Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a41612bd-48c1-461d-af16-49857a6ff0f4.roa
File: a41612bd-48c1-461d-af16-49857a6ff0f4.roa (raw, json)
Hash identifier: 1NT/HirrtqfowJnbwCqYQm9jJ+7if448LieY9h6JPGU=
Subject key identifier: 68:86:E6:99:3A:28:AB:53:0A:1A:04:7F:91:7B:5D:E8:03:14:82:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44A39727230345DEF7CD778C7CB4EE1A6EB54D89
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a41612bd-48c1-461d-af16-49857a6ff0f4.roa
Signing time: Thu 12 Mar 2026 15:41:27 +0000
ROA not before: Thu 12 Mar 2026 15:41:27 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:a3:97:27:23:03:45:de:f7:cd:77:8c:7c:b4:ee:1a:6e:b5:4d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:41:27 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=0ef992f7a6e687cebb6e5517520ce2a5c3a5ef60f8b89c2fef558b9e08a92fa6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:78:4c:f8:d7:da:8b:10:bf:2d:4f:22:a9:6d:
bf:a8:e2:fd:63:f0:e9:8f:4d:61:99:86:36:bd:32:
4d:16:ba:37:b2:ce:32:28:82:2b:2e:12:02:8b:02:
f6:f4:b1:48:d5:2f:18:7d:5b:4a:13:3b:18:59:87:
f8:a8:53:a9:65:47:5b:41:12:44:d6:d2:84:25:cc:
12:f4:ce:9e:62:59:aa:28:e5:1d:71:ff:e7:78:a3:
dc:8a:a5:c7:9f:f9:a5:20:80:31:eb:96:1d:7d:8d:
ff:02:98:88:1f:17:92:20:b7:06:27:54:54:2a:12:
aa:01:dc:7e:a1:a6:07:5b:ee:ae:9f:50:ae:09:21:
80:91:39:a9:eb:09:1b:4f:75:3c:62:cd:3e:7c:bc:
33:29:c4:58:c3:26:1f:b4:bd:e6:6e:01:4f:cd:57:
c9:e1:dc:ef:e9:7d:3f:a7:8e:61:c2:de:c5:83:40:
80:9c:fd:44:38:33:23:5d:ae:43:7e:c2:73:48:b5:
ad:9f:dd:e2:19:4c:d7:67:15:5e:a0:08:12:8f:42:
44:88:ff:0e:8a:52:3c:30:f5:11:bd:b6:31:13:bd:
9e:30:78:96:00:cd:28:04:8e:42:6d:61:5f:21:54:
3a:49:d2:d3:12:dd:36:83:8e:3e:b5:18:b4:0e:a8:
e7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:86:E6:99:3A:28:AB:53:0A:1A:04:7F:91:7B:5D:E8:03:14:82:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a41612bd-48c1-461d-af16-49857a6ff0f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
6a:89:c6:01:df:3c:75:59:8b:51:d1:a4:f1:fd:6c:3a:e7:49:
21:cf:73:10:da:a0:54:06:de:ec:b3:59:3f:02:e5:cf:de:44:
1f:1f:81:8c:e5:4c:5f:5a:3d:b0:37:11:e2:62:ec:2e:2a:c4:
a2:73:b6:b2:1e:86:b4:a7:56:fc:70:40:0f:73:09:22:91:c8:
87:1b:cd:b5:9c:3f:d7:bb:1e:35:99:24:7b:aa:40:fe:19:11:
59:a2:26:63:c4:0a:bc:91:28:18:fa:4b:df:5a:92:c9:79:bf:
c5:ed:3d:02:38:d6:cc:c0:0c:75:73:2e:a0:27:ab:ac:cf:6a:
b2:c8:dc:33:bc:eb:60:7b:1b:a7:69:69:58:81:e0:63:f2:f9:
50:7e:a8:47:37:7d:24:d4:ff:6f:92:47:c1:f5:fd:3b:f8:d7:
d1:a3:9c:93:f9:52:52:c2:39:24:03:2b:a5:21:48:8b:34:7e:
56:4e:c4:24:3d:76:b2:32:6f:75:79:32:f5:90:c5:08:ef:72:
74:88:53:9a:1b:ac:98:89:a1:50:7a:7c:0a:ec:4e:02:54:d0:
91:3b:60:5b:71:eb:ab:fc:fe:02:f0:a6:6d:11:d6:62:06:69:
4e:eb:18:23:94:ce:6e:a8:5f:ab:dd:c7:70:b4:04:74:a5:d0:
59:55:3d:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURKOXJyMDRd73zXeMfLTuGm61TYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQxMjdaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlZjk5MmY3YTZlNjg3Y2ViYjZlNTUxNzUyMGNlMmE1YzNhNWVmNjBmOGI4
OWMyZmVmNTU4YjllMDhhOTJmYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJh4TPjX2osQvy1PIqltv6ji/WPw6Y9NYZmGNr0yTRa6N7LOMiiCKy4SAosC
9vSxSNUvGH1bShM7GFmH+KhTqWVHW0ESRNbShCXMEvTOnmJZqijlHXH/53ij3Iql
x5/5pSCAMeuWHX2N/wKYiB8XkiC3BidUVCoSqgHcfqGmB1vurp9QrgkhgJE5qesJ
G091PGLNPny8MynEWMMmH7S95m4BT81XyeHc7+l9P6eOYcLexYNAgJz9RDgzI12u
Q37Cc0i1rZ/d4hlM12cVXqAIEo9CRIj/DopSPDD1Eb22MRO9njB4lgDNKASOQm1h
XyFUOknS0xLdNoOOPrUYtA6o52UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRohuaZ
OiirUwoaBH+Re13oAxSC2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQxNjEyYmQtNDhjMS00NjFkLWFmMTYtNDk4NTdhNmZmMGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FrA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqicYB3zx1WYtR0aTx/Ww650khz3MQ2qBUBt7s
s1k/AuXP3kQfH4GM5UxfWj2wNxHiYuwuKsSic7ayHoa0p1b8cEAPcwkikciHG821
nD/Xux41mSR7qkD+GRFZoiZjxAq8kSgY+kvfWpLJeb/F7T0CONbMwAx1cy6gJ6us
z2qyyNwzvOtgexunaWlYgeBj8vlQfqhHN30k1P9vkkfB9f07+NfRo5yT+VJSwjkk
AyulIUiLNH5WTsQkPXayMm91eTL1kMUI73J0iFOaG6yYiaFQenwK7E4CVNCRO2Bb
ceur/P4C8KZtEdZiBmlO6xgjlM5uqF+r3cdwtAR0pdBZVT2g
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:14:56 2026 by rpki-client