Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1946a796-f152-4691-8227-f2145dd513b5.roa
File: 1946a796-f152-4691-8227-f2145dd513b5.roa (raw, json)
Hash identifier: o1sXomp/VIoEf7+biYwGtbryIe/zkGbHYjTpXaQp/Es=
Subject key identifier: 10:66:43:75:A6:5C:53:FD:E4:0C:91:68:28:88:B8:BF:8C:DF:23:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76463B844E1FA2D121B947D68B6D1556F4E7D01C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1946a796-f152-4691-8227-f2145dd513b5.roa
Signing time: Thu 16 Apr 2026 23:02:13 +0000
ROA not before: Thu 16 Apr 2026 23:02:13 +0000
ROA not after: Wed 15 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:1800::/37 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:46:3b:84:4e:1f:a2:d1:21:b9:47:d6:8b:6d:15:56:f4:e7:d0:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 16 23:02:13 2026 GMT
Not After : Jul 15 23:59:59 2026 GMT
Subject: serialNumber=881ae2bb95fed5002466791d4e322a56c9a789bdbd1d454567bb5b804ca96b50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:12:da:11:07:bd:c7:ab:ac:ca:f5:7e:f3:9c:
d0:7d:5d:e3:e1:98:16:60:6a:82:13:18:da:f1:26:
50:0f:75:f1:57:0a:f0:ce:29:30:83:81:e4:f2:b9:
90:8b:5c:b9:5a:ac:45:a1:d9:7e:3c:15:1e:3c:10:
5e:79:b8:f6:61:b3:56:32:cd:3c:b9:b6:f8:ac:eb:
85:b3:2e:a0:9b:15:ab:94:9a:5e:80:c2:08:e9:a2:
68:17:1d:32:b3:d1:0d:8c:a1:fc:66:7a:1e:9c:5a:
83:9e:cb:98:fd:ce:56:84:a2:e1:85:3d:0b:0e:b0:
e1:a8:a9:47:1f:a2:66:d7:37:2e:85:af:da:bd:78:
6a:54:c5:0f:7b:b1:10:66:c2:ab:82:e9:69:14:36:
d4:79:00:e0:8d:9d:10:ab:92:ed:d5:e0:5d:57:93:
0a:bc:61:25:6e:15:21:ae:bd:41:2c:19:01:ed:33:
55:7b:d9:61:88:e1:48:59:00:6e:8f:83:a7:bb:2c:
c7:18:64:ec:ad:8c:f3:6d:08:53:ac:8e:57:c6:eb:
b8:9d:4e:21:3a:ab:a2:7e:ff:37:f1:ae:f8:63:33:
ea:37:a4:dc:57:ae:54:4e:cf:46:4c:63:40:e0:1b:
d5:87:c0:ee:f5:eb:91:ff:75:a7:48:2b:6a:c2:39:
db:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:66:43:75:A6:5C:53:FD:E4:0C:91:68:28:88:B8:BF:8C:DF:23:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1946a796-f152-4691-8227-f2145dd513b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:1800::/37
Signature Algorithm: sha256WithRSAEncryption
0c:29:0c:dd:c9:85:81:0c:8b:95:1c:a8:39:f6:46:9c:5c:bc:
ef:e8:3f:21:2b:4f:bd:d0:f1:0b:6b:03:6e:e7:90:ba:09:23:
21:88:8d:1a:55:c0:a6:1c:3f:bf:b6:4d:19:bb:8b:01:26:b2:
77:f0:d1:64:e0:2e:8c:8b:62:b9:22:14:3c:8d:b7:b1:e9:3c:
57:87:39:e3:91:20:69:a5:73:c2:49:2c:75:a6:25:4d:1d:c4:
1e:92:3c:5d:1e:86:52:bf:26:ba:41:43:5c:82:ad:0e:9a:dc:
8c:27:d9:74:df:a7:c1:d8:af:0f:3e:24:f6:12:22:d7:0c:30:
8b:c2:e4:34:36:a5:8f:fc:ab:82:cb:6f:fa:e9:3f:b5:bd:05:
ab:43:26:e3:e9:78:16:85:c6:6a:92:a2:14:b3:bc:0c:01:0b:
af:a3:ad:83:06:3f:7f:c7:a0:1a:30:31:2f:6c:f0:d3:cd:9d:
60:43:4f:85:25:af:2f:58:a7:4e:35:b6:a2:74:57:f9:d1:48:
f2:86:7f:ab:8c:35:da:65:7c:d3:70:b3:15:1c:3c:58:30:95:
ed:72:f4:62:80:b4:67:70:98:e3:17:c3:e3:2f:3e:f4:8c:44:
56:4b:3f:a1:08:1e:62:26:83:cc:12:03:e7:ea:b3:35:2d:62:
29:92:d2:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdkY7hE4fotEhuUfWi20VVvTn0BwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MTYyMzAyMTNaFw0yNjA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4MWFlMmJiOTVmZWQ1MDAyNDY2NzkxZDRlMzIyYTU2YzlhNzg5YmRiZDFk
NDU0NTY3YmI1YjgwNGNhOTZiNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANoS2hEHvcerrMr1fvOc0H1d4+GYFmBqghMY2vEmUA918VcK8M4pMIOB5PK5
kItcuVqsRaHZfjwVHjwQXnm49mGzVjLNPLm2+KzrhbMuoJsVq5SaXoDCCOmiaBcd
MrPRDYyh/GZ6Hpxag57LmP3OVoSi4YU9Cw6w4aipRx+iZtc3LoWv2r14alTFD3ux
EGbCq4LpaRQ21HkA4I2dEKuS7dXgXVeTCrxhJW4VIa69QSwZAe0zVXvZYYjhSFkA
bo+Dp7ssxxhk7K2M820IU6yOV8bruJ1OITqron7/N/Gu+GMz6jek3FeuVE7PRkxj
QOAb1YfA7vXrkf91p0grasI52z8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQZkN1
plxT/eQMkWgoiLi/jN8jxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTk0NmE3OTYtZjE1Mi00NjkxLTgyMjctZjIxNDVkZDUxM2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BwY
MA0GCSqGSIb3DQEBCwUAA4IBAQAMKQzdyYWBDIuVHKg59kacXLzv6D8hK0+90PEL
awNu55C6CSMhiI0aVcCmHD+/tk0Zu4sBJrJ38NFk4C6Mi2K5IhQ8jbex6TxXhznj
kSBppXPCSSx1piVNHcQekjxdHoZSvya6QUNcgq0OmtyMJ9l036fB2K8PPiT2EiLX
DDCLwuQ0NqWP/KuCy2/66T+1vQWrQybj6XgWhcZqkqIUs7wMAQuvo62DBj9/x6Aa
MDEvbPDTzZ1gQ0+FJa8vWKdONbaidFf50Ujyhn+rjDXaZXzTcLMVHDxYMJXtcvRi
gLRncJjjF8PjLz70jERWSz+hCB5iJoPMEgPn6rM1LWIpktJe
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:29:03 2026 by rpki-client