Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ee5f1568-d635-42b5-bce8-4cfaa07e3e42.roa
File: ee5f1568-d635-42b5-bce8-4cfaa07e3e42.roa (raw, json)
Hash identifier: Mc/bPzarfbVtGFAkFicc0EcBUAkJb19ivYuXsj6mOj8=
Subject key identifier: 22:C9:A7:F2:CA:B1:4B:FB:46:A1:88:75:EE:CB:18:B4:8A:42:A4:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BC586916F3C50B6842E96C69CC83F5540E37493
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ee5f1568-d635-42b5-bce8-4cfaa07e3e42.roa
Signing time: Mon 09 Mar 2026 13:36:37 +0000
ROA not before: Mon 09 Mar 2026 13:36:37 +0000
ROA not after: Sun 07 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:c5:86:91:6f:3c:50:b6:84:2e:96:c6:9c:c8:3f:55:40:e3:74:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 9 13:36:37 2026 GMT
Not After : Jun 7 23:59:59 2026 GMT
Subject: serialNumber=d58163859b86db86916b74f343fc001247866436f5ddecc3a1b72ad032bb7310, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:47:92:e0:82:b6:67:57:04:2d:bc:b7:72:7c:
29:2d:56:2e:09:ce:76:33:69:b4:0a:06:ed:31:de:
46:14:32:e1:f8:43:1b:b1:0c:3c:cf:76:1b:ef:37:
37:cd:b1:ab:4d:25:c1:d9:8f:ab:cf:0b:f9:b2:00:
4e:20:9f:7a:da:59:5c:6c:78:49:0e:59:4e:d8:fe:
ff:60:42:6b:a0:2f:92:47:30:60:4e:ca:b1:16:32:
91:84:a9:8e:cf:08:a0:2d:39:25:47:7e:3e:0e:e0:
00:65:c4:9a:16:97:84:35:5e:5a:97:9d:7c:df:34:
14:83:30:84:41:05:03:94:59:f6:4d:14:90:ce:86:
33:b9:1d:0c:49:19:d9:0d:e0:de:49:85:61:14:c8:
3a:4d:17:e2:db:27:2f:6c:60:53:b0:f4:11:11:04:
98:cc:a8:e6:f9:10:bf:63:ef:ad:6d:51:7e:04:ed:
ee:ae:f2:60:76:13:03:36:39:53:fa:30:de:92:f1:
30:27:d0:54:d3:04:f4:a1:24:92:62:bc:1c:3f:d8:
af:f3:1c:3d:66:90:ba:d5:b3:a3:e0:a7:5a:d2:1b:
71:aa:4f:64:32:90:cf:14:b5:47:94:82:b9:52:66:
ce:b5:cf:ec:0e:73:19:85:db:a6:f0:f2:49:e7:c7:
a1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C9:A7:F2:CA:B1:4B:FB:46:A1:88:75:EE:CB:18:B4:8A:42:A4:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ee5f1568-d635-42b5-bce8-4cfaa07e3e42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f::/32
Signature Algorithm: sha256WithRSAEncryption
1d:18:7b:2c:66:77:ef:68:bb:55:07:77:8c:57:d1:c9:a3:f5:
83:f6:87:c3:32:9c:96:94:e2:a0:fd:5e:d8:dd:bc:17:0b:1f:
14:e1:0c:8b:68:ec:89:1f:fc:ed:37:36:9b:a8:81:0f:07:10:
6a:f6:5f:e7:d9:ee:86:d6:a6:38:fe:36:f1:25:44:df:cd:01:
e3:5b:73:ce:ad:cb:63:fb:00:10:b6:65:1f:8e:8e:40:b1:70:
d6:53:45:d3:b9:97:f0:74:0f:e8:fe:85:ac:28:c1:26:e7:0f:
bd:b3:06:20:06:1f:57:61:09:a1:94:a4:04:09:0e:45:4b:cd:
1d:37:a3:d5:80:61:a1:4e:e3:6d:a5:9f:3e:5e:53:02:aa:98:
46:a8:3d:30:ce:89:b3:0f:8c:02:c6:a9:15:01:2f:b6:c7:de:
53:15:c4:af:4c:11:5f:a1:fc:c6:c8:3d:08:d8:bd:09:62:69:
7f:f3:9b:e7:cc:96:c2:72:80:3c:bd:9a:5a:af:b8:71:f4:b0:
f3:30:9a:60:22:d4:ad:d4:92:af:ad:e0:f3:ff:3e:fa:85:4b:
c5:50:cf:6f:13:e9:ff:d4:74:06:21:b7:34:8f:7c:11:89:58:
8f:38:26:fb:b3:91:43:b9:b5:85:10:92:94:5c:5e:4a:55:86:
be:3c:74:ad
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUC8WGkW88ULaELpbGnMg/VUDjdJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMDkxMzM2MzdaFw0yNjA2MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1ODE2Mzg1OWI4NmRiODY5MTZiNzRmMzQzZmMwMDEyNDc4NjY0MzZmNWRk
ZWNjM2ExYjcyYWQwMzJiYjczMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRHkuCCtmdXBC28t3J8KS1WLgnOdjNptAoG7THeRhQy4fhDG7EMPM92G+83
N82xq00lwdmPq88L+bIATiCfetpZXGx4SQ5ZTtj+/2BCa6AvkkcwYE7KsRYykYSp
js8IoC05JUd+Pg7gAGXEmhaXhDVeWpedfN80FIMwhEEFA5RZ9k0UkM6GM7kdDEkZ
2Q3g3kmFYRTIOk0X4tsnL2xgU7D0EREEmMyo5vkQv2PvrW1RfgTt7q7yYHYTAzY5
U/ow3pLxMCfQVNME9KEkkmK8HD/Yr/McPWaQutWzo+CnWtIbcapPZDKQzxS1R5SC
uVJmzrXP7A5zGYXbpvDySefHoTECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQiyafy
yrFL+0ahiHXuyxi0ikKkADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWU1ZjE1NjgtZDYzNS00MmI1LWJjZTgtNGNmYWEwN2UzZTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0H8w
DQYJKoZIhvcNAQELBQADggEBAB0Yeyxmd+9ou1UHd4xX0cmj9YP2h8MynJaU4qD9
XtjdvBcLHxThDIto7Ikf/O03NpuogQ8HEGr2X+fZ7obWpjj+NvElRN/NAeNbc86t
y2P7ABC2ZR+OjkCxcNZTRdO5l/B0D+j+hawowSbnD72zBiAGH1dhCaGUpAQJDkVL
zR03o9WAYaFO422lnz5eUwKqmEaoPTDOibMPjALGqRUBL7bH3lMVxK9MEV+h/MbI
PQjYvQliaX/zm+fMlsJygDy9mlqvuHH0sPMwmmAi1K3Ukq+t4PP/PvqFS8VQz28T
6f/UdAYhtzSPfBGJWI84JvuzkUO5tYUQkpRcXkpVhr48dK0=
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:14:58 2026 by rpki-client