Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bdf0546-1572-40f3-92c7-5a06ce6af441.roa
File: 3bdf0546-1572-40f3-92c7-5a06ce6af441.roa (raw, json)
Hash identifier: keLgR7+C+udCENPNMbzMEHjT5W3cNj8868di5MRaoWI=
Subject key identifier: 52:59:E9:91:36:55:F3:45:C1:B7:69:D4:19:85:36:28:78:AE:54:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 782A45E51A1AB7ED5DB1D2CC13272D8F2B46DF71
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bdf0546-1572-40f3-92c7-5a06ce6af441.roa
Signing time: Fri 03 Apr 2026 02:40:26 +0000
ROA not before: Fri 03 Apr 2026 02:40:26 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:2a:45:e5:1a:1a:b7:ed:5d:b1:d2:cc:13:27:2d:8f:2b:46:df:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:26 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=fc68627fecf8deea645ad3d18b59f54625e591e528f91725c8500aecd7f69709, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e5:32:86:21:be:42:49:c6:42:61:d6:a4:19:
7a:31:92:fc:30:cb:ab:dd:c4:1c:8e:16:20:02:a1:
2b:9c:3c:bc:28:4d:f8:7e:87:13:72:f5:1d:e3:10:
ea:b7:8f:31:41:eb:aa:71:79:ff:3f:37:21:6f:80:
0b:22:b9:e2:1e:c6:4e:7a:68:71:77:2d:8a:98:c5:
7a:c4:c9:20:a3:24:31:79:8e:0e:e3:f4:68:89:76:
92:17:3a:10:54:05:9b:a3:22:59:54:eb:ad:b1:89:
15:72:ef:e0:e2:9c:84:41:72:cd:39:c4:5a:f6:d8:
10:38:bc:93:28:38:08:d5:a1:14:cc:90:e1:0c:4f:
3e:e0:54:db:dd:a8:3e:77:07:19:f1:e1:0e:87:09:
bd:c6:59:3a:b0:c0:0f:e2:83:81:83:2c:87:aa:cc:
9e:3b:08:91:58:9d:31:fb:c4:b4:e8:12:29:d8:d0:
92:7c:32:5c:fd:76:01:6c:71:b3:5b:d0:a0:47:62:
c0:b3:68:38:a4:db:3a:0c:48:7d:3f:e9:25:6c:15:
34:e3:bb:94:d1:fc:e5:60:59:54:9e:71:42:47:0b:
d4:fb:6d:3c:09:0f:2e:b5:06:53:46:4a:ed:5a:d5:
b6:56:70:51:24:e3:af:b4:a1:bc:d3:df:8e:ee:46:
99:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:59:E9:91:36:55:F3:45:C1:B7:69:D4:19:85:36:28:78:AE:54:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bdf0546-1572-40f3-92c7-5a06ce6af441.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:9000::/40
Signature Algorithm: sha256WithRSAEncryption
93:61:2d:77:60:04:2b:bc:b0:e3:57:45:93:3a:ad:56:3b:e6:
19:af:fd:cb:e6:ff:c9:1f:0a:84:ee:95:de:b9:88:5a:92:4c:
55:42:fb:cb:23:03:47:1d:81:2e:97:ac:03:7a:d3:8a:20:45:
91:b2:bc:24:f5:b2:29:b3:60:75:c1:36:7b:08:4e:01:ca:b8:
bb:22:e8:e3:16:fa:e6:30:64:fb:0e:d8:27:a8:68:27:45:89:
15:e2:f6:fd:16:4c:94:6c:45:72:6f:d7:a1:ec:ca:f1:02:74:
0e:b7:db:b0:40:c3:89:be:74:38:99:08:18:08:45:26:c9:5e:
b4:a3:f1:34:9e:70:0a:bf:c3:17:16:12:c9:a9:62:b3:71:e5:
3f:71:be:1b:56:16:da:94:08:79:47:7e:da:7b:52:85:b1:62:
4d:3a:71:14:19:4b:b9:c3:cf:dc:71:8e:7b:e3:6a:15:e9:d7:
2e:a0:9e:f1:ef:38:35:ef:61:5c:1b:03:04:ca:fe:45:62:05:
ce:64:36:1f:f9:70:37:5a:0e:6f:dd:fc:1b:d6:ac:4f:8b:fa:
44:1b:e6:0d:28:6c:39:35:67:1d:41:f8:9f:43:e0:e5:4f:c5:
00:e7:27:43:f7:71:49:1d:d2:2f:4c:48:89:6f:72:e2:09:b2:
3b:b2:30:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeCpF5Roat+1dsdLMEyctjytG33EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMjZaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjNjg2MjdmZWNmOGRlZWE2NDVhZDNkMThiNTlmNTQ2MjVlNTkxZTUyOGY5
MTcyNWM4NTAwYWVjZDdmNjk3MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJnlMoYhvkJJxkJh1qQZejGS/DDLq93EHI4WIAKhK5w8vChN+H6HE3L1HeMQ
6rePMUHrqnF5/z83IW+ACyK54h7GTnpocXctipjFesTJIKMkMXmODuP0aIl2khc6
EFQFm6MiWVTrrbGJFXLv4OKchEFyzTnEWvbYEDi8kyg4CNWhFMyQ4QxPPuBU292o
PncHGfHhDocJvcZZOrDAD+KDgYMsh6rMnjsIkVidMfvEtOgSKdjQknwyXP12AWxx
s1vQoEdiwLNoOKTbOgxIfT/pJWwVNOO7lNH85WBZVJ5xQkcL1PttPAkPLrUGU0ZK
7VrVtlZwUSTjr7ShvNPfju5GmY8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSWemR
NlXzRcG3adQZhTYoeK5UvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JkZjA1NDYtMTU3Mi00MGYzLTkyYzctNWEwNmNlNmFmNDQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GuQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCTYS13YAQrvLDjV0WTOq1WO+YZr/3L5v/JHwqE
7pXeuYhakkxVQvvLIwNHHYEul6wDetOKIEWRsrwk9bIps2B1wTZ7CE4Byri7Iujj
FvrmMGT7DtgnqGgnRYkV4vb9FkyUbEVyb9eh7MrxAnQOt9uwQMOJvnQ4mQgYCEUm
yV60o/E0nnAKv8MXFhLJqWKzceU/cb4bVhbalAh5R37ae1KFsWJNOnEUGUu5w8/c
cY5742oV6dcuoJ7x7zg172FcGwMEyv5FYgXOZDYf+XA3Wg5v3fwb1qxPi/pEG+YN
KGw5NWcdQfifQ+DlT8UA5ydD93FJHdIvTEiJb3LiCbI7sjAL
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:55:47 2026 by rpki-client