Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3816340e-2101-41e7-af42-6ab2123b5c04.roa
File: 3816340e-2101-41e7-af42-6ab2123b5c04.roa (raw, json)
Hash identifier: Tb9EiW49Tj+mgQeEVN4D3e+ACR+XxEc1nOtBRm3yxr8=
Subject key identifier: A2:C4:33:82:D9:CA:51:C6:10:86:4C:12:FC:4F:AA:FD:3D:4D:F1:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15A034EF514F96CE85702D0AEA7B38FB33B1D6C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3816340e-2101-41e7-af42-6ab2123b5c04.roa
Signing time: Fri 03 Apr 2026 02:40:10 +0000
ROA not before: Fri 03 Apr 2026 02:40:10 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:a0:34:ef:51:4f:96:ce:85:70:2d:0a:ea:7b:38:fb:33:b1:d6:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:10 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=04d6dc5e459e2eabc4097fc18952de6e6f2b2b522a78a9b071d8e388f7bda69e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5e:9b:74:29:16:f4:ae:1e:2e:31:ec:f5:4b:
e7:bd:c2:70:0e:5c:ce:4f:d8:c0:a8:32:c5:aa:34:
77:64:35:a9:8b:38:a2:97:3e:1f:53:aa:bf:bb:70:
5d:91:3b:de:11:f4:98:e3:e1:92:b2:8b:39:74:01:
92:a0:8b:6d:b4:c2:87:98:3d:7f:9a:e5:b6:fd:54:
66:a8:3e:9b:81:af:6b:84:54:b0:29:e4:2d:7d:84:
98:05:14:1c:fb:96:70:12:9c:05:59:f0:4b:8a:a3:
a7:67:c5:2e:2d:09:51:bb:36:84:cb:13:3b:d8:9b:
71:c9:18:99:42:68:5b:67:5a:c7:5f:83:b4:37:d7:
eb:52:5b:71:e4:c1:eb:47:a3:e1:d9:35:8c:17:16:
e7:46:6f:6c:81:7d:da:6f:b2:a7:41:e4:cd:e3:5e:
23:3d:ad:57:08:63:77:2e:5d:74:bf:cb:81:90:c1:
12:f7:07:c6:46:ac:77:d7:62:24:55:3d:70:99:6f:
4c:94:34:9e:ab:4c:66:18:d5:01:de:5d:ff:39:b2:
36:75:d3:9f:ce:76:8f:48:3b:bb:96:4c:2f:65:31:
46:e4:73:ad:8a:8a:26:a2:b3:eb:71:3e:19:44:15:
f3:fa:c7:61:75:ae:ba:99:1b:32:d3:f8:5b:0a:b3:
dd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C4:33:82:D9:CA:51:C6:10:86:4C:12:FC:4F:AA:FD:3D:4D:F1:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3816340e-2101-41e7-af42-6ab2123b5c04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:e6:2e:0c:a4:56:ae:e6:b6:a2:d7:a9:ff:b7:e3:d2:55:7a:
a6:ff:ac:4d:96:c4:e7:07:61:f6:dd:74:74:b2:b0:8c:b5:4a:
05:49:f9:1f:4e:45:14:63:5f:78:f7:01:a7:c8:74:6e:b7:56:
e2:86:1d:fe:c0:a9:f9:ae:ee:c0:2a:4f:a4:9d:cc:8a:8f:29:
d2:b5:2e:86:d1:39:37:f4:7c:79:ee:0e:ab:e0:fb:c2:d5:6a:
06:0e:8f:ed:55:a8:94:9a:eb:96:5e:09:c0:59:81:9c:07:fb:
17:7f:48:cf:09:00:24:b1:dc:76:a3:69:84:1b:02:90:b5:cb:
31:0b:5c:fd:d8:f9:24:74:09:ce:01:5d:a6:69:90:d9:ac:51:
fd:2e:88:a6:7a:8d:eb:91:86:e0:4f:5c:47:5e:46:72:79:02:
d0:a5:2b:8d:cd:19:52:07:f0:16:23:b4:0e:0f:9d:b6:57:79:
c7:fd:de:5a:14:8d:51:5a:a8:26:67:25:0e:3d:31:41:39:c0:
93:fa:41:96:85:07:76:08:86:9c:45:71:a3:7d:b6:49:26:eb:
f1:8c:17:3c:f8:7e:24:f5:ba:c5:ad:ee:2f:3c:5c:fe:e9:64:
ae:59:27:14:60:a7:fe:4e:be:40:58:6d:3b:4c:62:af:4b:50:
8b:b0:32:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFaA071FPls6FcC0K6ns4+zOx1sMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMTBaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0ZDZkYzVlNDU5ZTJlYWJjNDA5N2ZjMTg5NTJkZTZlNmYyYjJiNTIyYTc4
YTliMDcxZDhlMzg4ZjdiZGE2OWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI1em3QpFvSuHi4x7PVL573CcA5czk/YwKgyxao0d2Q1qYs4opc+H1Oqv7tw
XZE73hH0mOPhkrKLOXQBkqCLbbTCh5g9f5rltv1UZqg+m4Gva4RUsCnkLX2EmAUU
HPuWcBKcBVnwS4qjp2fFLi0JUbs2hMsTO9ibcckYmUJoW2dax1+DtDfX61JbceTB
60ej4dk1jBcW50ZvbIF92m+yp0HkzeNeIz2tVwhjdy5ddL/LgZDBEvcHxkasd9di
JFU9cJlvTJQ0nqtMZhjVAd5d/zmyNnXTn852j0g7u5ZML2UxRuRzrYqKJqKz63E+
GUQV8/rHYXWuupkbMtP4Wwqz3Z8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSixDOC
2cpRxhCGTBL8T6r9PU3xzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzgxNjM0MGUtMjEwMS00MWU3LWFmNDItNmFiMjEyM2I1YzA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GsI
wDANBgkqhkiG9w0BAQsFAAOCAQEAP+YuDKRWrua2otep/7fj0lV6pv+sTZbE5wdh
9t10dLKwjLVKBUn5H05FFGNfePcBp8h0brdW4oYd/sCp+a7uwCpPpJ3Mio8p0rUu
htE5N/R8ee4Oq+D7wtVqBg6P7VWolJrrll4JwFmBnAf7F39IzwkAJLHcdqNphBsC
kLXLMQtc/dj5JHQJzgFdpmmQ2axR/S6IpnqN65GG4E9cR15GcnkC0KUrjc0ZUgfw
FiO0Dg+dtld5x/3eWhSNUVqoJmclDj0xQTnAk/pBloUHdgiGnEVxo322SSbr8YwX
PPh+JPW6xa3uLzxc/ulkrlknFGCn/k6+QFhtO0xir0tQi7Aywg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:33:07 2026 by rpki-client