Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/273b93a3-cef1-4c97-a543-26188767c199.roa
File: 273b93a3-cef1-4c97-a543-26188767c199.roa (raw, json)
Hash identifier: V43ma+TmW6VCyft7Z5kt75FRPCdXwkNN3mlQ22LT4SU=
Subject key identifier: 67:69:5B:8F:F3:4F:E0:9F:E2:52:6C:30:BC:5E:DD:EF:64:FC:C4:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 153A88A6AE05530E0C34172581AA0270D4DFF0AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/273b93a3-cef1-4c97-a543-26188767c199.roa
Signing time: Fri 03 Apr 2026 02:40:10 +0000
ROA not before: Fri 03 Apr 2026 02:40:10 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:3a:88:a6:ae:05:53:0e:0c:34:17:25:81:aa:02:70:d4:df:f0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:10 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=26058e07dafe50b4c6e9039d70b5ba653a59df62f76202b8ac80277ba9618e2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b4:6a:ab:c9:00:e5:b6:cb:e3:62:13:41:99:
34:dd:33:4c:47:1a:4b:27:32:11:15:20:ad:0c:e3:
b3:de:3c:56:2c:37:2b:0f:1c:ed:f0:67:83:68:a0:
e0:96:a7:4e:bd:05:f3:3b:44:24:cf:1c:55:86:e0:
cb:b1:9a:b2:ff:6c:fc:28:2f:04:57:79:30:10:1f:
50:60:09:4d:db:54:2d:41:c3:6f:03:99:f2:ea:ab:
c7:b5:f7:d9:9d:fc:81:5d:49:70:1b:be:2f:2b:3d:
9a:07:eb:36:c4:8f:3f:31:40:b3:30:42:f4:74:3b:
0b:09:6a:4b:96:c8:42:b0:f0:ab:48:91:d6:f2:c0:
15:e0:b5:e9:f5:db:fe:59:7e:f4:7f:ad:66:0a:31:
7a:b9:68:60:f9:19:46:93:ec:7e:94:0e:d5:de:0e:
69:36:cb:11:19:d0:1f:01:f1:d1:3b:fa:48:65:2a:
d7:00:ab:87:6a:94:7d:09:44:1d:c6:fe:7d:86:3e:
47:35:f3:27:3b:42:c9:ee:ca:95:8f:2f:87:37:bc:
ad:17:a0:41:ce:9b:03:47:c8:b3:15:31:a0:08:38:
a4:4f:09:6d:5e:a9:aa:86:20:a9:cf:58:f9:e9:9e:
74:a7:dd:9e:7c:8d:cd:4c:d0:b4:3a:b4:ca:08:5d:
16:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:69:5B:8F:F3:4F:E0:9F:E2:52:6C:30:BC:5E:DD:EF:64:FC:C4:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/273b93a3-cef1-4c97-a543-26188767c199.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:42:e4:50:c2:fc:f2:46:b5:a8:73:e5:ae:65:22:4f:a0:2a:
ba:25:a9:4f:a7:71:36:1a:b3:8b:c5:2b:0a:49:e8:1c:c8:a2:
02:dc:68:e4:f7:21:f8:50:9c:81:cd:b9:40:bc:d6:17:4b:40:
88:4b:32:a0:86:79:b3:b2:ae:d7:34:83:a8:2a:52:72:68:91:
53:c0:e3:c8:f6:27:ac:ba:c9:22:88:8c:8c:0a:b2:3f:d9:e1:
07:76:ff:23:fa:44:ed:ca:53:48:4d:e9:a4:9b:56:b6:c8:40:
97:bd:4a:27:16:02:8a:2a:4a:8a:a8:3b:27:ac:23:2c:c6:b4:
0f:44:79:03:62:1d:76:d0:ad:a2:8f:7c:c3:b4:60:21:f1:d8:
0f:68:05:66:2a:c6:3f:d8:0f:ff:1d:6b:b7:e7:c4:b3:10:2b:
dc:62:15:7b:13:54:0d:48:e7:e9:31:3e:b5:1f:7c:b5:dc:62:
c4:d2:05:4d:af:6e:0f:ff:db:e2:79:13:9b:43:07:2b:c9:37:
85:42:28:a8:20:e4:6c:38:68:6f:22:b8:db:9d:f0:da:6a:53:
c7:c0:52:ab:03:b4:86:69:95:6b:32:ba:e1:cd:e8:55:49:97:
80:97:53:22:fb:b7:c7:19:03:ca:7f:b5:91:ee:1e:8a:45:45:
8f:d9:e0:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFTqIpq4FUw4MNBclgaoCcNTf8K0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMTBaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2MDU4ZTA3ZGFmZTUwYjRjNmU5MDM5ZDcwYjViYTY1M2E1OWRmNjJmNzYy
MDJiOGFjODAyNzdiYTk2MThlMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALu0aqvJAOW2y+NiE0GZNN0zTEcaSycyERUgrQzjs948Viw3Kw8c7fBng2ig
4JanTr0F8ztEJM8cVYbgy7Gasv9s/CgvBFd5MBAfUGAJTdtULUHDbwOZ8uqrx7X3
2Z38gV1JcBu+Lys9mgfrNsSPPzFAszBC9HQ7CwlqS5bIQrDwq0iR1vLAFeC16fXb
/ll+9H+tZgoxerloYPkZRpPsfpQO1d4OaTbLERnQHwHx0Tv6SGUq1wCrh2qUfQlE
Hcb+fYY+RzXzJztCye7KlY8vhze8rRegQc6bA0fIsxUxoAg4pE8JbV6pqoYgqc9Y
+emedKfdnnyNzUzQtDq0yghdFvsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRnaVuP
80/gn+JSbDC8Xt3vZPzEKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjczYjkzYTMtY2VmMS00Yzk3LWE1NDMtMjYxODg3NjdjMTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GtA
MA0GCSqGSIb3DQEBCwUAA4IBAQAsQuRQwvzyRrWoc+WuZSJPoCq6JalPp3E2GrOL
xSsKSegcyKIC3Gjk9yH4UJyBzblAvNYXS0CISzKghnmzsq7XNIOoKlJyaJFTwOPI
9iesuskiiIyMCrI/2eEHdv8j+kTtylNITemkm1a2yECXvUonFgKKKkqKqDsnrCMs
xrQPRHkDYh120K2ij3zDtGAh8dgPaAVmKsY/2A//HWu358SzECvcYhV7E1QNSOfp
MT61H3y13GLE0gVNr24P/9vieRObQwcryTeFQiioIORsOGhvIrjbnfDaalPHwFKr
A7SGaZVrMrrhzehVSZeAl1Mi+7fHGQPKf7WR7h6KRUWP2eBj
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:33:00 2026 by rpki-client