Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c96bf604-3011-4557-9ec9-70093d8470a9.roa
File: c96bf604-3011-4557-9ec9-70093d8470a9.roa (raw, json)
Hash identifier: B2fJU9L9Y9/+9m9e9EXiBd3HQf4GLYfrQX9mvuL4gd4=
Subject key identifier: FB:B1:61:33:23:D1:20:AC:F5:35:4C:E3:2F:9A:18:C2:72:98:AE:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 531C2FC03B12401D9E9AB936CDBFC3FF5FD9FC04
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c96bf604-3011-4557-9ec9-70093d8470a9.roa
Signing time: Fri 03 Apr 2026 02:40:08 +0000
ROA not before: Fri 03 Apr 2026 02:40:08 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:1c:2f:c0:3b:12:40:1d:9e:9a:b9:36:cd:bf:c3:ff:5f:d9:fc:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:08 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=eb33ab365d16c5b39b968c0e28ad891f1d189d4b67894befe1f4fd33b7f8c29c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8c:89:49:63:03:b9:eb:aa:0c:eb:f6:00:97:
3a:2b:1a:61:60:fc:12:c3:6a:6c:f9:e0:5e:48:7e:
05:6e:a7:c1:c0:3c:c7:6d:ca:a5:71:14:11:36:99:
55:db:9d:db:ca:39:76:75:65:2b:63:dd:3f:ea:f4:
c1:3a:3b:96:c2:fa:8f:7c:73:54:e7:9c:62:0f:26:
20:c6:be:b0:b6:66:68:af:0e:90:f7:90:6e:70:15:
e8:ec:1c:97:bf:75:8b:28:de:80:4d:90:6b:83:eb:
f2:8e:d3:ba:ac:db:da:99:c1:e8:98:5f:5c:a3:16:
6c:4b:81:24:95:27:37:7d:7f:c7:4d:1d:4e:6e:9c:
f0:f4:c2:39:8d:cd:7c:06:05:a2:70:74:aa:2d:93:
9d:2a:73:f3:51:84:d8:6e:3c:ff:2f:e8:e8:be:3c:
72:7d:ae:b7:e1:b8:c7:32:72:70:cf:9a:03:5f:31:
dd:9e:27:4e:5e:78:fd:80:df:8a:66:2b:7d:df:e7:
30:34:c4:aa:0b:72:2b:6c:63:ba:c0:45:05:93:fa:
9b:8f:cf:03:34:f4:2d:d0:ad:84:61:b9:22:2f:3b:
13:f6:22:ae:61:50:ec:f0:aa:54:7c:a0:fa:c2:8c:
9c:91:44:71:d3:f6:27:d3:e1:2c:2d:dc:30:4f:fe:
04:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B1:61:33:23:D1:20:AC:F5:35:4C:E3:2F:9A:18:C2:72:98:AE:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c96bf604-3011-4557-9ec9-70093d8470a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:e000::/40
Signature Algorithm: sha256WithRSAEncryption
45:01:2f:b0:80:76:aa:1b:74:5f:70:73:b5:e2:1a:04:0a:ad:
87:e2:56:66:ca:6f:a8:34:38:99:98:d6:8d:08:bc:65:e8:59:
68:b5:36:aa:c5:d7:f7:5d:85:cf:a2:16:75:50:ad:89:83:61:
fe:b4:f2:c6:77:cb:14:e4:70:d1:8b:66:56:39:c9:1b:24:06:
66:8d:96:47:4f:d5:01:0b:c2:67:5f:34:63:3e:53:74:18:47:
d2:c0:bc:fe:e7:51:c6:13:e5:94:d8:91:17:d5:a6:b6:2f:55:
9c:31:4a:85:04:e0:56:04:a4:07:35:2c:f4:24:c6:11:05:23:
e1:79:7b:3d:e0:68:31:e7:a1:b2:b3:61:40:9c:75:19:ca:9e:
5b:04:a0:f5:bb:0d:80:1e:55:b5:fa:78:0c:45:6b:a1:56:27:
67:8c:75:d0:0a:12:9e:16:ad:4c:4c:85:aa:e8:ee:7a:4e:52:
e3:37:b2:73:6d:2c:ed:55:7c:ca:b6:04:56:3e:11:cf:ba:79:
bc:9a:84:c4:25:6d:2e:84:50:a6:5f:3a:00:fc:6a:2a:a5:95:
52:40:aa:00:3c:cc:55:19:e5:82:6c:5b:a0:a2:bb:93:6a:ba:
26:f6:56:38:ac:bf:7c:c6:2a:21:c9:95:55:c9:14:fa:c6:c1:
c1:84:9f:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUxwvwDsSQB2emrk2zb/D/1/Z/AQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMDhaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMzNhYjM2NWQxNmM1YjM5Yjk2OGMwZTI4YWQ4OTFmMWQxODlkNGI2Nzg5
NGJlZmUxZjRmZDMzYjdmOGMyOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeMiUljA7nrqgzr9gCXOisaYWD8EsNqbPngXkh+BW6nwcA8x23KpXEUETaZ
Vdud28o5dnVlK2PdP+r0wTo7lsL6j3xzVOecYg8mIMa+sLZmaK8OkPeQbnAV6Owc
l791iyjegE2Qa4Pr8o7Tuqzb2pnB6JhfXKMWbEuBJJUnN31/x00dTm6c8PTCOY3N
fAYFonB0qi2TnSpz81GE2G48/y/o6L48cn2ut+G4xzJycM+aA18x3Z4nTl54/YDf
imYrfd/nMDTEqgtyK2xjusBFBZP6m4/PAzT0LdCthGG5Ii87E/YirmFQ7PCqVHyg
+sKMnJFEcdP2J9PhLC3cME/+BFUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT7sWEz
I9EgrPU1TOMvmhjCcpiucTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzk2YmY2MDQtMzAxMS00NTU3LTllYzktNzAwOTNkODQ3MGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gvg
MA0GCSqGSIb3DQEBCwUAA4IBAQBFAS+wgHaqG3RfcHO14hoECq2H4lZmym+oNDiZ
mNaNCLxl6FlotTaqxdf3XYXPohZ1UK2Jg2H+tPLGd8sU5HDRi2ZWOckbJAZmjZZH
T9UBC8JnXzRjPlN0GEfSwLz+51HGE+WU2JEX1aa2L1WcMUqFBOBWBKQHNSz0JMYR
BSPheXs94Ggx56Gys2FAnHUZyp5bBKD1uw2AHlW1+ngMRWuhVidnjHXQChKeFq1M
TIWq6O56TlLjN7JzbSztVXzKtgRWPhHPunm8moTEJW0uhFCmXzoA/GoqpZVSQKoA
PMxVGeWCbFugoruTarom9lY4rL98xiohyZVVyRT6xsHBhJ8y
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:56:04 2026 by rpki-client