Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e2dff05-ff60-49d2-9fe4-28bbd6d35d1f.roa
File: 8e2dff05-ff60-49d2-9fe4-28bbd6d35d1f.roa (raw, json)
Hash identifier: juUHGFo72MaleBYi/LStO23ADKaa6tl/acKvz+ygZ4Q=
Subject key identifier: 2C:85:D8:57:30:41:D1:C7:7B:0E:DB:22:02:2D:29:23:89:07:83:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2913CF105623E3F1477C1A07BDB6328D8BBE9CDC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e2dff05-ff60-49d2-9fe4-28bbd6d35d1f.roa
Signing time: Thu 12 Mar 2026 15:36:38 +0000
ROA not before: Thu 12 Mar 2026 15:36:38 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:13:cf:10:56:23:e3:f1:47:7c:1a:07:bd:b6:32:8d:8b:be:9c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:36:38 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=546c91e7d7e769ebd2b01cc0a8391aa534f15fb59047b82bf1f04c331aa45be2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fb:df:a2:6c:0d:44:3e:e2:a4:8c:00:dc:f6:
91:67:8d:20:bf:5b:80:15:01:60:b4:a3:bd:6b:43:
d8:6f:1d:bc:b3:d6:9f:8f:e8:9d:40:6f:df:5d:84:
7d:5f:05:81:b0:c0:bc:51:be:d4:28:bb:75:d3:fd:
85:e1:4f:89:46:ab:c8:e9:04:db:ac:f7:46:0f:1a:
45:87:b7:ec:8f:22:bc:f7:5c:43:14:69:82:52:11:
e2:ad:d1:00:53:f5:4c:c7:13:cb:6f:23:85:c9:9d:
51:05:cd:8c:2f:d8:67:0e:dd:6b:8c:fc:de:28:93:
12:e3:c4:86:c8:70:51:25:f2:e1:e3:25:5c:06:ca:
f4:f0:f8:ca:c9:e1:b0:36:53:97:ac:92:9a:23:f6:
3e:84:6d:67:2f:b5:66:94:41:6a:bb:2b:d3:f0:ef:
89:87:5c:e3:b4:be:a0:d9:69:d3:6e:04:b5:fa:b9:
68:d2:1e:bb:d8:ef:7c:50:ea:98:42:ed:5b:e0:f6:
61:d9:dc:5f:1f:58:14:93:4b:ce:95:d5:d3:1d:37:
ea:63:48:07:18:5f:d9:34:40:aa:0b:f0:55:68:5b:
a0:aa:a1:51:3f:ae:20:f7:1d:59:68:15:10:34:f8:
de:57:d7:15:7e:82:ce:85:bf:f8:68:b2:95:6a:7e:
fa:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:85:D8:57:30:41:D1:C7:7B:0E:DB:22:02:2D:29:23:89:07:83:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e2dff05-ff60-49d2-9fe4-28bbd6d35d1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
b3:19:02:6a:22:59:46:db:8d:9e:e9:3a:49:b3:e7:25:9f:fc:
d0:f4:da:d9:62:b8:c6:80:4d:5c:dc:5b:18:95:f3:f8:22:d5:
85:ea:1e:29:02:2b:55:0d:d6:6a:58:47:d7:9d:26:97:5b:54:
e9:f4:fb:84:bc:28:b5:e3:78:c6:4d:c2:91:4c:be:46:67:28:
e3:55:29:1c:2c:4a:1e:7e:36:17:d3:ab:27:ae:f2:5a:ff:75:
d2:f7:35:0f:c6:38:4f:2f:2f:39:31:3b:82:99:25:8b:a4:0c:
56:01:c2:cd:0f:68:f6:25:73:a6:65:ba:ec:c1:04:92:42:cc:
21:d2:ef:c1:23:85:e8:2c:20:39:7e:d3:13:fd:3d:57:34:d9:
31:71:97:07:3f:93:c9:b9:ed:9a:8d:b0:31:a0:a0:42:02:97:
19:27:55:8d:53:b3:a3:f8:6f:6e:a9:35:f9:72:7d:0b:eb:ef:
dd:6c:58:bf:f8:85:2b:6c:2d:94:5f:b2:63:e1:1e:54:a4:96:
27:02:0e:27:35:d2:65:de:d6:b4:12:a9:d6:c9:e6:54:4b:44:
dc:dd:04:00:87:79:c3:9d:40:91:9e:0d:80:92:d1:5e:f9:3e:
11:73:3a:4d:96:4b:23:88:2e:3f:0f:b9:5a:bd:55:57:1c:74:
d6:b4:4f:90
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKRPPEFYj4/FHfBoHvbYyjYu+nNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM2MzhaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NmM5MWU3ZDdlNzY5ZWJkMmIwMWNjMGE4MzkxYWE1MzRmMTVmYjU5MDQ3
YjgyYmYxZjA0YzMzMWFhNDViZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKn736JsDUQ+4qSMANz2kWeNIL9bgBUBYLSjvWtD2G8dvLPWn4/onUBv312E
fV8FgbDAvFG+1Ci7ddP9heFPiUaryOkE26z3Rg8aRYe37I8ivPdcQxRpglIR4q3R
AFP1TMcTy28jhcmdUQXNjC/YZw7da4z83iiTEuPEhshwUSXy4eMlXAbK9PD4ysnh
sDZTl6ySmiP2PoRtZy+1ZpRBarsr0/DviYdc47S+oNlp024Etfq5aNIeu9jvfFDq
mELtW+D2YdncXx9YFJNLzpXV0x036mNIBxhf2TRAqgvwVWhboKqhUT+uIPcdWWgV
EDT43lfXFX6CzoW/+GiylWp++vcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQshdhX
MEHRx3sO2yICLSkjiQeD/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGUyZGZmMDUtZmY2MC00OWQyLTlmZTQtMjhiYmQ2ZDM1ZDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FoQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAsxkCaiJZRtuNnuk6SbPnJZ/80PTa2WK4xoBN
XNxbGJXz+CLVheoeKQIrVQ3WalhH150ml1tU6fT7hLwoteN4xk3CkUy+Rmco41Up
HCxKHn42F9OrJ67yWv910vc1D8Y4Ty8vOTE7gpkli6QMVgHCzQ9o9iVzpmW67MEE
kkLMIdLvwSOF6CwgOX7TE/09VzTZMXGXBz+Tybntmo2wMaCgQgKXGSdVjVOzo/hv
bqk1+XJ9C+vv3WxYv/iFK2wtlF+yY+EeVKSWJwIOJzXSZd7WtBKp1snmVEtE3N0E
AId5w51AkZ4NgJLRXvk+EXM6TZZLI4guPw+5Wr1VVxx01rRPkA==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:21 2026 by rpki-client