Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f10836c1-eb91-4c58-a561-3a113c9a8129.roa
File: f10836c1-eb91-4c58-a561-3a113c9a8129.roa (raw, json)
Hash identifier: snjT5mvkxNE/Ujwx6xrDyaxG4nK5cx7d/bspL2n9tSU=
Subject key identifier: 12:08:DA:27:17:50:4D:C9:F6:51:CC:E9:64:1D:80:B2:80:B5:DD:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 707678F0EC0A207006CA07A319BAA1CFA0A89A01
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f10836c1-eb91-4c58-a561-3a113c9a8129.roa
Signing time: Thu 12 Mar 2026 15:39:59 +0000
ROA not before: Thu 12 Mar 2026 15:39:59 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:76:78:f0:ec:0a:20:70:06:ca:07:a3:19:ba:a1:cf:a0:a8:9a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:39:59 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=9732d2d8fd83ffcd623feceeec775e0fc4b73b5dd78e11873da406c9644dbb73, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e2:bb:02:fc:d6:d3:2c:7e:88:51:1e:8b:de:
e5:81:9f:0c:fb:61:62:01:62:52:68:c0:55:75:21:
31:d7:11:57:dd:e0:5f:4d:73:11:37:ce:f9:48:59:
a1:9c:d4:05:2b:f9:82:20:e4:7b:bf:9f:14:fe:e9:
98:c5:ee:15:c2:5f:d6:4b:c2:50:dd:83:67:05:e4:
5e:82:50:e4:36:f5:5c:b2:00:18:27:9e:27:e0:30:
9e:94:9a:8b:ff:42:23:e2:c7:35:2e:db:ca:fe:4f:
20:53:3a:27:43:35:c7:f6:10:8d:a9:84:88:9e:00:
54:30:ec:ef:51:36:ce:3e:14:3e:1a:55:65:f8:01:
02:29:67:65:40:0c:43:58:3e:93:d7:d7:7a:c4:51:
ff:19:d6:31:c4:e9:9d:a0:b2:29:4d:44:32:2e:d4:
95:7c:7a:d5:06:ef:0b:38:0b:94:a3:68:da:69:1b:
c9:28:7c:36:a1:a3:06:b9:09:e6:81:6f:d1:a4:23:
2f:1a:f4:be:98:20:a4:38:17:29:78:e7:05:97:62:
7c:ab:8e:bb:0a:7f:28:e8:b3:9b:0c:e2:7c:c6:7b:
fb:4a:a5:1a:48:cf:0d:ed:6d:89:33:fb:7b:dd:0b:
4a:38:a9:f9:4d:d1:16:b1:b0:73:72:01:48:49:d0:
fe:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:08:DA:27:17:50:4D:C9:F6:51:CC:E9:64:1D:80:B2:80:B5:DD:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f10836c1-eb91-4c58-a561-3a113c9a8129.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:c040::/48
Signature Algorithm: sha256WithRSAEncryption
43:39:c0:d7:a3:05:d3:29:39:2a:94:0c:06:78:f2:e3:dd:c3:
79:4d:b7:53:63:f7:33:02:16:bf:04:6c:1b:83:7f:b4:94:9c:
80:63:b9:0b:83:0e:2c:b2:5d:c8:0c:e4:0a:91:d0:0a:82:b8:
6c:7c:a9:e7:eb:2e:11:3e:71:7c:05:dd:aa:65:7f:0d:bb:fb:
a7:db:1c:22:09:36:fe:ee:55:94:3a:a0:82:56:4b:fe:89:bd:
77:9d:36:92:d5:0b:0a:ff:f0:d8:38:ae:7f:b6:b4:76:82:da:
e1:1b:83:ba:ff:57:57:c3:59:6b:a3:9a:11:22:ed:59:a5:30:
12:6c:cd:62:ca:df:7f:f3:d9:9e:cc:40:88:9a:6e:1c:c6:1a:
10:cd:c1:ca:88:86:e2:27:ab:f4:da:6c:26:64:09:84:0d:27:
df:d4:40:3f:52:df:5f:63:43:b9:aa:61:fb:c4:d1:29:fb:75:
4a:8b:98:87:1e:49:73:ea:14:2d:ea:c4:0c:fa:45:12:81:5a:
b5:6d:71:f8:ab:3c:e3:18:86:39:08:e9:6c:67:dd:57:ef:a7:
52:c0:95:a3:89:be:82:d4:fd:41:3c:e7:3a:82:76:98:fc:da:
ab:39:2b:1b:f2:f0:10:03:a8:80:0f:83:6f:e8:35:66:78:2e:
40:ed:00:a2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcHZ48OwKIHAGygejGbqhz6ComgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM5NTlaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3MzJkMmQ4ZmQ4M2ZmY2Q2MjNmZWNlZWVjNzc1ZTBmYzRiNzNiNWRkNzhl
MTE4NzNkYTQwNmM5NjQ0ZGJiNzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHiuwL81tMsfohRHove5YGfDPthYgFiUmjAVXUhMdcRV93gX01zETfO+UhZ
oZzUBSv5giDke7+fFP7pmMXuFcJf1kvCUN2DZwXkXoJQ5Db1XLIAGCeeJ+AwnpSa
i/9CI+LHNS7byv5PIFM6J0M1x/YQjamEiJ4AVDDs71E2zj4UPhpVZfgBAilnZUAM
Q1g+k9fXesRR/xnWMcTpnaCyKU1EMi7UlXx61QbvCzgLlKNo2mkbySh8NqGjBrkJ
5oFv0aQjLxr0vpggpDgXKXjnBZdifKuOuwp/KOizmwzifMZ7+0qlGkjPDe1tiTP7
e90LSjip+U3RFrGwc3IBSEnQ/kMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQSCNon
F1BNyfZRzOlkHYCygLXdoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEwODM2YzEtZWI5MS00YzU4LWE1NjEtM2ExMTNjOWE4MTI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3A
QDANBgkqhkiG9w0BAQsFAAOCAQEAQznA16MF0yk5KpQMBnjy493DeU23U2P3MwIW
vwRsG4N/tJScgGO5C4MOLLJdyAzkCpHQCoK4bHyp5+suET5xfAXdqmV/Dbv7p9sc
Igk2/u5VlDqgglZL/om9d502ktULCv/w2Diuf7a0doLa4RuDuv9XV8NZa6OaESLt
WaUwEmzNYsrff/PZnsxAiJpuHMYaEM3ByoiG4ier9NpsJmQJhA0n39RAP1LfX2ND
uaph+8TRKft1SouYhx5Jc+oULerEDPpFEoFatW1x+Ks84xiGOQjpbGfdV++nUsCV
o4m+gtT9QTznOoJ2mPzaqzkrG/LwEAOogA+Db+g1ZnguQO0Aog==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:15:16 2026 by rpki-client