Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47a5e300-1c0d-4b9c-a4f6-bb92ab1bcecf.roa
File: 47a5e300-1c0d-4b9c-a4f6-bb92ab1bcecf.roa (raw, json)
Hash identifier: QMlPxeExX0vwSqfTJeuxaS1oMnMu01hxQlhwJFIwGqY=
Subject key identifier: 5B:28:B0:2F:C1:4F:40:5D:1D:53:D5:7A:BD:F8:1B:51:87:74:40:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D6892FCCF79B3654DE47AB0A6DF2FD61D0616B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47a5e300-1c0d-4b9c-a4f6-bb92ab1bcecf.roa
Signing time: Mon 23 Mar 2026 21:08:04 +0000
ROA not before: Mon 23 Mar 2026 21:08:04 +0000
ROA not after: Sun 21 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:68:92:fc:cf:79:b3:65:4d:e4:7a:b0:a6:df:2f:d6:1d:06:16:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 23 21:08:04 2026 GMT
Not After : Jun 21 23:59:59 2026 GMT
Subject: serialNumber=e5c8f6b1d36a373b0e720f577a14082ff79e8b7dc030fbe1d4cd2ce3fff35cf5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d4:ae:93:21:f4:21:da:60:c1:87:a9:85:e8:
3c:db:5d:25:77:f9:07:b3:d7:89:c8:38:95:de:76:
6e:e3:0b:d8:ed:ba:c1:d9:8d:3d:1b:be:ba:45:cd:
30:5c:86:06:60:a5:02:75:b5:e6:43:3c:fe:8f:85:
75:02:34:a9:24:0a:f7:99:41:7e:fa:8d:8f:02:33:
ca:90:f0:72:fb:22:84:41:d3:56:41:e0:6b:90:c6:
d8:42:e3:c8:ad:c1:f3:14:d9:67:f7:16:84:d8:11:
0d:23:58:cf:8a:40:9d:24:cc:1e:3d:7d:c2:6d:0c:
14:c9:44:73:dd:7a:50:fc:a7:b3:8e:22:10:67:39:
25:8f:e6:14:0d:1f:ab:cc:fc:8a:cc:4f:54:d9:1c:
31:cb:9c:43:8c:8e:08:4e:ee:72:90:37:0a:00:11:
66:39:70:de:a3:3d:2f:db:ba:ac:ca:56:2a:90:40:
a2:2a:b3:15:88:a9:d9:40:87:8b:68:14:2b:28:bc:
e6:ed:80:2d:0d:bd:26:52:38:26:bb:a3:23:04:9d:
7a:82:24:7f:91:ad:69:a9:82:06:6d:d6:5e:a6:14:
28:85:b7:02:06:77:bc:d0:36:d6:77:81:72:ec:c9:
40:4a:24:e7:4e:ef:46:a0:24:db:2f:40:e7:80:6e:
b9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:28:B0:2F:C1:4F:40:5D:1D:53:D5:7A:BD:F8:1B:51:87:74:40:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47a5e300-1c0d-4b9c-a4f6-bb92ab1bcecf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028:8000::/36
Signature Algorithm: sha256WithRSAEncryption
bf:c7:b0:20:f2:b9:5e:2f:93:6e:f8:28:4a:f5:c3:05:f8:59:
0d:e7:ff:fb:8c:4e:11:64:e2:2c:e8:78:28:6b:03:39:ca:86:
e0:c4:61:11:61:97:35:5c:1f:be:7b:79:70:e2:c4:9b:02:40:
7b:21:7a:6a:26:77:65:43:94:91:f3:b9:5c:14:a9:36:33:65:
ea:1e:ab:e7:6b:ab:40:33:e2:f2:3b:27:b7:2a:66:c4:5e:b9:
37:92:b0:fc:28:5a:ba:21:9f:af:9b:c1:8b:0c:23:6f:3c:fe:
0f:14:e5:91:5c:d7:b3:9d:62:0b:a8:53:52:da:75:8d:cf:30:
49:b9:03:c8:68:2a:42:3d:6c:51:76:5e:ed:d8:a1:49:c1:e7:
bd:20:67:cf:41:d4:66:1a:13:a4:85:78:80:10:c0:9c:01:03:
9f:ff:58:40:18:02:c9:93:8e:84:22:4e:d4:70:76:76:e3:82:
76:23:7b:92:07:ea:a6:6e:65:b7:47:88:78:e0:3c:c0:27:4c:
d0:a2:e7:a7:1b:9b:a2:11:97:bd:d5:f9:43:34:fb:db:ba:36:
b8:02:6f:6c:6d:1d:c7:a5:bb:47:40:66:05:97:22:27:57:32:
f3:eb:22:b5:c4:c2:09:3a:90:13:09:a7:81:35:0c:c9:24:53:
cb:e9:32:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTWiS/M95s2VN5Hqwpt8v1h0GFrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMjMyMTA4MDRaFw0yNjA2MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1YzhmNmIxZDM2YTM3M2IwZTcyMGY1NzdhMTQwODJmZjc5ZThiN2RjMDMw
ZmJlMWQ0Y2QyY2UzZmZmMzVjZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjUrpMh9CHaYMGHqYXoPNtdJXf5B7PXicg4ld52buML2O26wdmNPRu+ukXN
MFyGBmClAnW15kM8/o+FdQI0qSQK95lBfvqNjwIzypDwcvsihEHTVkHga5DG2ELj
yK3B8xTZZ/cWhNgRDSNYz4pAnSTMHj19wm0MFMlEc916UPyns44iEGc5JY/mFA0f
q8z8isxPVNkcMcucQ4yOCE7ucpA3CgARZjlw3qM9L9u6rMpWKpBAoiqzFYip2UCH
i2gUKyi85u2ALQ29JlI4JrujIwSdeoIkf5GtaamCBm3WXqYUKIW3AgZ3vNA21neB
cuzJQEok507vRqAk2y9A54BuuR8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbKLAv
wU9AXR1T1Xq9+BtRh3RADTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDdhNWUzMDAtMWMwZC00YjljLWE0ZjYtYmI5MmFiMWJjZWNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CiA
MA0GCSqGSIb3DQEBCwUAA4IBAQC/x7Ag8rleL5Nu+ChK9cMF+FkN5//7jE4RZOIs
6HgoawM5yobgxGERYZc1XB++e3lw4sSbAkB7IXpqJndlQ5SR87lcFKk2M2XqHqvn
a6tAM+LyOye3KmbEXrk3krD8KFq6IZ+vm8GLDCNvPP4PFOWRXNeznWILqFNS2nWN
zzBJuQPIaCpCPWxRdl7t2KFJwee9IGfPQdRmGhOkhXiAEMCcAQOf/1hAGALJk46E
Ik7UcHZ244J2I3uSB+qmbmW3R4h44DzAJ0zQouenG5uiEZe91flDNPvbuja4Am9s
bR3HpbtHQGYFlyInVzLz6yK1xMIJOpATCaeBNQzJJFPL6TKp
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:12:14 2026 by rpki-client