Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db3937d1-a151-4cd6-afbc-f221dc0ed3d5.roa
File: db3937d1-a151-4cd6-afbc-f221dc0ed3d5.roa (raw, json)
Hash identifier: DK53q8b422uXM/StfbPmBZMcuPtEK1WM0XpiRUXQpqg=
Subject key identifier: 46:F3:B7:AE:40:85:F0:2C:73:B2:90:39:3C:9E:98:CA:E7:51:2D:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 445F1FB521A695227B792E77E14D4CF7D77BDEAD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db3937d1-a151-4cd6-afbc-f221dc0ed3d5.roa
Signing time: Fri 03 Apr 2026 02:40:24 +0000
ROA not before: Fri 03 Apr 2026 02:40:24 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:5f:1f:b5:21:a6:95:22:7b:79:2e:77:e1:4d:4c:f7:d7:7b:de:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:24 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=0cd5178b46c3f3fd2f1b9fe426c8f2780d28a97dc1fcbf174174f027805ce9a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7f:b2:20:26:be:73:02:82:56:3a:fd:c1:8a:
86:75:59:8e:3b:e8:6b:52:c5:22:a2:84:e3:dd:cd:
db:3a:a4:5f:42:bc:97:96:57:88:54:0a:5a:97:93:
da:95:17:41:70:1c:70:5c:24:ea:c6:26:c3:33:36:
6a:57:63:a9:0c:b6:c5:a5:0f:82:f6:6d:c5:16:83:
6a:40:0a:26:52:4b:bc:33:d2:e4:77:de:c0:8e:04:
96:d5:70:b2:1b:fa:bd:8d:2f:bd:84:78:4e:dd:5b:
3b:05:7d:ef:93:c7:74:5b:a0:3b:88:d9:78:7e:b1:
dd:7f:10:67:4e:29:b5:4c:04:1d:fc:ff:53:48:46:
36:6c:44:13:f2:a2:77:01:25:7e:6d:64:8b:75:78:
06:d8:19:62:1a:ab:1f:48:61:a3:df:75:14:5a:0e:
10:8c:b6:72:54:7e:ba:30:8c:1f:45:fe:84:15:e2:
b3:be:27:28:d9:57:a9:cf:e5:d6:27:36:0b:06:c7:
58:22:44:27:5b:c1:0d:2f:a9:b4:a4:ba:66:0a:69:
df:84:6f:03:62:2a:92:89:12:40:8f:80:42:b8:b2:
99:77:1b:f7:93:4c:ef:78:ec:0f:7f:40:92:ca:5b:
9d:7d:dc:d7:48:e9:88:cb:b8:58:32:80:b8:42:e1:
ac:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F3:B7:AE:40:85:F0:2C:73:B2:90:39:3C:9E:98:CA:E7:51:2D:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db3937d1-a151-4cd6-afbc-f221dc0ed3d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:880::/48
Signature Algorithm: sha256WithRSAEncryption
9c:37:f5:aa:7b:4e:80:e8:34:20:9c:fe:a9:ab:5a:b2:d3:49:
09:e0:c0:91:bc:f9:09:87:90:43:e7:df:c7:ed:7e:dd:7c:79:
43:a8:be:28:e3:00:7b:84:5e:ea:92:d8:3c:3d:f2:e5:8f:d6:
44:b8:82:67:80:3b:5e:62:92:06:34:46:48:03:84:64:60:a9:
d1:38:7c:91:2a:7e:9a:f8:3e:30:db:ee:7d:9c:b6:62:97:5e:
fb:be:b4:03:28:a2:b7:b1:16:65:76:8a:81:17:5c:15:d7:bf:
c8:c8:5f:9b:dd:d4:27:50:9d:d4:f4:df:22:69:4f:ef:a7:18:
52:67:40:4b:cc:20:ff:df:23:0b:ce:21:4a:43:c7:9b:51:4d:
6d:43:f3:18:7d:38:e4:d6:6f:7a:fa:b3:1e:00:01:ac:6f:0f:
9c:1e:a7:ba:8c:0c:98:f7:5b:11:4a:c7:33:eb:b5:7b:09:d6:
2e:bd:84:70:86:09:be:47:9d:67:7d:d1:78:68:9e:16:91:b6:
ff:96:81:44:63:e0:3a:39:93:6c:7d:2d:5a:ee:71:5a:8d:98:
89:3c:d4:f7:8b:a0:f0:d0:a3:c0:c8:bd:5c:ef:eb:31:91:35:
9e:25:12:d7:a3:b9:3e:0e:9c:f1:c7:42:23:cc:4c:ec:dd:e4:
82:b0:fd:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURF8ftSGmlSJ7eS534U1M99d73q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMjRaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjZDUxNzhiNDZjM2YzZmQyZjFiOWZlNDI2YzhmMjc4MGQyOGE5N2RjMWZj
YmYxNzQxNzRmMDI3ODA1Y2U5YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV/siAmvnMCglY6/cGKhnVZjjvoa1LFIqKE493N2zqkX0K8l5ZXiFQKWpeT
2pUXQXAccFwk6sYmwzM2aldjqQy2xaUPgvZtxRaDakAKJlJLvDPS5HfewI4EltVw
shv6vY0vvYR4Tt1bOwV975PHdFugO4jZeH6x3X8QZ04ptUwEHfz/U0hGNmxEE/Ki
dwElfm1ki3V4BtgZYhqrH0hho991FFoOEIy2clR+ujCMH0X+hBXis74nKNlXqc/l
1ic2CwbHWCJEJ1vBDS+ptKS6Zgpp34RvA2IqkokSQI+AQriymXcb95NM73jsD39A
kspbnX3c10jpiMu4WDKAuELhrL8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRG87eu
QIXwLHOykDk8npjK51Et1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIzOTM3ZDEtYTE1MS00Y2Q2LWFmYmMtZjIyMWRjMGVkM2Q1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GsI
gDANBgkqhkiG9w0BAQsFAAOCAQEAnDf1qntOgOg0IJz+qatastNJCeDAkbz5CYeQ
Q+ffx+1+3Xx5Q6i+KOMAe4Re6pLYPD3y5Y/WRLiCZ4A7XmKSBjRGSAOEZGCp0Th8
kSp+mvg+MNvufZy2Ypde+760Ayiit7EWZXaKgRdcFde/yMhfm93UJ1Cd1PTfImlP
76cYUmdAS8wg/98jC84hSkPHm1FNbUPzGH045NZvevqzHgABrG8PnB6nuowMmPdb
EUrHM+u1ewnWLr2EcIYJvkedZ33ReGieFpG2/5aBRGPgOjmTbH0tWu5xWo2YiTzU
94ug8NCjwMi9XO/rMZE1niUS16O5Pg6c8cdCI8xM7N3kgrD9wg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:56:12 2026 by rpki-client