEFj4AOaBuMJiT6P+mjAdGUA56btstpgsKa7kj91MHea6MgOyzHKIcwQQ
tia45iT4WKh2qqUlSeLwLaafU6poIfnf+8HkWbsz/NeGTzhVJ372gT8mYSeLY5kB
nAfPnL+1oB2DMmXs+APcyGeJ2I3au75iyO6eCSeY0kH5awXHEDos0PAGs5ThoogC
6QtPnxDYzMv6FVaO/Q1i7qF5+Nww6i3/Gt2snmwMOsro9t9D
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:17 2026 by rpki-client