Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/173784a5-02ac-471e-bb56-8d257dd9d810.roa
File: 173784a5-02ac-471e-bb56-8d257dd9d810.roa (raw, json)
Hash identifier: dPtTnF9wpn+4cQ0tFvuBIX1FdNn7DTQwpLVzr9rj1rA=
Subject key identifier: BA:E6:27:00:E4:85:CB:8F:FA:E7:1F:50:BE:75:63:9A:8F:0A:5E:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D1D441E92EC9883D6CA9C9B58FEF6F1C47F9E82
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/173784a5-02ac-471e-bb56-8d257dd9d810.roa
Signing time: Fri 03 Apr 2026 02:30:14 +0000
ROA not before: Fri 03 Apr 2026 02:30:14 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:1d:44:1e:92:ec:98:83:d6:ca:9c:9b:58:fe:f6:f1:c4:7f:9e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:30:14 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=b9ddd7f45ffdcf22d92c94ee6a778c637bab8c5291e3c7eebad6f38bc8b031cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8a:e8:0e:48:20:4c:1e:2e:12:d0:45:28:25:
f4:5f:09:7c:6a:cf:0e:d0:b3:de:a7:63:3e:5e:cb:
c6:66:60:bc:3b:77:1b:87:0b:dd:bc:ac:fa:16:e7:
c2:79:bd:2c:af:0f:f6:c2:65:fa:76:2a:ef:56:28:
6d:66:9e:86:35:eb:a5:47:65:3b:20:9a:c2:c3:a2:
7e:80:92:ab:65:3e:ea:00:a3:01:96:78:19:58:2b:
15:16:5f:6d:9e:c3:1a:14:83:d7:87:80:2a:fc:78:
f8:af:6b:6e:d2:75:35:85:cc:74:6c:8e:b5:3e:67:
cf:33:83:53:c2:fc:eb:5c:65:8e:77:12:83:96:fe:
68:06:88:21:a0:eb:1e:8d:25:80:da:e7:f9:3e:cb:
cb:9b:a0:38:12:dd:d6:c0:98:57:33:78:e2:8f:85:
4f:70:73:99:75:96:19:b7:3b:f6:38:68:dc:43:59:
4b:38:c2:6d:87:50:28:ec:e8:83:75:f7:b5:1f:bf:
43:16:59:fd:15:08:f1:fa:45:61:80:fb:84:b8:80:
29:3e:59:35:d3:41:ec:d6:77:7c:7b:f9:be:60:bc:
22:bb:3f:b4:e3:56:46:15:94:2d:fa:e0:19:91:70:
e9:63:a8:37:4d:e0:a1:e7:c9:99:70:46:51:14:ff:
f7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E6:27:00:E4:85:CB:8F:FA:E7:1F:50:BE:75:63:9A:8F:0A:5E:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/173784a5-02ac-471e-bb56-8d257dd9d810.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:800::/40
Signature Algorithm: sha256WithRSAEncryption
14:e0:4b:3b:89:c6:19:95:d4:81:df:6e:64:0c:4f:ed:2f:c5:
fa:59:67:71:a7:2f:b6:99:d7:20:b8:a2:16:ee:eb:c1:50:e3:
49:a0:7d:2c:07:a9:72:e9:24:2d:be:eb:c0:57:5b:aa:1a:2f:
56:54:06:6f:86:62:a3:c6:c6:3e:d1:2b:b7:c4:81:48:c2:28:
38:23:2c:6b:fe:2a:94:3a:12:de:61:6a:8a:79:c5:7a:ed:13:
78:81:25:e4:f6:6c:15:f9:82:b4:b0:0c:f6:70:c6:d1:e7:12:
6f:80:b1:15:d5:63:03:ee:ed:42:c8:52:93:12:37:ca:1c:3e:
4f:e5:85:e6:7c:f2:ac:f9:b7:aa:81:8e:94:f9:fc:49:bd:7f:
d2:7a:d2:00:03:86:4b:05:42:98:c4:10:63:ef:e1:2e:3e:ce:
2d:01:18:45:e0:68:24:a1:44:4e:73:42:b8:47:01:a1:f5:93:
8a:43:36:7d:82:39:0d:36:f2:8d:05:bb:e1:30:30:d9:c2:b9:
ff:d4:4c:3c:b9:6a:30:09:26:81:8f:7f:8a:ed:2d:40:f2:44:
54:10:1b:99:8b:d0:ad:4b:4b:6e:5c:71:c7:5c:e2:a0:9b:5c:
41:3f:85:d7:2f:2d:67:de:29:dc:20:d2:70:6a:1b:83:72:90:
27:b6:ee:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULR1EHpLsmIPWypybWP728cR/noIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjMwMTRaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5ZGRkN2Y0NWZmZGNmMjJkOTJjOTRlZTZhNzc4YzYzN2JhYjhjNTI5MWUz
YzdlZWJhZDZmMzhiYzhiMDMxY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIGK6A5IIEweLhLQRSgl9F8JfGrPDtCz3qdjPl7LxmZgvDt3G4cL3bys+hbn
wnm9LK8P9sJl+nYq71YobWaehjXrpUdlOyCawsOifoCSq2U+6gCjAZZ4GVgrFRZf
bZ7DGhSD14eAKvx4+K9rbtJ1NYXMdGyOtT5nzzODU8L861xljncSg5b+aAaIIaDr
Ho0lgNrn+T7Ly5ugOBLd1sCYVzN44o+FT3BzmXWWGbc79jho3ENZSzjCbYdQKOzo
g3X3tR+/QxZZ/RUI8fpFYYD7hLiAKT5ZNdNB7NZ3fHv5vmC8Irs/tONWRhWULfrg
GZFw6WOoN03goefJmXBGURT/900CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS65icA
5IXLj/rnH1C+dWOajwpeXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTczNzg0YTUtMDJhYy00NzFlLWJiNTYtOGQyNTdkZDlkODEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GsI
MA0GCSqGSIb3DQEBCwUAA4IBAQAU4Es7icYZldSB325kDE/tL8X6WWdxpy+2mdcg
uKIW7uvBUONJoH0sB6ly6SQtvuvAV1uqGi9WVAZvhmKjxsY+0Su3xIFIwig4Iyxr
/iqUOhLeYWqKecV67RN4gSXk9mwV+YK0sAz2cMbR5xJvgLEV1WMD7u1CyFKTEjfK
HD5P5YXmfPKs+beqgY6U+fxJvX/SetIAA4ZLBUKYxBBj7+EuPs4tARhF4GgkoURO
c0K4RwGh9ZOKQzZ9gjkNNvKNBbvhMDDZwrn/1Ew8uWowCSaBj3+K7S1A8kRUEBuZ
i9CtS0tuXHHHXOKgm1xBP4XXLy1n3incINJwahuDcpAntu70
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:54:24 2026 by rpki-client