Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea64b1fc-e503-4319-938f-0942f418ac39.roa
File: ea64b1fc-e503-4319-938f-0942f418ac39.roa (raw, json)
Hash identifier: LSaTbV4QxeS1BKBoRom68irp9Gn4kMIPg0Ik0WtGDak=
Subject key identifier: E2:3D:B4:45:C2:4D:05:95:63:01:DA:72:15:11:83:2D:3C:A0:F3:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 405F559531F05024A45D9541DFC632E3497D1880
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea64b1fc-e503-4319-938f-0942f418ac39.roa
Signing time: Fri 03 Apr 2026 02:40:25 +0000
ROA not before: Fri 03 Apr 2026 02:40:25 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:5f:55:95:31:f0:50:24:a4:5d:95:41:df:c6:32:e3:49:7d:18:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:25 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=c75c33e1538ff6fbda3d3b5fcd8a3c34e3057a67a6d8644e08b838cff9b90005, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e4:ca:42:b4:cb:13:77:52:a7:17:66:cf:e9:
a5:d6:43:36:32:6e:0f:ce:a9:74:7d:d8:82:dd:35:
01:d8:86:20:79:ba:75:86:0e:39:70:8f:30:43:b8:
06:84:a2:a4:04:7a:c3:bb:7d:e7:78:20:e5:b9:f6:
13:be:1a:62:50:da:dd:7e:17:8e:5d:3c:6e:25:45:
60:46:a4:32:62:a2:85:26:12:82:f2:bb:78:1a:de:
a2:03:98:cc:00:17:40:b5:35:e6:3d:12:63:8e:77:
40:8e:91:5f:5a:18:75:4a:f4:21:1e:e6:98:f2:69:
d4:92:14:ef:b0:9f:71:ef:53:2e:e4:42:02:40:eb:
71:a3:80:84:73:d1:21:19:d1:f0:e5:8e:5a:8b:a0:
38:f6:82:b7:16:ee:b9:77:53:be:2a:e2:09:d9:4b:
7c:f7:4c:d3:64:00:d1:09:1a:64:2b:99:89:33:a1:
e8:3f:e3:b6:90:48:69:cd:35:c8:a7:22:ba:32:b1:
0a:21:ff:38:d9:2b:2b:29:98:15:df:b0:e1:d7:72:
64:e4:2e:a8:2f:cb:ce:71:b8:ba:5f:20:92:03:e3:
22:38:23:ec:93:d4:22:7b:5c:a3:d7:8f:e0:8c:32:
b5:a3:19:5e:76:69:2e:e5:e2:4f:4b:27:c9:3a:c2:
1d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3D:B4:45:C2:4D:05:95:63:01:DA:72:15:11:83:2D:3C:A0:F3:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea64b1fc-e503-4319-938f-0942f418ac39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:840::/48
Signature Algorithm: sha256WithRSAEncryption
a6:c9:be:50:f9:5d:50:6f:d2:78:5f:65:2f:d1:8a:c1:72:2b:
5c:ab:f4:51:66:34:23:91:ef:be:59:65:25:bb:af:84:ee:09:
84:e3:5d:a1:5f:01:2f:4c:f7:8c:a9:1c:19:f4:9b:e4:0c:50:
da:9a:4c:49:93:50:89:1c:ac:7d:07:49:42:30:3e:64:26:74:
86:8f:53:ea:77:1c:4c:71:da:04:1d:fe:2a:57:8d:e3:7e:01:
94:5e:98:40:63:78:17:53:9e:ef:a9:ee:0b:96:21:5d:e7:a6:
04:6f:79:47:9a:a5:0c:93:b0:5f:af:9a:72:ca:62:64:31:99:
9f:1c:46:52:55:60:a9:b7:96:d8:64:05:95:1f:20:91:fc:f9:
fd:8b:bc:35:68:f8:d9:a2:cd:eb:eb:a8:8b:ff:cc:d6:55:8a:
28:78:f4:3d:f1:7f:8c:59:a7:26:97:7f:d9:2c:c3:40:07:bf:
19:bc:59:40:49:b9:26:d0:3f:df:bc:7d:b9:bb:04:38:95:37:
71:87:f0:0a:68:d4:a5:d6:4c:0f:47:5c:25:cb:a9:c4:69:fd:
d1:09:70:b6:88:7a:20:3a:7c:c0:44:e4:2f:a6:df:cf:f7:c6:
44:cd:5d:39:59:ec:8b:9f:c4:fc:24:20:c7:7b:f9:14:2e:98:
9a:76:56:c5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQF9VlTHwUCSkXZVB38Yy40l9GIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMjVaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3NWMzM2UxNTM4ZmY2ZmJkYTNkM2I1ZmNkOGEzYzM0ZTMwNTdhNjdhNmQ4
NjQ0ZTA4YjgzOGNmZjliOTAwMDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrkykK0yxN3UqcXZs/ppdZDNjJuD86pdH3Ygt01AdiGIHm6dYYOOXCPMEO4
BoSipAR6w7t953gg5bn2E74aYlDa3X4Xjl08biVFYEakMmKihSYSgvK7eBreogOY
zAAXQLU15j0SY453QI6RX1oYdUr0IR7mmPJp1JIU77Cfce9TLuRCAkDrcaOAhHPR
IRnR8OWOWougOPaCtxbuuXdTviriCdlLfPdM02QA0QkaZCuZiTOh6D/jtpBIac01
yKciujKxCiH/ONkrKymYFd+w4ddyZOQuqC/LznG4ul8gkgPjIjgj7JPUIntco9eP
4IwytaMZXnZpLuXiT0snyTrCHX8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTiPbRF
wk0FlWMB2nIVEYMtPKDzuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWE2NGIxZmMtZTUwMy00MzE5LTkzOGYtMDk0MmY0MThhYzM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GsI
QDANBgkqhkiG9w0BAQsFAAOCAQEApsm+UPldUG/SeF9lL9GKwXIrXKv0UWY0I5Hv
vlllJbuvhO4JhONdoV8BL0z3jKkcGfSb5AxQ2ppMSZNQiRysfQdJQjA+ZCZ0ho9T
6nccTHHaBB3+KleN434BlF6YQGN4F1Oe76nuC5YhXeemBG95R5qlDJOwX6+acspi
ZDGZnxxGUlVgqbeW2GQFlR8gkfz5/Yu8NWj42aLN6+uoi//M1lWKKHj0PfF/jFmn
Jpd/2SzDQAe/GbxZQEm5JtA/37x9ubsEOJU3cYfwCmjUpdZMD0dcJcupxGn90Qlw
toh6IDp8wETkL6bfz/fGRM1dOVnsi5/E/CQgx3v5FC6YmnZWxQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:51:45 2026 by rpki-client