Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7fb9ce3-e814-4cb1-abaa-41df47ac8057.roa
File: e7fb9ce3-e814-4cb1-abaa-41df47ac8057.roa (raw, json)
Hash identifier: 52NoSAYMdyoJQDDCUXWKaiN5V6kiktNeMR5oiQfSrns=
Subject key identifier: 80:C4:FF:99:E7:F1:90:01:A8:B4:E9:20:1B:C7:B4:07:D6:FA:C1:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6510A37A5B517361BBB6445C64FFC77ECB9A939C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7fb9ce3-e814-4cb1-abaa-41df47ac8057.roa
Signing time: Mon 16 Mar 2026 14:51:38 +0000
ROA not before: Mon 16 Mar 2026 14:51:38 +0000
ROA not after: Sun 14 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 08:03:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:10:a3:7a:5b:51:73:61:bb:b6:44:5c:64:ff:c7:7e:cb:9a:93:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 16 14:51:38 2026 GMT
Not After : Jun 14 23:59:59 2026 GMT
Subject: serialNumber=35a333af2e3fdac61fa7949e6c07cd0fbe700b2e3ed9630d08e0287bb0a8aa53, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:77:cb:a9:c4:84:60:78:41:eb:eb:70:4e:cc:
58:2f:91:21:35:57:fc:20:c0:a4:61:ec:62:15:49:
7f:de:ce:68:b4:08:88:e5:dc:93:54:04:c0:50:13:
a2:04:ce:00:69:ec:09:d7:66:30:7b:6a:f1:85:97:
5f:e9:51:2f:f7:3c:7b:e9:ab:46:0a:36:4d:1b:e4:
84:d9:fe:78:ce:ee:e4:54:24:ab:a1:f0:80:79:1c:
64:97:d8:74:1e:6d:8d:b6:e4:50:1c:88:c6:5d:96:
9a:78:47:5b:f0:ac:2d:5e:5e:93:c1:51:69:59:0c:
96:ef:da:ae:b7:ad:17:96:5c:6c:e2:4d:30:a0:a2:
5f:c5:0e:49:01:c9:eb:7a:93:7c:49:df:0f:e0:74:
42:2c:5d:1d:e6:c3:d6:80:7d:fa:ba:b2:d3:cf:6a:
b8:42:1d:ba:cd:1f:24:d5:68:cf:9c:b0:05:99:c4:
53:2f:37:bf:ba:a4:11:f1:2b:5a:9c:c0:13:d4:0a:
b5:2c:61:65:5d:57:c1:f4:7b:f3:9d:c4:76:cd:53:
a6:ef:76:a1:05:2b:84:82:d4:51:3e:1c:3f:c8:a9:
eb:cb:07:97:eb:a3:55:28:e5:60:03:32:59:15:b3:
8d:57:8e:2a:03:e5:4d:0b:a4:ed:8b:32:36:82:21:
03:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C4:FF:99:E7:F1:90:01:A8:B4:E9:20:1B:C7:B4:07:D6:FA:C1:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7fb9ce3-e814-4cb1-abaa-41df47ac8057.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d::/32
Signature Algorithm: sha256WithRSAEncryption
68:78:76:17:53:85:51:f3:1e:20:5d:52:20:31:fe:1a:82:bd:
ee:79:1d:0b:6f:5e:9e:94:ef:48:52:68:7d:f0:a2:85:a8:59:
7b:2f:2e:e9:73:b4:25:b6:19:5b:ce:12:5a:c5:da:cf:e5:3c:
e3:8f:56:c5:8a:eb:b6:5f:c2:02:e4:6f:77:c7:d4:30:d2:7b:
81:f1:9f:57:c9:4a:95:7c:9c:30:23:c5:dd:ce:4a:c4:da:5d:
e4:dc:68:6b:09:19:2c:e9:5b:5f:fb:6f:fb:06:fe:9e:ed:0c:
89:51:01:68:80:78:7d:72:d6:c8:a3:6e:c6:5f:03:82:08:d0:
da:7e:55:19:df:99:09:27:0f:67:0e:c8:cd:3e:82:e6:fe:ea:
a6:c3:8f:db:94:ce:1d:22:22:09:63:40:61:58:d3:7f:fa:1c:
16:17:a7:0b:8a:63:20:58:8d:69:45:c8:dd:f5:61:3d:ca:ef:
31:ac:33:0d:e3:12:63:25:e8:02:63:02:f7:1d:be:a0:1b:86:
ac:3c:94:ae:8e:d0:e7:5b:49:bb:03:6e:00:1f:4c:df:1f:99:
87:35:15:0a:5f:8e:61:15:0e:5b:c4:f1:0f:3f:ef:b0:84:be:
31:ad:29:d7:a6:95:d3:d0:5f:ae:ae:97:08:bf:16:94:be:e0:
f4:fe:24:33
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUZRCjeltRc2G7tkRcZP/Hfsuak5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTYxNDUxMzhaFw0yNjA2MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1YTMzM2FmMmUzZmRhYzYxZmE3OTQ5ZTZjMDdjZDBmYmU3MDBiMmUzZWQ5
NjMwZDA4ZTAyODdiYjBhOGFhNTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANt3y6nEhGB4QevrcE7MWC+RITVX/CDApGHsYhVJf97OaLQIiOXck1QEwFAT
ogTOAGnsCddmMHtq8YWXX+lRL/c8e+mrRgo2TRvkhNn+eM7u5FQkq6HwgHkcZJfY
dB5tjbbkUByIxl2WmnhHW/CsLV5ek8FRaVkMlu/arretF5ZcbOJNMKCiX8UOSQHJ
63qTfEnfD+B0QixdHebD1oB9+rqy089quEIdus0fJNVoz5ywBZnEUy83v7qkEfEr
WpzAE9QKtSxhZV1XwfR7853Eds1Tpu92oQUrhILUUT4cP8ip68sHl+ujVSjlYAMy
WRWzjVeOKgPlTQuk7YsyNoIhA+kCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSAxP+Z
5/GQAai06SAbx7QH1vrBFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTdmYjljZTMtZTgxNC00Y2IxLWFiYWEtNDFkZjQ3YWM4MDU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0H0w
DQYJKoZIhvcNAQELBQADggEBAGh4dhdThVHzHiBdUiAx/hqCve55HQtvXp6U70hS
aH3wooWoWXsvLulztCW2GVvOElrF2s/lPOOPVsWK67ZfwgLkb3fH1DDSe4Hxn1fJ
SpV8nDAjxd3OSsTaXeTcaGsJGSzpW1/7b/sG/p7tDIlRAWiAeH1y1sijbsZfA4II
0Np+VRnfmQknD2cOyM0+gub+6qbDj9uUzh0iIgljQGFY03/6HBYXpwuKYyBYjWlF
yN31YT3K7zGsMw3jEmMl6AJjAvcdvqAbhqw8lK6O0OdbSbsDbgAfTN8fmYc1FQpf
jmEVDlvE8Q8/77CEvjGtKdemldPQX66ulwi/FpS+4PT+JDM=
-----END CERTIFICATE-----
Generated at Thu Mar 19 12:28:09 2026 by rpki-client