Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ed813be-ccca-4959-8fb1-925830da32a8.roa
File: 4ed813be-ccca-4959-8fb1-925830da32a8.roa (raw, json)
Hash identifier: dELBMJO/X1BZBKALNUlbaTYVIvpXO7Tyw2nMeZPK/3Y=
Subject key identifier: 2B:C0:25:0E:D9:93:7D:07:EA:35:06:AF:5D:36:3E:AF:70:32:08:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E5A232834B858B7D18E8116BAA35ABF60D4F018
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ed813be-ccca-4959-8fb1-925830da32a8.roa
Signing time: Fri 03 Apr 2026 02:40:09 +0000
ROA not before: Fri 03 Apr 2026 02:40:09 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:5a:23:28:34:b8:58:b7:d1:8e:81:16:ba:a3:5a:bf:60:d4:f0:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:09 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=c606ebbbce6112a8030c6e9d20788f03ad9c95cff3bbbff801817925f360c724, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:be:49:04:00:2f:b0:49:e3:01:6a:6e:f7:46:
0e:3f:b6:47:0c:38:35:45:4a:e1:d4:22:32:b6:c0:
3b:85:30:ae:9b:4e:f7:53:42:74:7f:5b:9a:d2:95:
e4:59:a9:f8:d0:83:ae:19:39:be:7a:47:02:52:ed:
42:71:11:90:fb:2f:9a:b1:14:c5:03:f1:62:7e:3a:
dc:15:d4:73:e3:69:cd:df:e4:f8:f0:fa:cf:09:70:
3d:4f:27:00:90:a6:15:5d:96:ca:0d:b9:18:90:0c:
a9:ac:80:f1:f8:61:b6:b7:ae:7b:21:3b:f8:ba:c5:
1c:b4:20:d6:1a:8c:55:af:50:cf:c8:8e:47:8d:bb:
c4:b8:d2:11:ea:1d:e2:6c:bb:00:5c:bc:d2:c3:1d:
3e:54:a1:7c:90:b4:53:66:1a:cd:66:33:37:0e:c7:
4b:29:bb:ce:12:0d:f3:1a:3c:9c:25:36:78:08:1b:
13:03:20:fb:d0:fa:69:9b:8f:bf:6b:ed:48:94:de:
98:b2:bb:15:b1:59:91:fd:2d:fe:b9:cf:94:6a:72:
99:26:8a:a4:4c:70:0d:14:86:53:e9:57:b3:47:2a:
fa:f4:d7:12:82:4e:1d:86:cc:9f:72:3a:60:38:28:
3b:47:13:c4:ba:61:1c:12:f9:97:b8:9c:d3:44:6a:
58:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C0:25:0E:D9:93:7D:07:EA:35:06:AF:5D:36:3E:AF:70:32:08:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ed813be-ccca-4959-8fb1-925830da32a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:a080::/48
Signature Algorithm: sha256WithRSAEncryption
58:8e:c3:9b:e2:4c:8a:ed:3a:da:3e:a3:dd:75:30:7e:c5:9e:
d1:83:8e:e4:bb:63:9f:05:09:42:db:9f:47:bb:49:58:8c:4f:
52:12:4b:2d:4d:6f:11:8e:f0:be:bc:e3:60:d0:3a:9f:b4:74:
f7:05:f1:6d:92:5f:22:ae:1b:59:5d:66:61:d2:4c:9f:23:69:
3f:a4:0d:8d:07:87:05:09:82:13:64:b5:c3:16:49:c4:a6:45:
52:4f:ab:ec:2e:fa:5a:42:07:bf:79:9e:ef:e1:18:d5:12:12:
42:0f:6b:ab:24:57:a6:b1:cd:9b:94:3c:82:f2:7e:d0:28:be:
da:f3:54:88:22:4c:cb:1f:c9:d3:9f:4b:52:fa:23:28:1e:03:
b9:b4:87:0c:0a:6b:69:26:78:a6:bd:26:83:be:24:44:20:38:
67:c4:26:31:32:34:7e:3b:03:24:92:cc:fd:76:37:5d:f5:fa:
2d:8c:a8:8b:a5:d9:01:4c:aa:6d:37:b3:60:96:eb:6c:6d:f3:
b3:46:7e:63:bd:12:c8:40:e8:38:45:db:7c:75:b0:23:17:17:
ef:ed:23:a9:8d:a4:b5:06:41:e9:da:a0:96:fa:8d:3a:53:cb:
72:a8:4e:06:10:0e:b0:ec:45:44:b0:59:db:f2:5a:3b:90:7f:
25:bb:f6:94
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDlojKDS4WLfRjoEWuqNav2DU8BgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMDlaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2MDZlYmJiY2U2MTEyYTgwMzBjNmU5ZDIwNzg4ZjAzYWQ5Yzk1Y2ZmM2Ji
YmZmODAxODE3OTI1ZjM2MGM3MjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMW+SQQAL7BJ4wFqbvdGDj+2Rww4NUVK4dQiMrbAO4UwrptO91NCdH9bmtKV
5Fmp+NCDrhk5vnpHAlLtQnERkPsvmrEUxQPxYn463BXUc+Npzd/k+PD6zwlwPU8n
AJCmFV2Wyg25GJAMqayA8fhhtreueyE7+LrFHLQg1hqMVa9Qz8iOR427xLjSEeod
4my7AFy80sMdPlShfJC0U2YazWYzNw7HSym7zhIN8xo8nCU2eAgbEwMg+9D6aZuP
v2vtSJTemLK7FbFZkf0t/rnPlGpymSaKpExwDRSGU+lXs0cq+vTXEoJOHYbMn3I6
YDgoO0cTxLphHBL5l7ic00RqWBECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQrwCUO
2ZN9B+o1Bq9dNj6vcDIIgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGVkODEzYmUtY2NjYS00OTU5LThmYjEtOTI1ODMwZGEzMmE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gug
gDANBgkqhkiG9w0BAQsFAAOCAQEAWI7Dm+JMiu062j6j3XUwfsWe0YOO5LtjnwUJ
QtufR7tJWIxPUhJLLU1vEY7wvrzjYNA6n7R09wXxbZJfIq4bWV1mYdJMnyNpP6QN
jQeHBQmCE2S1wxZJxKZFUk+r7C76WkIHv3me7+EY1RISQg9rqyRXprHNm5Q8gvJ+
0Ci+2vNUiCJMyx/J059LUvojKB4DubSHDApraSZ4pr0mg74kRCA4Z8QmMTI0fjsD
JJLM/XY3XfX6LYyoi6XZAUyqbTezYJbrbG3zs0Z+Y70SyEDoOEXbfHWwIxcX7+0j
qY2ktQZB6dqglvqNOlPLcqhOBhAOsOxFRLBZ2/JaO5B/Jbv2lA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:47:42 2026 by rpki-client