Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
File: a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa (raw, json)
Hash identifier: 9ZfT+k/IhHM0VHDZHOoLC5Ff8JGXGrvy1y4hFY7oO8o=
Subject key identifier: 59:4D:AA:2B:6C:DC:45:7B:41:A1:14:02:79:42:CC:0A:53:B8:8F:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 379073EEDE0BF5E6E3B91D2AD4E4471169919A25
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
Signing time: Mon 27 Apr 2026 00:40:06 +0000
ROA not before: Mon 27 Apr 2026 00:40:06 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:90:73:ee:de:0b:f5:e6:e3:b9:1d:2a:d4:e4:47:11:69:91:9a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:40:06 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=d8873d02bca470e2fe665cdae3cb012f850559400e06366f698bd22273743cf7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:85:32:7d:e8:b2:13:01:b0:58:4d:63:f1:23:
75:09:3a:65:0e:74:7b:57:6b:dc:7e:94:96:fb:65:
93:f8:a1:d2:6f:c8:6f:bd:07:75:49:bd:ea:96:84:
07:e1:54:5c:d3:e2:dc:c8:68:c2:de:2c:31:5a:e3:
1f:44:72:f2:a9:90:61:02:eb:fb:47:9e:b7:9d:83:
60:ab:21:e0:b3:3b:fd:e8:94:64:e2:0d:2c:08:58:
16:51:c2:86:6b:fc:dc:4c:8a:9b:f8:91:e3:59:d5:
cc:c0:d5:1d:3a:b6:16:df:d1:3c:61:da:c1:95:c9:
68:1f:1f:32:91:7c:03:7f:75:4b:9c:0f:68:d1:c7:
bd:6d:a9:da:28:1f:53:cf:5e:a7:e0:41:9c:40:1c:
3d:7a:46:5f:a6:1b:b5:bf:9a:5a:bc:bc:32:ec:55:
86:67:63:3e:e1:bd:13:72:d5:e0:d9:99:07:88:e5:
30:b0:ee:b2:9e:cf:86:bf:f9:99:95:7b:40:b1:71:
5c:5f:bb:9c:bf:bf:4e:1f:7b:8c:c5:b0:df:45:94:
25:d6:ce:eb:b7:f5:4e:33:ed:19:7d:ce:6d:5a:91:
12:69:81:38:31:87:1e:34:cc:46:d0:7f:6a:7c:f6:
ae:9a:91:df:50:64:01:af:c9:50:48:03:13:46:99:
a9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:4D:AA:2B:6C:DC:45:7B:41:A1:14:02:79:42:CC:0A:53:B8:8F:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
7b:10:d3:e1:44:42:c7:67:c2:6c:f6:d3:0b:c9:93:66:c7:ab:
f2:9b:64:6f:0c:9d:3e:c0:3c:d7:c8:e5:77:7d:91:b1:ac:6c:
7d:36:61:54:9c:7b:b7:3c:c2:77:d4:0a:aa:99:f4:46:85:f7:
7f:95:f2:30:aa:3f:81:2a:5f:10:f2:b9:50:d6:69:90:85:bf:
7a:30:63:cc:48:a4:3b:dd:ca:1e:89:2a:05:80:d4:d5:e3:e6:
da:02:19:a1:b7:7b:7f:e6:ff:41:d8:d2:05:b9:4f:32:5d:fd:
6d:b8:c8:9c:8d:df:dc:56:88:08:e1:25:f5:17:a9:75:bc:86:
7a:17:18:11:d0:55:ba:d6:04:e6:32:70:8d:6f:a9:33:fc:b0:
07:65:2b:eb:c1:23:70:1d:d4:60:b4:9a:f8:6d:e3:6e:77:07:
f0:bb:68:4e:16:22:87:eb:c0:97:19:08:93:a5:2b:14:fe:0a:
c9:75:b1:b9:3a:30:20:3a:ee:14:07:d6:5f:bb:5d:e1:33:0e:
c2:b3:58:9c:06:f5:fa:90:eb:62:9b:2b:58:1b:4c:ab:aa:fe:
c0:bf:fa:e8:55:b5:31:b5:2f:48:b0:02:6f:ea:84:8e:13:73:
ef:be:b8:7b:e0:4b:2e:58:b3:77:4b:6d:78:e6:6b:76:18:02:
49:91:cf:f2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUN5Bz7t4L9ebjuR0q1ORHEWmRmiUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDQwMDZaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4ODczZDAyYmNhNDcwZTJmZTY2NWNkYWUzY2IwMTJmODUwNTU5NDAwZTA2
MzY2ZjY5OGJkMjIyNzM3NDNjZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCFMn3oshMBsFhNY/EjdQk6ZQ50e1dr3H6Ulvtlk/ih0m/Ib70HdUm96paE
B+FUXNPi3Mhowt4sMVrjH0Ry8qmQYQLr+0eet52DYKsh4LM7/eiUZOINLAhYFlHC
hmv83EyKm/iR41nVzMDVHTq2Ft/RPGHawZXJaB8fMpF8A391S5wPaNHHvW2p2igf
U89ep+BBnEAcPXpGX6Ybtb+aWry8MuxVhmdjPuG9E3LV4NmZB4jlMLDusp7Phr/5
mZV7QLFxXF+7nL+/Th97jMWw30WUJdbO67f1TjPtGX3ObVqREmmBODGHHjTMRtB/
anz2rpqR31BkAa/JUEgDE0aZqQUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRZTaor
bNxFe0GhFAJ5QswKU7iP0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTJhZTAxZjEtYWQyMC00ZTkyLTliYzYtZjAzZWRlOTdlMTZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DSA
wDANBgkqhkiG9w0BAQsFAAOCAQEAexDT4URCx2fCbPbTC8mTZser8ptkbwydPsA8
18jld32RsaxsfTZhVJx7tzzCd9QKqpn0RoX3f5XyMKo/gSpfEPK5UNZpkIW/ejBj
zEikO93KHokqBYDU1ePm2gIZobd7f+b/QdjSBblPMl39bbjInI3f3FaICOEl9Rep
dbyGehcYEdBVutYE5jJwjW+pM/ywB2Ur68EjcB3UYLSa+G3jbncH8LtoThYih+vA
lxkIk6UrFP4KyXWxuTowIDruFAfWX7td4TMOwrNYnAb1+pDrYpsrWBtMq6r+wL/6
6FW1MbUvSLACb+qEjhNz7764e+BLLlizd0tteOZrdhgCSZHP8g==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:33:45 2026 by rpki-client