Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e1141acd-31e0-44c6-b6b1-afa7dcf10a77.roa
File: e1141acd-31e0-44c6-b6b1-afa7dcf10a77.roa (raw, json)
Hash identifier: sF7fAss6kpePJ+QvpjXGO3MzFX1g8QU/v1cI3un/VsY=
Subject key identifier: 91:60:52:DE:CF:2F:8B:A9:55:52:06:6D:56:D1:0F:20:C2:71:32:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12F1399E70090D5C6B8A20548CEB6F74D97D0B26
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e1141acd-31e0-44c6-b6b1-afa7dcf10a77.roa
Signing time: Fri 03 Apr 2026 02:40:35 +0000
ROA not before: Fri 03 Apr 2026 02:40:35 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:f1:39:9e:70:09:0d:5c:6b:8a:20:54:8c:eb:6f:74:d9:7d:0b:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:35 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=b919593a328693df14d0650f0914c6f2906ac36ccc86c612af195ee901698f06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bd:0c:8b:61:57:dc:d9:53:31:68:73:69:32:
9b:b6:b7:40:20:80:5c:23:1c:f6:f7:e0:3c:a2:97:
82:b1:bf:c2:88:2d:24:c4:8e:7e:0b:de:bb:68:15:
b6:f9:77:50:42:74:3e:1f:18:ac:8e:27:14:63:4c:
10:53:87:1e:68:84:e6:06:ba:24:d3:f3:14:1b:19:
dd:05:35:d6:06:1f:f7:c1:4f:df:d1:28:c8:71:ba:
50:b6:eb:0d:16:6e:3c:6e:e5:01:6f:7b:09:ec:05:
d1:de:f7:85:fa:08:1a:74:74:ad:47:78:c4:68:d9:
f0:1f:5d:2b:db:b3:91:cb:30:be:24:9c:25:ae:e6:
1f:e5:08:d7:e8:8b:a0:d1:01:df:04:ac:a9:3f:39:
84:34:b0:88:b5:54:40:d2:74:9c:7e:01:ad:38:25:
d3:aa:da:30:73:c1:81:4d:51:ae:6f:fc:93:80:62:
78:ac:7c:70:14:55:42:b5:09:4e:8d:ae:42:af:32:
71:a3:dd:25:0c:0c:45:87:80:08:94:1a:c4:e4:01:
53:eb:41:49:8f:85:0c:8d:63:ce:07:38:d4:bd:eb:
ac:9d:e1:f2:9c:fc:5f:6e:74:23:76:c4:bb:c5:4a:
60:06:1a:fe:62:7b:b2:fb:b4:82:e6:83:4c:8d:d8:
d0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:60:52:DE:CF:2F:8B:A9:55:52:06:6D:56:D1:0F:20:C2:71:32:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e1141acd-31e0-44c6-b6b1-afa7dcf10a77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
26:f6:bc:eb:0d:49:1c:df:ed:a7:05:f6:2d:7b:87:01:cc:3c:
76:4f:d1:5d:39:4b:8b:b9:57:1c:50:6d:e8:e2:e0:a6:87:78:
ff:77:d0:6c:50:d8:25:95:f4:36:bc:f3:26:9e:57:1d:0e:da:
fa:58:d2:e1:c7:76:be:e1:a8:e4:26:c9:2d:72:8d:5a:42:3f:
00:17:d3:a5:2a:66:f8:ff:a7:1e:95:b5:60:21:dd:33:e4:bf:
6a:d0:0a:0c:59:34:89:1f:4d:05:c1:e6:c4:db:7a:45:8d:15:
82:96:3e:b4:4c:42:ff:cb:78:0b:66:5f:03:ce:70:51:9d:71:
57:65:37:d4:7d:67:7e:b1:72:03:bf:0d:5c:78:e9:d1:5a:ed:
76:93:dd:9e:09:dd:c3:eb:22:31:77:3f:31:db:cf:dd:39:be:
8b:6d:ba:af:88:e3:2b:b4:23:79:4b:e1:be:7c:d5:69:94:a0:
93:d0:44:2e:09:48:77:de:2d:7b:8d:8d:8a:10:c5:97:f0:84:
9e:a9:8a:74:fa:b9:25:38:06:8c:34:18:e9:ca:c3:ad:0b:46:
8d:df:48:0c:31:40:51:d8:75:8a:44:13:05:60:57:f0:b1:27:
1d:1b:29:3f:64:b7:f6:be:14:93:88:8c:08:ef:e1:80:3c:4f:
51:3b:99:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEvE5nnAJDVxriiBUjOtvdNl9CyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMzVaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MTk1OTNhMzI4NjkzZGYxNGQwNjUwZjA5MTRjNmYyOTA2YWMzNmNjYzg2
YzYxMmFmMTk1ZWU5MDE2OThmMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALe9DIthV9zZUzFoc2kym7a3QCCAXCMc9vfgPKKXgrG/wogtJMSOfgveu2gV
tvl3UEJ0Ph8YrI4nFGNMEFOHHmiE5ga6JNPzFBsZ3QU11gYf98FP39EoyHG6ULbr
DRZuPG7lAW97CewF0d73hfoIGnR0rUd4xGjZ8B9dK9uzkcswviScJa7mH+UI1+iL
oNEB3wSsqT85hDSwiLVUQNJ0nH4BrTgl06raMHPBgU1Rrm/8k4BieKx8cBRVQrUJ
To2uQq8ycaPdJQwMRYeACJQaxOQBU+tBSY+FDI1jzgc41L3rrJ3h8pz8X250I3bE
u8VKYAYa/mJ7svu0guaDTI3Y0I8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSRYFLe
zy+LqVVSBm1W0Q8gwnEyYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTExNDFhY2QtMzFlMC00NGM2LWI2YjEtYWZhN2RjZjEwYTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gsg
MA0GCSqGSIb3DQEBCwUAA4IBAQAm9rzrDUkc3+2nBfYte4cBzDx2T9FdOUuLuVcc
UG3o4uCmh3j/d9BsUNgllfQ2vPMmnlcdDtr6WNLhx3a+4ajkJsktco1aQj8AF9Ol
Kmb4/6celbVgId0z5L9q0AoMWTSJH00FwebE23pFjRWClj60TEL/y3gLZl8DznBR
nXFXZTfUfWd+sXIDvw1ceOnRWu12k92eCd3D6yIxdz8x28/dOb6LbbqviOMrtCN5
S+G+fNVplKCT0EQuCUh33i17jY2KEMWX8ISeqYp0+rklOAaMNBjpysOtC0aN30gM
MUBR2HWKRBMFYFfwsScdGyk/ZLf2vhSTiIwI7+GAPE9RO5kT
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:47:40 2026 by rpki-client