Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7b50434-74df-4adc-81dc-bcfbccdff7dc.roa
File: a7b50434-74df-4adc-81dc-bcfbccdff7dc.roa (raw, json)
Hash identifier: 5EnEv5cT5EqNiOmM2XVT2qvTLbottHd4LOlS39xYNgU=
Subject key identifier: 3D:E4:FF:B8:F6:68:4F:A9:52:CC:FC:D1:4E:32:E6:D3:43:CF:4C:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 345818C569E50EBAECE4720BFDCB2C0057B42EF7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7b50434-74df-4adc-81dc-bcfbccdff7dc.roa
Signing time: Thu 12 Mar 2026 15:41:33 +0000
ROA not before: Thu 12 Mar 2026 15:41:33 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:58:18:c5:69:e5:0e:ba:ec:e4:72:0b:fd:cb:2c:00:57:b4:2e:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:41:33 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=80f2fc13af87a0aea5f38a1d716cb41f93df3fac09cbbbc2e58e112d701ade25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ff:67:2f:c5:e4:c3:80:fd:c6:4f:1f:be:49:
55:12:d3:dd:71:82:19:9e:08:ce:b2:94:f6:2c:c8:
e3:ef:5b:22:31:28:ab:0a:62:12:a0:9f:d8:60:b1:
0f:80:61:d7:f6:91:7f:79:e8:17:28:15:c8:e2:81:
d5:31:22:69:4b:7f:ee:c5:79:2f:56:2b:7e:bd:98:
5e:ee:20:3d:50:5d:1e:7b:f4:e3:de:86:92:42:9d:
3c:f8:b8:a2:29:28:0d:47:78:db:08:75:b5:d0:d6:
50:0f:98:be:1d:1b:9e:f1:88:9b:35:f4:35:21:db:
5b:45:15:1b:5d:63:5a:d1:52:ae:b4:69:69:40:60:
34:5e:b9:f2:79:f8:b7:a8:58:28:1f:d7:c1:85:26:
5d:d6:77:9a:9f:d6:7e:8f:85:18:7c:09:75:44:67:
f1:76:0c:df:86:f2:7c:fd:68:68:8e:13:4c:c3:83:
f9:a5:e8:a7:df:2a:e0:d3:94:22:7a:38:88:f8:32:
44:cf:07:d2:db:0c:f5:51:70:7c:3e:51:31:84:ca:
70:7f:68:74:9e:40:8a:95:b9:22:46:2d:ff:e1:1f:
d9:e0:99:ff:0f:61:c1:42:66:fd:c5:bb:cb:1b:29:
8e:64:ba:85:24:f8:fe:ee:0b:6d:0f:a6:88:db:89:
28:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E4:FF:B8:F6:68:4F:A9:52:CC:FC:D1:4E:32:E6:D3:43:CF:4C:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7b50434-74df-4adc-81dc-bcfbccdff7dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:b000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:15:bc:27:da:70:8a:27:0d:b3:1e:26:f9:cf:6b:d3:5d:9d:
d1:d6:77:bb:bf:00:19:9a:ac:33:c0:ee:09:f5:21:da:d9:e2:
8e:fb:df:1b:07:f5:5c:3a:9a:86:3b:d3:c5:03:9e:82:a2:23:
39:21:07:9a:a2:ad:49:9c:af:1b:da:c5:2f:2f:16:b6:b7:f8:
17:1c:95:bd:b4:75:4c:58:8c:e3:aa:c2:e3:c6:d3:43:65:b0:
b4:24:d8:a0:c4:ed:cd:e8:5f:a2:2b:b1:c4:f0:92:b7:0d:e9:
68:35:ac:2c:8d:95:6e:ad:8d:45:ba:82:6e:ca:77:a8:a4:93:
64:0a:06:9b:0d:41:ea:9a:fd:2c:f4:96:be:9a:8f:c8:a9:10:
ee:30:5c:9f:a4:10:42:4d:f2:83:3b:f1:1c:e6:cf:cf:31:eb:
0d:cb:71:9b:06:78:3f:0f:51:65:bd:1d:c1:5a:03:01:f8:81:
2e:98:25:9a:97:d8:af:db:1e:fd:7b:3a:b4:97:e5:44:53:cd:
df:cf:e0:71:55:56:0f:4c:dd:86:0d:f2:eb:4a:f9:d1:53:d6:
78:27:f8:92:ed:8e:28:d2:02:ac:ba:dd:9c:38:7b:a9:7d:02:
5c:6c:f5:82:e3:ef:18:1b:b3:36:89:a0:10:e0:26:28:b6:e3:
26:73:e9:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNFgYxWnlDrrs5HIL/cssAFe0LvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQxMzNaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwZjJmYzEzYWY4N2EwYWVhNWYzOGExZDcxNmNiNDFmOTNkZjNmYWMwOWNi
YmJjMmU1OGUxMTJkNzAxYWRlMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJj/Zy/F5MOA/cZPH75JVRLT3XGCGZ4IzrKU9izI4+9bIjEoqwpiEqCf2GCx
D4Bh1/aRf3noFygVyOKB1TEiaUt/7sV5L1Yrfr2YXu4gPVBdHnv0496GkkKdPPi4
oikoDUd42wh1tdDWUA+Yvh0bnvGImzX0NSHbW0UVG11jWtFSrrRpaUBgNF658nn4
t6hYKB/XwYUmXdZ3mp/Wfo+FGHwJdURn8XYM34byfP1oaI4TTMOD+aXop98q4NOU
Ino4iPgyRM8H0tsM9VFwfD5RMYTKcH9odJ5AipW5IkYt/+Ef2eCZ/w9hwUJm/cW7
yxspjmS6hST4/u4LbQ+miNuJKKMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ95P+4
9mhPqVLM/NFOMubTQ89MmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTdiNTA0MzQtNzRkZi00YWRjLTgxZGMtYmNmYmNjZGZmN2RjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H2w
MA0GCSqGSIb3DQEBCwUAA4IBAQCLFbwn2nCKJw2zHib5z2vTXZ3R1ne7vwAZmqwz
wO4J9SHa2eKO+98bB/VcOpqGO9PFA56CoiM5IQeaoq1JnK8b2sUvLxa2t/gXHJW9
tHVMWIzjqsLjxtNDZbC0JNigxO3N6F+iK7HE8JK3DeloNawsjZVurY1FuoJuyneo
pJNkCgabDUHqmv0s9Ja+mo/IqRDuMFyfpBBCTfKDO/Ec5s/PMesNy3GbBng/D1Fl
vR3BWgMB+IEumCWal9iv2x79ezq0l+VEU83fz+BxVVYPTN2GDfLrSvnRU9Z4J/iS
7Y4o0gKsut2cOHupfQJcbPWC4+8YG7M2iaAQ4CYotuMmc+kQ
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:21 2026 by rpki-client