Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47336cf4-a08c-4ca2-ab04-56ed84ff8f7a.roa
File: 47336cf4-a08c-4ca2-ab04-56ed84ff8f7a.roa (raw, json)
Hash identifier: 6hFIxRIbF6whMRNycTXh1JnZ5wIaWQxUKyBP8Qdf+j0=
Subject key identifier: B7:02:CB:0A:41:72:8F:7C:21:D8:CE:83:5D:23:60:3A:0E:4D:EE:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33F78A2E2A3AB5024CF8374A955550C03B1AF9FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47336cf4-a08c-4ca2-ab04-56ed84ff8f7a.roa
Signing time: Fri 03 Apr 2026 02:40:27 +0000
ROA not before: Fri 03 Apr 2026 02:40:27 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f7:8a:2e:2a:3a:b5:02:4c:f8:37:4a:95:55:50:c0:3b:1a:f9:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:27 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=a5d61e98e72544cd1168ed6dab17be323a7ce86643bffa9d452304b0c22d282f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b5:3a:99:57:8a:59:dd:3b:d0:59:9f:ae:8b:
5b:cc:b2:1f:fc:c1:ee:26:69:28:c4:0a:30:c2:b4:
d2:53:6d:31:14:17:6a:12:1f:19:65:93:98:b9:2f:
47:09:31:b9:82:d9:b5:46:c9:85:90:7f:48:f7:54:
1c:e4:a1:be:3c:18:aa:ab:bf:b3:1b:43:65:9f:93:
c0:cb:ae:2b:0b:ee:1a:41:77:c4:9a:a5:6d:fa:80:
fc:d3:2b:c2:65:61:0e:f9:9b:b3:0a:0e:ad:20:ee:
ae:3a:90:cb:95:06:37:da:ec:8c:06:10:d7:2b:96:
0d:b1:a5:c3:ee:2f:69:65:9d:0f:03:4b:84:b5:7c:
11:67:16:13:9a:e9:19:da:ee:80:4d:5b:32:12:fa:
f7:78:18:4d:6e:10:e3:27:eb:f4:3a:2a:57:f8:54:
49:0c:11:e1:af:d7:ca:fa:3d:cd:e5:26:47:cf:0f:
11:62:67:c8:43:bd:e1:fc:65:15:d1:e8:ae:31:b6:
a0:fa:2d:50:6e:15:c1:d4:0b:2f:c3:04:b5:b9:d2:
33:82:63:44:71:58:9f:df:b2:52:92:f0:ba:38:ca:
7b:7e:f1:cf:10:97:1e:53:f9:79:5d:66:eb:68:ff:
e6:c9:d3:b8:3c:ff:d9:28:0f:c2:31:5e:52:44:ba:
5d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:02:CB:0A:41:72:8F:7C:21:D8:CE:83:5D:23:60:3A:0E:4D:EE:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47336cf4-a08c-4ca2-ab04-56ed84ff8f7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:8080::/48
Signature Algorithm: sha256WithRSAEncryption
17:0e:80:14:8f:90:c4:2a:75:34:97:4b:15:7f:a0:f0:d1:aa:
a9:27:61:f5:90:5a:5e:e0:de:a0:50:83:c0:f7:76:b6:5b:11:
d7:e2:5e:d5:cb:d9:d5:f6:33:0c:38:0c:16:6f:20:5f:13:95:
98:67:72:1e:15:05:02:8e:af:61:8d:08:5d:ae:20:35:d5:66:
d9:14:0d:5d:a0:14:e9:56:e6:13:c9:c3:7e:53:4c:37:0d:1b:
db:d1:69:50:1d:a1:ad:3a:e7:4d:3f:76:39:8a:49:47:23:dc:
03:b7:8d:10:39:64:e1:29:a2:0e:98:6f:cb:be:32:64:fd:9c:
fc:41:66:37:10:6e:4d:6f:b5:fd:39:49:b3:67:a9:00:e7:5a:
1e:a5:ec:b9:5d:59:c7:12:85:2d:6b:b3:29:73:20:a3:d2:26:
21:4a:0d:47:d8:34:a9:f1:db:b2:01:ae:60:14:57:14:9a:e4:
34:c8:c3:c1:73:c1:9b:c6:ed:c2:1c:b3:88:f9:ff:2d:3b:b2:
dd:10:ed:a3:a6:4b:42:ae:35:4c:62:41:2b:71:36:be:37:54:
9e:58:da:88:34:d8:a6:f1:c9:d8:64:e9:ed:fc:ff:f9:ef:8c:
73:10:1c:a9:19:36:ba:6d:3e:73:2f:b4:3a:90:94:b9:08:f9:
be:1d:64:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUM/eKLio6tQJM+DdKlVVQwDsa+fwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMjdaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1ZDYxZTk4ZTcyNTQ0Y2QxMTY4ZWQ2ZGFiMTdiZTMyM2E3Y2U4NjY0M2Jm
ZmE5ZDQ1MjMwNGIwYzIyZDI4MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKy1OplXilndO9BZn66LW8yyH/zB7iZpKMQKMMK00lNtMRQXahIfGWWTmLkv
RwkxuYLZtUbJhZB/SPdUHOShvjwYqqu/sxtDZZ+TwMuuKwvuGkF3xJqlbfqA/NMr
wmVhDvmbswoOrSDurjqQy5UGN9rsjAYQ1yuWDbGlw+4vaWWdDwNLhLV8EWcWE5rp
GdrugE1bMhL693gYTW4Q4yfr9DoqV/hUSQwR4a/Xyvo9zeUmR88PEWJnyEO94fxl
FdHorjG2oPotUG4VwdQLL8MEtbnSM4JjRHFYn9+yUpLwujjKe37xzxCXHlP5eV1m
62j/5snTuDz/2SgPwjFeUkS6XWMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS3AssK
QXKPfCHYzoNdI2A6Dk3u3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDczMzZjZjQtYTA4Yy00Y2EyLWFiMDQtNTZlZDg0ZmY4ZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GuA
gDANBgkqhkiG9w0BAQsFAAOCAQEAFw6AFI+QxCp1NJdLFX+g8NGqqSdh9ZBaXuDe
oFCDwPd2tlsR1+Je1cvZ1fYzDDgMFm8gXxOVmGdyHhUFAo6vYY0IXa4gNdVm2RQN
XaAU6VbmE8nDflNMNw0b29FpUB2hrTrnTT92OYpJRyPcA7eNEDlk4SmiDphvy74y
ZP2c/EFmNxBuTW+1/TlJs2epAOdaHqXsuV1ZxxKFLWuzKXMgo9ImIUoNR9g0qfHb
sgGuYBRXFJrkNMjDwXPBm8btwhyziPn/LTuy3RDto6ZLQq41TGJBK3E2vjdUnlja
iDTYpvHJ2GTp7fz/+e+McxAcqRk2um0+cy+0OpCUuQj5vh1kjw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:46:49 2026 by rpki-client