Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba30de9d-f722-4d58-b8ed-e2a4641131f3.roa
File: ba30de9d-f722-4d58-b8ed-e2a4641131f3.roa (raw, json)
Hash identifier: 4hc6ptgUHmKF2VBgCiA7LeAhEwZunzXEk+SHm5ZRDQs=
Subject key identifier: C0:AC:86:A1:B4:11:2E:D0:65:E5:10:71:F1:51:20:15:19:A8:5F:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03A6E5999C7BD0D27E39A6A5B79EB37CB91E5F21
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba30de9d-f722-4d58-b8ed-e2a4641131f3.roa
Signing time: Fri 03 Apr 2026 02:40:09 +0000
ROA not before: Fri 03 Apr 2026 02:40:09 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:a6:e5:99:9c:7b:d0:d2:7e:39:a6:a5:b7:9e:b3:7c:b9:1e:5f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:09 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=9a0c6088d983b72765946414f38b961375a5d6652b36b3defd5d22063114613d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:15:da:1d:bc:f6:33:6d:13:3e:96:f8:5c:10:
97:65:b5:16:93:c0:15:52:fc:9a:b8:c3:f9:73:46:
aa:ce:3e:72:a5:4f:37:f5:36:ac:71:75:d8:57:4e:
f1:c0:b2:a8:ad:8d:6d:8a:8a:bd:de:f4:ab:a1:e9:
8e:6c:a4:29:75:50:bc:a9:93:30:f3:50:71:e4:3b:
79:3e:ba:1a:2b:b1:92:f2:f7:c1:a9:14:0b:83:eb:
a1:be:e8:0e:68:32:c7:1a:d7:6d:32:49:6c:1b:86:
dc:ad:cd:ce:f6:28:0c:ff:d4:9a:6a:f7:1d:a5:17:
da:3e:34:ea:22:f8:d4:b9:0f:32:10:35:cb:15:ce:
d1:c2:22:0d:5b:16:b8:64:d2:50:2f:dd:5d:ab:c1:
50:20:70:41:3b:68:10:c6:e3:0f:b6:ac:b0:f3:22:
a2:b1:de:99:25:90:4f:9a:0a:61:7c:e2:5a:73:53:
d6:f5:d8:ac:3a:c4:c0:f8:7e:83:8d:ce:58:5d:3d:
33:26:53:ab:8e:93:00:a8:ce:86:a1:92:e6:40:26:
5f:e9:99:9c:c6:43:c4:a9:5b:0d:d9:fc:cd:0d:0f:
af:5e:1b:06:0e:7a:01:36:91:bf:6c:72:11:1c:89:
59:f4:a1:f3:97:dc:30:5c:14:e9:d4:30:fd:7d:a3:
9a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:AC:86:A1:B4:11:2E:D0:65:E5:10:71:F1:51:20:15:19:A8:5F:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba30de9d-f722-4d58-b8ed-e2a4641131f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:8040::/48
Signature Algorithm: sha256WithRSAEncryption
59:04:48:94:f8:e2:40:cd:f5:d6:e4:f9:19:82:7b:50:40:06:
97:eb:53:96:75:4e:0e:b8:91:ad:75:ab:6e:a0:2b:fe:8d:48:
18:30:b0:bc:04:17:cd:6d:30:90:e9:92:dd:bb:1a:b3:41:be:
7e:65:5b:ab:91:af:d5:af:4f:70:00:ac:cd:7c:6a:6d:64:ae:
10:a4:f6:9d:fd:34:ee:ac:24:db:e5:3d:ea:3b:22:6f:94:09:
50:1d:19:c9:32:3b:80:75:bd:b6:ff:ef:97:31:90:72:4c:11:
6d:0a:29:b6:8d:b6:2f:cc:24:be:38:3a:02:07:20:30:16:88:
51:91:12:2d:d9:a0:d3:89:3e:e7:38:d7:82:8a:b3:bd:9a:b2:
8e:be:bf:f8:b3:df:fa:cc:9d:6a:34:2d:bf:56:69:0d:d1:31:
4c:5f:1e:3f:19:df:e7:9f:1f:18:c5:db:41:a6:f2:33:c0:2b:
fc:36:ea:bb:18:df:58:4d:1c:ad:3f:47:79:7c:0a:5b:0a:99:
bb:67:ca:48:5c:4c:e2:af:ad:06:8c:b3:dd:27:b2:d0:bf:41:
b0:eb:33:4f:2c:f9:37:27:e9:10:36:56:8d:f3:31:ef:61:36:
c4:93:f1:52:5e:80:d7:46:55:a8:56:2b:b9:88:33:b2:51:52:
3f:1f:e9:37
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUA6blmZx70NJ+Oaalt56zfLkeXyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMDlaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMGM2MDg4ZDk4M2I3Mjc2NTk0NjQxNGYzOGI5NjEzNzVhNWQ2NjUyYjM2
YjNkZWZkNWQyMjA2MzExNDYxM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4V2h289jNtEz6W+FwQl2W1FpPAFVL8mrjD+XNGqs4+cqVPN/U2rHF12FdO
8cCyqK2NbYqKvd70q6HpjmykKXVQvKmTMPNQceQ7eT66GiuxkvL3wakUC4Prob7o
DmgyxxrXbTJJbBuG3K3NzvYoDP/Ummr3HaUX2j406iL41LkPMhA1yxXO0cIiDVsW
uGTSUC/dXavBUCBwQTtoEMbjD7assPMiorHemSWQT5oKYXziWnNT1vXYrDrEwPh+
g43OWF09MyZTq46TAKjOhqGS5kAmX+mZnMZDxKlbDdn8zQ0Pr14bBg56ATaRv2xy
ERyJWfSh85fcMFwU6dQw/X2jmhcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTArIah
tBEu0GXlEHHxUSAVGahfpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEzMGRlOWQtZjcyMi00ZDU4LWI4ZWQtZTJhNDY0MTEzMWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GuA
QDANBgkqhkiG9w0BAQsFAAOCAQEAWQRIlPjiQM311uT5GYJ7UEAGl+tTlnVODriR
rXWrbqAr/o1IGDCwvAQXzW0wkOmS3bsas0G+fmVbq5Gv1a9PcACszXxqbWSuEKT2
nf007qwk2+U96jsib5QJUB0ZyTI7gHW9tv/vlzGQckwRbQopto22L8wkvjg6Agcg
MBaIUZESLdmg04k+5zjXgoqzvZqyjr6/+LPf+sydajQtv1ZpDdExTF8ePxnf558f
GMXbQabyM8Ar/DbquxjfWE0crT9HeXwKWwqZu2fKSFxM4q+tBoyz3Sey0L9BsOsz
Tyz5NyfpEDZWjfMx72E2xJPxUl6A10ZVqFYruYgzslFSPx/pNw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:48:05 2026 by rpki-client