Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86da4413-78aa-4722-a1a2-1b8c81e93a74.roa
File: 86da4413-78aa-4722-a1a2-1b8c81e93a74.roa (raw, json)
Hash identifier: C/jyLEXWoZg3SOG1Z2q8aW+y0yhjlL97vesg3HFiEec=
Subject key identifier: DF:64:ED:4F:B9:0A:C2:2D:D5:B1:84:48:1D:CB:7D:AC:D7:2B:4A:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A5CCF9CB97DECA6B4759856E68338B5D8B800A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86da4413-78aa-4722-a1a2-1b8c81e93a74.roa
Signing time: Thu 12 Mar 2026 15:38:26 +0000
ROA not before: Thu 12 Mar 2026 15:38:26 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:5c:cf:9c:b9:7d:ec:a6:b4:75:98:56:e6:83:38:b5:d8:b8:00:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:38:26 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=db53ea851fe0ade36ae69ff45af4867dd294415972b18a5948f60c59d9cc4095, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:64:d4:87:15:2d:55:d8:ce:08:16:6a:5a:93:
12:2b:2a:89:38:bf:2c:f7:3e:c5:e0:5a:24:2a:b1:
41:4c:0e:08:cc:58:6e:6c:c6:49:a0:db:64:5b:17:
f0:84:c4:96:31:c5:8a:fc:68:c2:8b:80:dc:41:ff:
89:03:4b:92:b9:08:b4:cc:ab:c9:23:6e:53:52:c2:
2d:ec:47:f5:86:95:d1:81:61:49:57:fb:ee:2f:5e:
04:0b:87:97:36:30:df:d5:67:b6:23:a0:a5:df:d1:
d8:2f:fd:e0:3d:d4:92:ce:34:a9:b8:f6:fa:16:90:
8e:00:3c:1a:3d:a2:14:c8:ab:f9:31:d5:59:70:78:
81:85:3c:a0:be:32:9b:cd:f4:ec:ba:44:a1:00:10:
56:22:3f:8d:22:f5:d2:d3:2f:83:18:c2:c1:f1:ec:
c1:ea:b2:48:7d:3b:8a:5a:98:e7:2d:d9:9c:a0:7f:
57:2e:4c:e2:4f:1a:b9:08:05:20:6f:c9:a8:11:c4:
e1:df:12:bb:dd:7d:a2:61:17:0b:a3:59:e2:9c:06:
e8:ca:9c:c2:c6:f5:c7:8a:5a:c5:72:46:75:42:85:
d4:78:a1:95:81:4d:c8:26:09:db:fc:54:09:90:fb:
69:df:23:bf:82:71:00:4b:97:9b:d1:a4:df:cc:68:
e3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:64:ED:4F:B9:0A:C2:2D:D5:B1:84:48:1D:CB:7D:AC:D7:2B:4A:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86da4413-78aa-4722-a1a2-1b8c81e93a74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
44:f0:59:01:ca:0d:a2:c5:13:2f:61:c1:34:8c:f2:87:1b:87:
bf:03:89:32:ff:0e:1c:fd:88:e7:ee:bc:60:fc:2a:e3:e9:44:
69:d7:50:97:92:a9:6c:f5:26:20:20:91:af:50:a6:cb:5f:e3:
ae:64:db:88:db:64:1e:f3:cb:3b:7a:f0:ce:af:ed:e6:ea:3c:
56:2e:d9:61:7b:d7:6a:75:2b:bd:e2:f4:d2:3d:81:b8:f7:67:
1c:4b:4d:eb:7b:f1:22:b1:99:62:19:bd:7f:1e:17:2f:96:88:
93:25:8e:7f:62:0d:bb:d5:2c:59:0f:82:e6:2e:b3:62:f8:80:
db:92:1c:e8:e8:77:31:da:d8:d2:20:e1:74:32:25:a0:9e:7a:
d6:d3:33:bd:72:f0:fd:45:f6:4f:41:f7:df:4f:60:3e:93:85:
56:ff:c6:ac:a6:36:a3:3c:68:f5:f5:22:1c:b5:0a:d1:1d:61:
f2:f0:91:b1:91:74:f5:be:a6:40:a9:0e:2b:73:6a:60:d5:1c:
62:3d:a1:2e:fb:20:2e:fb:7d:09:dd:bf:fb:7d:8d:9a:50:cf:
6b:3d:80:af:24:64:13:52:9f:c1:36:ca:e6:47:3f:64:cb:93:
94:61:93:ce:73:0a:28:dd:c1:61:ea:bf:0b:de:41:15:60:c7:
33:89:fc:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGlzPnLl97Ka0dZhW5oM4tdi4AKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM4MjZaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiNTNlYTg1MWZlMGFkZTM2YWU2OWZmNDVhZjQ4NjdkZDI5NDQxNTk3MmIx
OGE1OTQ4ZjYwYzU5ZDljYzQwOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtk1IcVLVXYzggWalqTEisqiTi/LPc+xeBaJCqxQUwOCMxYbmzGSaDbZFsX
8ITEljHFivxowouA3EH/iQNLkrkItMyrySNuU1LCLexH9YaV0YFhSVf77i9eBAuH
lzYw39VntiOgpd/R2C/94D3Uks40qbj2+haQjgA8Gj2iFMir+THVWXB4gYU8oL4y
m8307LpEoQAQViI/jSL10tMvgxjCwfHsweqySH07ilqY5y3ZnKB/Vy5M4k8auQgF
IG/JqBHE4d8Su919omEXC6NZ4pwG6Mqcwsb1x4paxXJGdUKF1HihlYFNyCYJ2/xU
CZD7ad8jv4JxAEuXm9Gk38xo48cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTfZO1P
uQrCLdWxhEgdy32s1ytKqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODZkYTQ0MTMtNzhhYS00NzIyLWExYTItMWI4YzgxZTkzYTc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H0Q
wDANBgkqhkiG9w0BAQsFAAOCAQEARPBZAcoNosUTL2HBNIzyhxuHvwOJMv8OHP2I
5+68YPwq4+lEaddQl5KpbPUmICCRr1Cmy1/jrmTbiNtkHvPLO3rwzq/t5uo8Vi7Z
YXvXanUrveL00j2BuPdnHEtN63vxIrGZYhm9fx4XL5aIkyWOf2INu9UsWQ+C5i6z
YviA25Ic6Oh3MdrY0iDhdDIloJ561tMzvXLw/UX2T0H3309gPpOFVv/GrKY2ozxo
9fUiHLUK0R1h8vCRsZF09b6mQKkOK3NqYNUcYj2hLvsgLvt9Cd2/+32NmlDPaz2A
ryRkE1KfwTbK5kc/ZMuTlGGTznMKKN3BYeq/C95BFWDHM4n8Vg==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:14:54 2026 by rpki-client