Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83bc447e-84c7-47ac-8c22-fa9d48a96d41.roa
File: 83bc447e-84c7-47ac-8c22-fa9d48a96d41.roa (raw, json)
Hash identifier: QyfRuEvCgREN4ENdMO5ie+lMCvX+xP5J6vUYLK2rY5U=
Subject key identifier: 9B:3C:CB:2D:53:9C:8B:6B:54:56:D8:0E:CC:12:D4:DB:96:B6:C1:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B2BB21B090FF2DC5BBC3E38615F29E7312876A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83bc447e-84c7-47ac-8c22-fa9d48a96d41.roa
Signing time: Fri 03 Apr 2026 02:40:11 +0000
ROA not before: Fri 03 Apr 2026 02:40:11 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:2b:b2:1b:09:0f:f2:dc:5b:bc:3e:38:61:5f:29:e7:31:28:76:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:11 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=37573100a6a45ea72f6765efee0357c90a7cc255fae1eda93536f15fef4781b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:94:24:64:9a:ff:70:00:76:f7:93:9a:77:27:
6f:ad:99:fe:ab:ce:a4:6f:84:97:e1:c5:7c:6a:74:
b1:d6:da:b9:17:8b:51:dd:cd:12:ba:6e:f6:45:6f:
3e:88:d4:ac:39:d8:b9:a9:06:c5:15:52:a8:fa:69:
dd:0c:94:23:e5:57:08:8b:1d:e2:2a:40:ce:97:5d:
ec:80:d0:95:4e:08:ef:88:5f:29:68:fc:f7:90:53:
e0:50:67:bf:68:ea:41:75:ca:f6:23:65:a0:74:38:
1b:55:0f:87:8d:23:0a:22:5f:b8:f3:69:de:e0:68:
8d:db:9c:93:69:a7:42:14:31:35:04:12:bc:c3:90:
2c:d1:9e:db:3e:6e:ed:3e:8b:f5:7f:7b:8d:8f:33:
7a:23:ed:ef:eb:c7:dd:b5:69:92:7e:f4:4d:a0:34:
9f:1d:3b:d5:4e:19:34:63:18:cf:2b:64:de:95:42:
bb:e0:57:ac:b7:8c:47:c4:3f:ad:18:45:70:b5:f6:
f5:20:7c:f1:fd:53:9a:ed:2d:f1:17:44:f2:7a:5e:
f1:ee:42:fe:46:c3:dd:ec:95:8e:2c:ff:56:f1:db:
13:2b:ac:8f:64:8a:69:c2:fe:14:c1:ce:fc:64:8c:
e0:ee:3a:07:6f:ba:92:d5:b7:ec:f8:3c:30:a4:60:
7c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3C:CB:2D:53:9C:8B:6B:54:56:D8:0E:CC:12:D4:DB:96:B6:C1:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83bc447e-84c7-47ac-8c22-fa9d48a96d41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
c5:95:86:8d:8d:6e:26:3a:cd:c9:dd:ab:57:e6:8e:e6:ec:18:
cd:18:13:d5:cf:1b:9c:55:bc:8a:5f:f0:88:cf:41:f3:a7:2d:
9f:f1:9c:f1:8d:06:d5:b3:9a:35:93:f5:94:af:7a:3b:4a:c6:
cf:fe:8b:f2:85:30:30:80:6d:dd:e8:db:7c:91:2d:14:40:05:
f1:6b:15:dd:29:fd:97:aa:2b:ed:35:56:e5:55:ed:19:23:2f:
e4:df:ed:91:d0:26:b8:30:3b:84:14:cf:d5:13:19:ff:b0:4b:
95:99:4f:5b:90:34:76:c6:7b:b9:91:12:b0:74:a5:96:e3:b1:
51:62:63:f7:8b:8a:94:32:68:74:e0:25:16:55:67:ed:33:e7:
5d:7e:17:9a:31:bd:31:aa:fc:57:a5:d8:16:52:3a:a0:ad:1f:
1f:ca:11:7c:78:87:87:23:f3:86:74:71:15:eb:fb:ad:bb:d1:
dd:fc:26:95:cc:bc:2f:a2:09:c9:fd:68:80:86:d2:06:e1:24:
a4:6c:bf:6b:10:ee:61:54:b1:59:22:77:54:85:f5:f1:c2:bb:
6a:49:fa:e4:74:e3:ff:d7:23:2a:a6:b1:df:dd:df:70:1b:90:
43:cd:ac:dd:87:91:77:10:45:af:29:7f:58:e8:cc:4f:27:ef:
01:72:84:a8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUayuyGwkP8txbvD44YV8p5zEodqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMTFaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3NTczMTAwYTZhNDVlYTcyZjY3NjVlZmVlMDM1N2M5MGE3Y2MyNTVmYWUx
ZWRhOTM1MzZmMTVmZWY0NzgxYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWUJGSa/3AAdveTmncnb62Z/qvOpG+El+HFfGp0sdbauReLUd3NErpu9kVv
PojUrDnYuakGxRVSqPpp3QyUI+VXCIsd4ipAzpdd7IDQlU4I74hfKWj895BT4FBn
v2jqQXXK9iNloHQ4G1UPh40jCiJfuPNp3uBojduck2mnQhQxNQQSvMOQLNGe2z5u
7T6L9X97jY8zeiPt7+vH3bVpkn70TaA0nx071U4ZNGMYzytk3pVCu+BXrLeMR8Q/
rRhFcLX29SB88f1Tmu0t8RdE8npe8e5C/kbD3eyVjiz/VvHbEyusj2SKacL+FMHO
/GSM4O46B2+6ktW37Pg8MKRgfGkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSbPMst
U5yLa1RW2A7MEtTblrbBAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODNiYzQ0N2UtODRjNy00N2FjLThjMjItZmE5ZDQ4YTk2ZDQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gtg
wDANBgkqhkiG9w0BAQsFAAOCAQEAxZWGjY1uJjrNyd2rV+aO5uwYzRgT1c8bnFW8
il/wiM9B86ctn/Gc8Y0G1bOaNZP1lK96O0rGz/6L8oUwMIBt3ejbfJEtFEAF8WsV
3Sn9l6or7TVW5VXtGSMv5N/tkdAmuDA7hBTP1RMZ/7BLlZlPW5A0dsZ7uZESsHSl
luOxUWJj94uKlDJodOAlFlVn7TPnXX4XmjG9Mar8V6XYFlI6oK0fH8oRfHiHhyPz
hnRxFev7rbvR3fwmlcy8L6IJyf1ogIbSBuEkpGy/axDuYVSxWSJ3VIX18cK7akn6
5HTj/9cjKqax393fcBuQQ82s3YeRdxBFryl/WOjMTyfvAXKEqA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:45:42 2026 by rpki-client