Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f3d4fa8-77c8-4e46-aa5a-29bc35335977.roa
File: 8f3d4fa8-77c8-4e46-aa5a-29bc35335977.roa (raw, json)
Hash identifier: ETTOrrZSMKMheg+ghX+rETypYF4MNN82tTUz0qOoEMg=
Subject key identifier: 0B:31:EE:FE:25:C7:46:30:CF:D7:F3:D5:0D:50:0D:E0:C0:AF:20:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 294911BE0D1316635D24EFA174C0A93B2853BB66
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f3d4fa8-77c8-4e46-aa5a-29bc35335977.roa
Signing time: Tue 07 Apr 2026 23:51:52 +0000
ROA not before: Tue 07 Apr 2026 23:51:52 +0000
ROA not after: Mon 06 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:49:11:be:0d:13:16:63:5d:24:ef:a1:74:c0:a9:3b:28:53:bb:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 7 23:51:52 2026 GMT
Not After : Jul 6 23:59:59 2026 GMT
Subject: serialNumber=01aa1ca3cf9dd71e624d470c2cafbfcd6068dbc92016468303e1610d6c725ceb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:84:a5:87:51:31:f7:0e:84:cb:e3:f1:4e:46:
64:59:69:cb:5a:f7:20:28:33:41:33:fb:da:08:c7:
b0:a6:5e:3f:f7:d9:de:8f:d4:48:f4:4c:26:9d:ba:
7c:a5:f7:8b:6b:db:c9:25:62:c2:8d:fc:5d:1e:35:
eb:5c:7c:76:15:2e:24:24:b4:3b:11:f7:6d:7a:03:
6c:e8:22:ef:f6:89:ef:79:5a:d7:55:d7:86:9f:ae:
f6:61:6d:09:2d:bb:84:8f:01:06:46:6e:75:d6:24:
1a:42:e5:94:e5:0a:8b:88:2d:91:b4:4c:7e:76:da:
59:c8:c9:e1:df:c9:7c:4e:e5:4f:ce:69:74:d0:fe:
54:95:d9:20:97:be:09:d5:69:a8:e6:bc:a7:74:c2:
1c:bc:e4:12:23:19:e6:1c:23:18:bb:76:a0:bc:23:
81:54:28:d2:2a:7a:1c:ce:28:10:a4:00:b7:3a:d1:
f6:8e:01:b5:66:ea:24:78:69:e1:93:c4:1f:29:21:
97:85:3a:1a:9c:f0:bb:28:e7:db:71:99:ba:75:7d:
66:41:45:97:0e:e1:18:36:6e:fa:81:a0:56:15:2a:
15:3e:04:4a:83:aa:f6:fc:47:dd:69:00:93:b8:4d:
4c:8a:be:90:81:d9:05:66:0b:df:0a:98:cc:eb:c9:
fa:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:31:EE:FE:25:C7:46:30:CF:D7:F3:D5:0D:50:0D:E0:C0:AF:20:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f3d4fa8-77c8-4e46-aa5a-29bc35335977.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:70:62:19:a9:e9:6f:f9:f8:64:54:fd:7e:d4:ad:a3:48:f1:
71:ea:83:91:a6:b9:c0:7e:a3:a2:d4:3b:e0:e1:9e:5d:8a:62:
ba:db:db:6a:46:3e:55:62:07:e8:20:9b:e1:7c:61:09:8a:2a:
a7:69:1e:c5:61:5d:c4:23:75:9e:54:bb:02:8c:93:93:14:2b:
18:4d:1c:63:f9:e6:1e:37:87:94:49:15:1d:d5:3f:03:e7:00:
c9:5a:94:f8:57:b5:6b:a6:9a:ae:82:75:b6:70:9b:e7:e1:99:
a0:e5:dd:c9:cc:f6:8b:b5:13:f9:5e:d9:6a:4c:63:e8:1d:b9:
48:4e:7a:c2:04:8c:6a:3d:4a:67:6c:f6:eb:86:93:94:f8:cb:
2a:09:4b:3f:a0:2b:b7:44:98:3b:b4:0e:7c:83:94:43:a8:e4:
75:6b:86:7e:90:49:46:82:95:29:1b:8a:ce:3b:4c:63:cf:0a:
e6:45:f8:aa:85:2b:a3:59:ae:8e:01:c8:0f:dc:b8:cf:b6:2e:
71:f7:b8:da:67:45:f9:4f:80:bc:a1:81:08:5f:03:fd:2f:7b:
63:35:ca:e6:12:69:43:52:9a:ea:f6:f8:54:af:af:71:d3:4c:
31:96:01:04:a8:ba:a8:35:a2:40:66:b1:b1:8c:84:36:89:bc:
ff:43:57:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKUkRvg0TFmNdJO+hdMCpOyhTu2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDcyMzUxNTJaFw0yNjA3MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxYWExY2EzY2Y5ZGQ3MWU2MjRkNDcwYzJjYWZiZmNkNjA2OGRiYzkyMDE2
NDY4MzAzZTE2MTBkNmM3MjVjZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCEpYdRMfcOhMvj8U5GZFlpy1r3ICgzQTP72gjHsKZeP/fZ3o/USPRMJp26
fKX3i2vbySViwo38XR4161x8dhUuJCS0OxH3bXoDbOgi7/aJ73la11XXhp+u9mFt
CS27hI8BBkZuddYkGkLllOUKi4gtkbRMfnbaWcjJ4d/JfE7lT85pdND+VJXZIJe+
CdVpqOa8p3TCHLzkEiMZ5hwjGLt2oLwjgVQo0ip6HM4oEKQAtzrR9o4BtWbqJHhp
4ZPEHykhl4U6Gpzwuyjn23GZunV9ZkFFlw7hGDZu+oGgVhUqFT4ESoOq9vxH3WkA
k7hNTIq+kIHZBWYL3wqYzOvJ+gcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLMe7+
JcdGMM/X89UNUA3gwK8gYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGYzZDRmYTgtNzdjOC00ZTQ2LWFhNWEtMjliYzM1MzM1OTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGA
MA0GCSqGSIb3DQEBCwUAA4IBAQB7cGIZqelv+fhkVP1+1K2jSPFx6oORprnAfqOi
1Dvg4Z5dimK629tqRj5VYgfoIJvhfGEJiiqnaR7FYV3EI3WeVLsCjJOTFCsYTRxj
+eYeN4eUSRUd1T8D5wDJWpT4V7VrppqugnW2cJvn4Zmg5d3JzPaLtRP5XtlqTGPo
HblITnrCBIxqPUpnbPbrhpOU+MsqCUs/oCu3RJg7tA58g5RDqOR1a4Z+kElGgpUp
G4rOO0xjzwrmRfiqhSujWa6OAcgP3LjPti5x97jaZ0X5T4C8oYEIXwP9L3tjNcrm
EmlDUprq9vhUr69x00wxlgEEqLqoNaJAZrGxjIQ2ibz/Q1cT
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:44:06 2026 by rpki-client