Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c03c2e6a-b6b9-43c0-86bd-1f13ad1b1ae7.roa
File: c03c2e6a-b6b9-43c0-86bd-1f13ad1b1ae7.roa (raw, json)
Hash identifier: lOzb9ltDXK5Dwpv2Z6+BAHoKH9LXNPXOonIrZqywdmc=
Subject key identifier: DC:36:E6:32:91:B5:8D:09:FB:BA:F6:92:C6:1D:46:88:01:EF:6A:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 453CEAC6C50E4CAE8234B2D92A3EF0915FD4D75D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c03c2e6a-b6b9-43c0-86bd-1f13ad1b1ae7.roa
Signing time: Fri 03 Apr 2026 02:40:23 +0000
ROA not before: Fri 03 Apr 2026 02:40:23 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:3c:ea:c6:c5:0e:4c:ae:82:34:b2:d9:2a:3e:f0:91:5f:d4:d7:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:23 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=4216585f13d127e4871614158e17ac31a543bcc572cc80c5f20f5aacc7d99d07, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0d:9a:79:2c:3b:17:bf:ed:84:08:67:34:8d:
22:6b:5f:bf:53:7d:2b:bb:1d:fe:b3:f6:1b:ff:0c:
fe:48:06:f0:7c:df:7b:68:f2:e9:ee:01:8d:8f:68:
ec:ec:59:68:ae:a8:f2:e7:1d:b0:3b:f4:f5:5f:27:
68:bc:81:62:0e:35:8a:44:ed:c0:82:a2:cf:11:69:
03:59:cd:b3:bd:ea:39:32:2a:ce:1f:e4:7f:fe:c1:
f4:53:24:46:7d:a7:9e:d8:cc:e7:27:88:9c:24:16:
3d:6c:ef:b4:fa:5a:67:ad:25:cf:7d:c3:7d:07:77:
74:67:25:b5:88:be:ec:f8:75:91:60:81:03:41:97:
70:50:3d:e9:19:6d:43:44:ec:ea:cd:b4:7d:ed:94:
1e:5c:f6:bc:15:7b:98:ef:19:93:10:64:41:ac:d1:
33:fb:83:57:b7:c8:57:42:a4:e8:18:d9:47:e5:45:
8f:76:75:fe:c4:c3:6a:29:a7:20:40:d8:8c:f3:e5:
9b:a7:01:5b:a0:69:1f:cf:e1:17:8c:f7:ac:c1:45:
e7:97:79:d4:44:09:da:f4:a8:9f:6e:a5:7c:98:87:
38:ec:ef:28:e5:2f:73:77:bf:be:50:ba:a0:11:1d:
51:40:55:3e:8a:3d:77:cf:79:7c:d4:9b:b9:57:93:
68:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:36:E6:32:91:B5:8D:09:FB:BA:F6:92:C6:1D:46:88:01:EF:6A:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c03c2e6a-b6b9-43c0-86bd-1f13ad1b1ae7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:b080::/48
Signature Algorithm: sha256WithRSAEncryption
59:b3:94:b1:6d:ec:2c:27:95:c0:0a:90:a1:3c:14:57:e6:e2:
3b:ba:09:74:b8:c5:db:f7:0b:be:e8:e7:2d:68:98:72:4b:aa:
e3:d5:bf:85:4c:72:da:c9:87:d0:69:f0:54:f7:9f:e4:7c:ce:
90:b9:4c:e4:d1:e7:35:87:08:d4:5c:94:24:0e:8c:c4:4e:73:
b6:59:7c:5e:4e:92:a2:55:42:ae:d6:be:c5:80:57:fb:eb:74:
d3:54:74:6c:65:ee:6b:39:fa:ae:7e:bc:81:cf:d4:ed:78:55:
15:e5:08:77:d9:c3:eb:62:8d:40:15:24:86:c3:40:ab:37:fa:
67:f3:7b:24:3e:f1:58:43:50:1b:ba:cf:22:36:d5:e9:12:a3:
fa:8b:71:46:51:c7:4d:e8:e3:5d:b0:68:f7:be:ac:f1:d9:54:
49:41:05:d1:76:2f:eb:6c:e7:af:f4:cf:b9:5e:6d:c3:c6:e2:
6e:ee:58:ab:50:9f:c5:50:10:8c:bd:bb:4e:78:a4:30:7b:86:
22:c2:56:92:31:78:cc:9e:94:4f:6e:8f:8e:57:9c:82:2f:c0:
67:0e:f1:da:1b:70:d5:1c:ac:51:c9:f2:7f:67:5d:e8:f0:fd:
8d:01:0a:9d:0d:c6:77:4c:e2:d2:72:f5:6e:fd:a5:01:a6:db:
b9:36:ef:86
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURTzqxsUOTK6CNLLZKj7wkV/U110wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMjNaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyMTY1ODVmMTNkMTI3ZTQ4NzE2MTQxNThlMTdhYzMxYTU0M2JjYzU3MmNj
ODBjNWYyMGY1YWFjYzdkOTlkMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgNmnksOxe/7YQIZzSNImtfv1N9K7sd/rP2G/8M/kgG8Hzfe2jy6e4BjY9o
7OxZaK6o8ucdsDv09V8naLyBYg41ikTtwIKizxFpA1nNs73qOTIqzh/kf/7B9FMk
Rn2nntjM5yeInCQWPWzvtPpaZ60lz33DfQd3dGcltYi+7Ph1kWCBA0GXcFA96Rlt
Q0Ts6s20fe2UHlz2vBV7mO8ZkxBkQazRM/uDV7fIV0Kk6BjZR+VFj3Z1/sTDaimn
IEDYjPPlm6cBW6BpH8/hF4z3rMFF55d51EQJ2vSon26lfJiHOOzvKOUvc3e/vlC6
oBEdUUBVPoo9d895fNSbuVeTaFcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTcNuYy
kbWNCfu69pLGHUaIAe9qyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzAzYzJlNmEtYjZiOS00M2MwLTg2YmQtMWYxM2FkMWIxYWU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Guw
gDANBgkqhkiG9w0BAQsFAAOCAQEAWbOUsW3sLCeVwAqQoTwUV+biO7oJdLjF2/cL
vujnLWiYckuq49W/hUxy2smH0GnwVPef5HzOkLlM5NHnNYcI1FyUJA6MxE5ztll8
Xk6SolVCrta+xYBX++t001R0bGXuazn6rn68gc/U7XhVFeUId9nD62KNQBUkhsNA
qzf6Z/N7JD7xWENQG7rPIjbV6RKj+otxRlHHTejjXbBo976s8dlUSUEF0XYv62zn
r/TPuV5tw8bibu5Yq1CfxVAQjL27TnikMHuGIsJWkjF4zJ6UT26Pjlecgi/AZw7x
2htw1RysUcnyf2dd6PD9jQEKnQ3Gd0zi0nL1bv2lAabbuTbvhg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:51:25 2026 by rpki-client