Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
File: d8bdec55-5207-4e20-a65b-ee864a734245.roa (raw, json)
Hash identifier: KeqSvuGzkjTGBagB+zjslL9Q3Lf1AIiDJAv3IRG6glg=
Subject key identifier: 0C:31:09:F7:8A:3F:A3:0A:0F:CD:2C:ED:6A:AD:70:48:E9:FB:3C:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F8C1DF676F50CDCD22FDEA365AD0C06B6174EDF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
Signing time: Mon 27 Apr 2026 00:40:04 +0000
ROA not before: Mon 27 Apr 2026 00:40:04 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:8c:1d:f6:76:f5:0c:dc:d2:2f:de:a3:65:ad:0c:06:b6:17:4e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:40:04 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=2d73cf2a1ca5f21840c3f2d7f74c26fd741f196159e46992f469a3e1d1fd805b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6b:be:d8:09:ce:d6:f5:7a:d7:68:62:07:2e:
92:0f:0b:11:82:63:8e:75:81:1a:62:93:ab:27:9e:
49:78:3f:45:db:79:40:9a:ed:a9:ca:e1:72:b6:ec:
32:9d:7b:ab:cc:25:a3:2d:f8:b5:f0:a6:11:45:40:
81:8c:77:8f:7b:14:2b:4e:f8:d9:4b:3b:31:d8:7e:
70:f1:99:d6:2b:97:7e:e0:99:34:25:ed:59:c0:37:
80:14:8c:28:ec:f1:18:6b:d3:92:7d:5d:3b:d9:58:
d8:ea:0a:2b:22:1b:cc:a2:e8:fc:64:4a:23:63:53:
72:1a:08:a4:bf:9f:2c:56:21:77:af:bc:90:cf:9f:
b0:9e:7c:46:98:e3:cf:13:83:e2:ba:f4:5e:13:b4:
8e:1e:54:c9:63:cd:7a:89:72:01:e3:8a:9f:65:7c:
a2:67:fc:83:e6:a3:33:9a:bc:67:39:39:56:be:b8:
2e:11:9e:ba:44:1b:6e:17:0e:64:f3:8f:d0:b9:f5:
22:41:de:fd:ee:b6:ad:8a:13:aa:af:9c:b1:8e:32:
05:6c:41:bd:fc:ec:42:e5:74:36:9e:52:97:4d:c2:
cf:fe:7c:50:fb:d5:c5:cf:51:7e:f0:69:bb:b5:8d:
b8:de:c1:bd:10:cd:91:f8:94:ae:7c:25:89:0f:c2:
47:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:31:09:F7:8A:3F:A3:0A:0F:CD:2C:ED:6A:AD:70:48:E9:FB:3C:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8080::/46
Signature Algorithm: sha256WithRSAEncryption
20:c6:91:d9:6a:42:f1:e9:13:de:c1:e2:e9:cb:4d:05:26:09:
cf:9c:bb:c8:0a:50:9b:6f:85:ee:e7:27:67:57:cc:bd:ae:9c:
da:f0:b7:78:5e:9b:fb:c4:b2:10:2b:f0:bc:d4:59:8e:b5:32:
18:73:85:b7:87:bf:a9:05:78:c9:31:07:a2:22:2f:fd:33:53:
61:1f:9f:72:18:21:ac:b8:26:f9:99:c4:48:4e:66:91:4f:71:
d1:a2:12:2f:24:85:0a:79:99:f6:a7:54:c5:12:aa:9e:f4:fa:
a4:50:ae:13:2e:a9:ca:10:92:83:99:27:50:fa:8d:bd:4d:a3:
80:e7:61:b0:3a:5e:ed:36:a5:aa:e0:7d:fb:96:0a:7f:a2:79:
7d:36:ae:58:8b:46:9a:96:6b:af:72:d6:b9:21:bd:42:51:b6:
f1:7a:80:9a:ba:ca:02:c8:fa:6e:73:68:d9:c1:40:1c:6a:26:
cb:58:d0:14:f9:70:90:28:05:de:de:8b:3c:40:7d:39:35:d7:
f3:ed:b1:a7:a3:0a:3d:5f:5c:de:4c:37:b2:09:6c:23:7c:0b:
3d:ff:b1:08:a7:2c:38:38:07:11:6f:86:29:6f:05:5b:a5:e0:
83:e6:1a:19:b5:7c:58:cc:e8:b0:12:37:ab:33:5e:a3:92:51:
2c:dd:f7:18
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUL4wd9nb1DNzSL96jZa0MBrYXTt8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDQwMDRaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNzNjZjJhMWNhNWYyMTg0MGMzZjJkN2Y3NGMyNmZkNzQxZjE5NjE1OWU0
Njk5MmY0NjlhM2UxZDFmZDgwNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVrvtgJztb1etdoYgcukg8LEYJjjnWBGmKTqyeeSXg/Rdt5QJrtqcrhcrbs
Mp17q8wloy34tfCmEUVAgYx3j3sUK0742Us7Mdh+cPGZ1iuXfuCZNCXtWcA3gBSM
KOzxGGvTkn1dO9lY2OoKKyIbzKLo/GRKI2NTchoIpL+fLFYhd6+8kM+fsJ58Rpjj
zxOD4rr0XhO0jh5UyWPNeolyAeOKn2V8omf8g+ajM5q8Zzk5Vr64LhGeukQbbhcO
ZPOP0Ln1IkHe/e62rYoTqq+csY4yBWxBvfzsQuV0Np5Sl03Cz/58UPvVxc9RfvBp
u7WNuN7BvRDNkfiUrnwliQ/CR0cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQMMQn3
ij+jCg/NLO1qrXBI6fs8szAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhiZGVjNTUtNTIwNy00ZTIwLWE2NWItZWU4NjRhNzM0MjQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DSA
gDANBgkqhkiG9w0BAQsFAAOCAQEAIMaR2WpC8ekT3sHi6ctNBSYJz5y7yApQm2+F
7ucnZ1fMva6c2vC3eF6b+8SyECvwvNRZjrUyGHOFt4e/qQV4yTEHoiIv/TNTYR+f
chghrLgm+ZnESE5mkU9x0aISLySFCnmZ9qdUxRKqnvT6pFCuEy6pyhCSg5knUPqN
vU2jgOdhsDpe7TalquB9+5YKf6J5fTauWItGmpZrr3LWuSG9QlG28XqAmrrKAsj6
bnNo2cFAHGomy1jQFPlwkCgF3t6LPEB9OTXX8+2xp6MKPV9c3kw3sglsI3wLPf+x
CKcsODgHEW+GKW8FW6Xgg+YaGbV8WMzosBI3qzNeo5JRLN33GA==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:32:32 2026 by rpki-client