Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4ff81e2-fb63-4665-b6cb-d00b12a8c729.roa
File: b4ff81e2-fb63-4665-b6cb-d00b12a8c729.roa (raw, json)
Hash identifier: kYs0V+6yHgAm8JgkGs/J5J049yQatDkDgCrvj2POPRE=
Subject key identifier: AC:B9:63:A3:1C:C3:2F:8F:83:1C:E2:7F:AF:01:59:00:4B:1D:30:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25FAF1D95CCA60313AC6B84C40C4FBBAA0FFF91C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4ff81e2-fb63-4665-b6cb-d00b12a8c729.roa
Signing time: Thu 12 Mar 2026 15:40:07 +0000
ROA not before: Thu 12 Mar 2026 15:40:07 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d033:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:fa:f1:d9:5c:ca:60:31:3a:c6:b8:4c:40:c4:fb:ba:a0:ff:f9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:40:07 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=9d932e79506dc96d61124aaa59aa1c814f4986839ffd4e097f49beef541ce795, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:47:b6:88:5a:d6:92:a5:16:14:41:e1:93:3b:
e5:ce:55:4d:df:d2:df:30:b2:d3:66:56:79:5e:55:
91:75:c6:ef:84:ce:ec:cd:6b:c7:d0:06:61:82:28:
43:ad:38:1b:20:26:be:d8:55:ae:29:c4:f9:ac:d9:
7d:78:b1:28:d3:71:9f:52:96:cf:95:1d:d1:c8:2a:
d9:32:81:ae:00:23:eb:24:cf:fb:7b:17:3f:4c:67:
6c:3e:7f:6f:66:18:04:93:00:36:b3:07:11:98:da:
15:4b:bd:18:33:82:85:fc:57:aa:f2:90:8a:6e:3f:
3c:1c:b6:25:56:fc:a2:7e:28:c7:94:cd:64:04:7b:
33:a0:d2:14:4f:1d:db:1d:3a:49:5e:93:e8:c7:3f:
f5:b2:8b:b1:5f:23:3e:63:03:aa:0e:04:54:63:d3:
e9:2c:f8:71:ac:e8:95:cb:59:23:c2:bd:f0:85:1c:
ae:08:5e:d0:7f:43:ec:f5:87:11:d1:ec:1f:ac:27:
92:e0:a6:ba:c9:3c:8e:c6:25:62:62:f8:d9:5e:1f:
45:70:3a:b9:ea:39:29:65:dc:d7:ea:4f:60:c6:6b:
75:61:cf:03:fc:a7:22:a6:2e:0a:0f:d1:aa:60:46:
72:f0:3f:66:bc:b6:e7:ca:20:83:d3:92:af:f2:f9:
d9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B9:63:A3:1C:C3:2F:8F:83:1C:E2:7F:AF:01:59:00:4B:1D:30:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4ff81e2-fb63-4665-b6cb-d00b12a8c729.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d033:800::/40
Signature Algorithm: sha256WithRSAEncryption
21:97:9a:a1:57:3b:f6:5c:1a:cf:56:0f:83:fe:fc:5d:bc:8a:
95:88:f4:05:b2:af:b6:4b:55:ad:42:57:15:48:9d:c4:a2:94:
73:16:68:a4:91:40:4e:0d:26:b9:2a:da:72:2f:cd:70:d2:6a:
df:01:4b:4b:29:bf:c4:40:6c:2f:cc:a3:06:45:90:17:ef:82:
7d:88:f7:37:b6:99:e3:ca:21:23:7d:c0:48:5f:11:a1:40:b5:
a3:99:d7:03:87:44:5f:a9:8c:dd:60:67:29:d5:99:37:1c:66:
89:4e:3d:1c:a8:68:f8:c8:3d:35:17:bf:9e:0b:28:fd:3f:5a:
34:35:cb:d2:26:fd:47:ae:ea:40:68:40:1f:36:36:d1:09:16:
57:37:e4:e2:57:59:ae:32:d4:9a:81:3a:dc:ef:95:e7:1f:88:
1e:84:c4:73:98:64:fa:3f:d4:2f:aa:48:34:63:f5:89:82:4d:
ac:54:b3:0f:1f:1a:6d:df:da:ff:a6:57:4a:d0:e6:6b:25:ff:
ee:bb:ce:e3:15:e7:63:b9:8c:ce:37:45:88:26:e9:b7:b9:01:
26:07:3e:9b:77:b7:61:ae:f5:6b:75:d7:1f:26:5c:e3:a5:41:
ca:22:7d:5f:ab:fe:6b:f7:7c:1c:d3:aa:68:c1:cc:8f:36:98:
8b:cb:0a:85
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJfrx2VzKYDE6xrhMQMT7uqD/+RwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQwMDdaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkOTMyZTc5NTA2ZGM5NmQ2MTEyNGFhYTU5YWExYzgxNGY0OTg2ODM5ZmZk
NGUwOTdmNDliZWVmNTQxY2U3OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxHtoha1pKlFhRB4ZM75c5VTd/S3zCy02ZWeV5VkXXG74TO7M1rx9AGYYIo
Q604GyAmvthVrinE+azZfXixKNNxn1KWz5Ud0cgq2TKBrgAj6yTP+3sXP0xnbD5/
b2YYBJMANrMHEZjaFUu9GDOChfxXqvKQim4/PBy2JVb8on4ox5TNZAR7M6DSFE8d
2x06SV6T6Mc/9bKLsV8jPmMDqg4EVGPT6Sz4cazolctZI8K98IUcrghe0H9D7PWH
EdHsH6wnkuCmusk8jsYlYmL42V4fRXA6ueo5KWXc1+pPYMZrdWHPA/ynIqYuCg/R
qmBGcvA/Zry258ogg9OSr/L52acCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsuWOj
HMMvj4Mc4n+vAVkASx0weDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjRmZjgxZTItZmI2My00NjY1LWI2Y2ItZDAwYjEyYThjNzI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DMI
MA0GCSqGSIb3DQEBCwUAA4IBAQAhl5qhVzv2XBrPVg+D/vxdvIqViPQFsq+2S1Wt
QlcVSJ3EopRzFmikkUBODSa5KtpyL81w0mrfAUtLKb/EQGwvzKMGRZAX74J9iPc3
tpnjyiEjfcBIXxGhQLWjmdcDh0RfqYzdYGcp1Zk3HGaJTj0cqGj4yD01F7+eCyj9
P1o0NcvSJv1HrupAaEAfNjbRCRZXN+TiV1muMtSagTrc75XnH4gehMRzmGT6P9Qv
qkg0Y/WJgk2sVLMPHxpt39r/pldK0OZrJf/uu87jFedjuYzON0WIJum3uQEmBz6b
d7dhrvVrddcfJlzjpUHKIn1fq/5r93wc06powcyPNpiLywqF
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:14:59 2026 by rpki-client