Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9ba4ecc-98e7-495a-ad67-75475de18ae4.roa
File: e9ba4ecc-98e7-495a-ad67-75475de18ae4.roa (raw, json)
Hash identifier: hleRrw5PSH87zpDTPI3sYJbLf/ZNjeyoitOkX0TROZM=
Subject key identifier: 7B:A3:79:11:49:9F:53:96:41:8B:3C:BC:B2:11:3D:60:C8:B2:1A:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 420D4A6540B9390FAC0C28A5AAEBB23F8203652D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9ba4ecc-98e7-495a-ad67-75475de18ae4.roa
Signing time: Thu 12 Mar 2026 15:38:35 +0000
ROA not before: Thu 12 Mar 2026 15:38:35 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:0d:4a:65:40:b9:39:0f:ac:0c:28:a5:aa:eb:b2:3f:82:03:65:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:38:35 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=f534339a6e8e8b4753a31beaf6189bef8cdb9e5759b71b8ff1f794b328bcaec5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:07:10:70:4e:f5:c0:c9:ab:1b:29:84:75:ef:
67:ef:b8:b1:b2:3a:b3:c7:25:94:40:fd:42:9d:4c:
93:07:cf:4a:8c:83:d5:40:9a:da:e9:8f:dd:c7:81:
e2:e4:a0:fd:9c:01:91:29:90:68:45:f4:bb:64:b8:
ea:59:5a:5d:8f:a4:cd:84:29:0f:57:51:a0:b1:b6:
fe:14:1c:e3:eb:26:16:c0:45:c3:3f:24:da:07:08:
b1:a1:7d:de:4b:ac:9d:91:87:2f:85:e2:98:8e:68:
7a:7c:04:20:85:02:4e:4c:cc:58:70:f9:87:93:9f:
af:33:13:22:e0:84:31:22:d6:f1:20:ae:5e:e5:05:
71:b9:e7:aa:bd:04:9d:cb:17:e4:d6:96:2f:b7:64:
8c:7c:67:65:9a:46:46:a8:d9:33:3f:30:39:5d:ef:
d0:22:ac:5c:8d:19:ce:fe:c7:a4:60:b7:9f:10:4b:
3d:1b:43:c5:bf:dc:36:e0:69:19:c6:9f:b9:ae:5b:
eb:30:a7:df:73:df:59:04:18:12:1d:0e:cb:75:70:
b4:0e:ab:38:b7:7b:7e:eb:e3:0d:d8:da:e3:94:15:
06:52:f8:72:fa:f0:b6:01:7b:82:8e:c9:87:96:ae:
85:e1:9c:68:87:17:78:10:0c:e4:64:e3:70:c7:db:
3d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A3:79:11:49:9F:53:96:41:8B:3C:BC:B2:11:3D:60:C8:B2:1A:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9ba4ecc-98e7-495a-ad67-75475de18ae4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:880::/48
Signature Algorithm: sha256WithRSAEncryption
3c:89:20:ba:d4:dd:53:a6:e1:17:14:45:d7:4a:14:f3:a3:1e:
cf:0f:1f:a0:df:9d:c9:ac:e1:ae:cd:22:f0:ba:cc:2b:e0:2f:
a3:b1:49:62:59:1c:8c:e4:42:f4:40:34:48:1a:79:31:ac:71:
1a:14:84:c3:a5:8a:1d:54:77:73:4b:ef:91:3a:12:a8:54:6a:
38:82:7d:2e:35:f9:4b:be:a0:3e:6e:a1:12:e6:b1:61:12:00:
fd:bb:06:22:93:ca:4f:da:dd:7a:21:3b:98:25:d5:cb:55:5b:
95:32:6b:52:b4:db:56:63:08:a7:2f:1d:3c:47:81:45:1f:17:
c8:a8:26:b7:ab:6b:63:2d:44:99:95:a2:dd:d6:5f:47:05:95:
a5:63:86:4e:38:e8:a1:76:0f:49:50:05:e4:04:c8:5f:c0:cc:
4c:5c:ca:fb:0c:48:89:43:cb:94:48:7f:dd:20:37:3d:4e:3e:
5a:e9:49:48:bb:54:40:ad:7f:39:a9:3d:cf:32:57:84:b8:5f:
6a:96:5f:92:8e:1f:ed:84:10:aa:37:da:10:42:93:cc:65:ad:
de:f1:11:3c:0e:7f:89:58:05:84:98:0d:a1:66:e0:6a:89:c6:
e7:41:ff:eb:6b:b5:c9:81:d7:eb:1a:7f:57:d3:dc:95:f0:ff:
01:8e:9a:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQg1KZUC5OQ+sDCilquuyP4IDZS0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM4MzVaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1MzQzMzlhNmU4ZThiNDc1M2EzMWJlYWY2MTg5YmVmOGNkYjllNTc1OWI3
MWI4ZmYxZjc5NGIzMjhiY2FlYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAHEHBO9cDJqxsphHXvZ++4sbI6s8cllED9Qp1MkwfPSoyD1UCa2umP3ceB
4uSg/ZwBkSmQaEX0u2S46llaXY+kzYQpD1dRoLG2/hQc4+smFsBFwz8k2gcIsaF9
3kusnZGHL4XimI5oenwEIIUCTkzMWHD5h5OfrzMTIuCEMSLW8SCuXuUFcbnnqr0E
ncsX5NaWL7dkjHxnZZpGRqjZMz8wOV3v0CKsXI0Zzv7HpGC3nxBLPRtDxb/cNuBp
Gcafua5b6zCn33PfWQQYEh0Oy3VwtA6rOLd7fuvjDdja45QVBlL4cvrwtgF7go7J
h5auheGcaIcXeBAM5GTjcMfbPTMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR7o3kR
SZ9TlkGLPLyyET1gyLIa3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTliYTRlY2MtOThlNy00OTVhLWFkNjctNzU0NzVkZTE4YWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H0I
gDANBgkqhkiG9w0BAQsFAAOCAQEAPIkgutTdU6bhFxRF10oU86Mezw8foN+dyazh
rs0i8LrMK+Avo7FJYlkcjORC9EA0SBp5MaxxGhSEw6WKHVR3c0vvkToSqFRqOIJ9
LjX5S76gPm6hEuaxYRIA/bsGIpPKT9rdeiE7mCXVy1VblTJrUrTbVmMIpy8dPEeB
RR8XyKgmt6trYy1EmZWi3dZfRwWVpWOGTjjooXYPSVAF5ATIX8DMTFzK+wxIiUPL
lEh/3SA3PU4+WulJSLtUQK1/Oak9zzJXhLhfapZfko4f7YQQqjfaEEKTzGWt3vER
PA5/iVgFhJgNoWbgaonG50H/62u1yYHX6xp/V9PclfD/AY6a+Q==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:21 2026 by rpki-client