Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8eeffc4-b19e-4e8e-bd21-cc1cb8141d5c.roa
File: e8eeffc4-b19e-4e8e-bd21-cc1cb8141d5c.roa (raw, json)
Hash identifier: 4HDw5kj9YIza09VzKiDjh87P6cuPA9RkFdtqYHTqEDU=
Subject key identifier: A0:45:92:2C:38:00:F0:71:D8:3F:4F:F3:F8:64:D0:09:A9:97:70:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DBA725D38B190A6AB01F84B1585FEE2AD1367FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8eeffc4-b19e-4e8e-bd21-cc1cb8141d5c.roa
Signing time: Thu 12 Mar 2026 15:36:41 +0000
ROA not before: Thu 12 Mar 2026 15:36:41 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:ba:72:5d:38:b1:90:a6:ab:01:f8:4b:15:85:fe:e2:ad:13:67:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:36:41 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=e7d6c8935c7483371936ab33a97207caf166d1a4b140ff2888c9963512679d8f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4d:92:1c:9e:4d:11:39:6c:9d:2b:04:07:06:
4f:97:d2:53:86:f0:0a:31:f8:48:69:cc:db:5b:7a:
af:8d:2d:ce:35:31:af:7c:66:08:7c:84:99:16:f9:
24:ea:e0:e2:b2:30:8d:93:31:05:7a:4a:18:61:c0:
a2:b5:47:83:01:59:87:64:fd:8c:ff:38:51:4d:b3:
43:a5:81:b8:a6:0a:8f:c4:4c:39:d1:23:fb:19:44:
56:62:f7:da:14:a3:2c:f0:f0:c7:e7:8f:14:a4:9e:
08:48:9e:d9:90:e5:9a:7d:a0:d6:93:da:21:70:62:
ab:a7:05:72:f7:98:0e:61:29:97:0c:ac:3b:d7:97:
d9:76:d2:9b:5f:36:9f:d3:09:a6:63:8b:c7:2c:04:
9b:51:e6:2c:d2:05:b3:f3:bf:f4:19:45:d3:8d:f9:
4e:af:d4:df:b9:18:f9:e1:2e:40:e0:ff:72:7c:48:
73:fc:12:2a:fa:81:c1:d9:2f:ad:69:10:a2:68:b7:
70:2e:21:8b:7f:b3:91:5f:29:b4:9b:d6:2a:bd:78:
f4:6a:20:9e:80:5c:9b:e1:af:bd:a1:5f:43:9f:30:
6b:01:d5:4b:0b:07:43:ca:d6:d9:58:36:eb:ff:11:
a2:61:44:13:22:7e:42:c4:50:9a:b8:e0:a1:e4:e9:
58:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:45:92:2C:38:00:F0:71:D8:3F:4F:F3:F8:64:D0:09:A9:97:70:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8eeffc4-b19e-4e8e-bd21-cc1cb8141d5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:4080::/48
Signature Algorithm: sha256WithRSAEncryption
a2:4e:e6:d2:2f:0e:b5:79:d8:0a:b6:9d:85:67:02:55:b4:e3:
51:e0:14:ad:94:94:db:89:68:03:64:a0:74:17:02:18:c0:c3:
68:13:67:02:ba:84:e7:8a:8c:17:c4:86:dd:bd:4e:ff:57:61:
bc:6a:97:bc:ad:b0:75:f5:a2:83:52:fb:0d:c4:a6:85:65:97:
04:59:6f:14:61:e1:4b:f5:a9:a9:c7:ef:ab:0f:66:89:d6:14:
de:7d:79:f2:38:b5:0f:83:c4:66:0c:98:f7:3a:f4:17:44:93:
42:f5:be:9d:75:04:c4:8c:3f:e5:d1:d9:6c:29:92:a6:07:7f:
0e:8d:ac:ad:3a:6e:ae:78:3c:40:46:3c:03:6a:36:f4:74:4b:
74:c9:00:f9:46:58:e6:af:c8:1e:f4:1f:30:ba:86:ba:fa:df:
ff:8f:88:08:4b:7b:cf:cd:43:23:bf:6f:a9:80:c6:d8:43:8f:
d5:8c:80:18:f5:a3:46:db:8f:57:3b:50:4b:e8:b3:72:b3:5a:
4f:36:9c:0e:c9:a1:49:a3:ad:82:b4:b1:d1:67:d9:aa:8c:05:
78:f0:16:89:bd:98:1f:73:ca:01:0f:32:28:e4:f6:02:28:c7:
c5:9d:bb:98:15:87:ba:f6:1c:f8:07:c9:70:2d:c6:9e:ad:5e:
d6:1d:b9:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPbpyXTixkKarAfhLFYX+4q0TZ/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM2NDFaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3ZDZjODkzNWM3NDgzMzcxOTM2YWIzM2E5NzIwN2NhZjE2NmQxYTRiMTQw
ZmYyODg4Yzk5NjM1MTI2NzlkOGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFNkhyeTRE5bJ0rBAcGT5fSU4bwCjH4SGnM21t6r40tzjUxr3xmCHyEmRb5
JOrg4rIwjZMxBXpKGGHAorVHgwFZh2T9jP84UU2zQ6WBuKYKj8RMOdEj+xlEVmL3
2hSjLPDwx+ePFKSeCEie2ZDlmn2g1pPaIXBiq6cFcveYDmEplwysO9eX2XbSm182
n9MJpmOLxywEm1HmLNIFs/O/9BlF0435Tq/U37kY+eEuQOD/cnxIc/wSKvqBwdkv
rWkQomi3cC4hi3+zkV8ptJvWKr149GognoBcm+GvvaFfQ58wawHVSwsHQ8rW2Vg2
6/8RomFEEyJ+QsRQmrjgoeTpWDcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSgRZIs
OADwcdg/T/P4ZNAJqZdwYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZThlZWZmYzQtYjE5ZS00ZThlLWJkMjEtY2MxY2I4MTQxZDVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FpA
gDANBgkqhkiG9w0BAQsFAAOCAQEAok7m0i8OtXnYCradhWcCVbTjUeAUrZSU24lo
A2SgdBcCGMDDaBNnArqE54qMF8SG3b1O/1dhvGqXvK2wdfWig1L7DcSmhWWXBFlv
FGHhS/Wpqcfvqw9midYU3n158ji1D4PEZgyY9zr0F0STQvW+nXUExIw/5dHZbCmS
pgd/Do2srTpurng8QEY8A2o29HRLdMkA+UZY5q/IHvQfMLqGuvrf/4+ICEt7z81D
I79vqYDG2EOP1YyAGPWjRtuPVztQS+izcrNaTzacDsmhSaOtgrSx0WfZqowFePAW
ib2YH3PKAQ8yKOT2AijHxZ27mBWHuvYc+AfJcC3Gnq1e1h255A==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:22 2026 by rpki-client