Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
File: 002c315b-3412-464e-b865-645f657f136d.roa (raw, json)
Hash identifier: PdK3aPv0WObRP5uiUg663CwXeXquQt0axsBYNRmlgTg=
Subject key identifier: E3:E0:BF:D8:BC:43:E6:6D:45:1B:69:A2:27:33:B4:37:68:94:35:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03B04D4F90D47017C51AE1B2543803AD9296799F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
Signing time: Fri 20 Feb 2026 01:40:11 +0000
ROA not before: Fri 20 Feb 2026 01:40:11 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:b0:4d:4f:90:d4:70:17:c5:1a:e1:b2:54:38:03:ad:92:96:79:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:40:11 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=296bc3deb662cda7635e55eb6414dba8869858638684e12b7705c5f7ab17f323, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e1:4c:22:bb:8a:68:5b:66:b0:a0:c1:d7:52:
22:85:e3:8f:3a:95:de:ea:1b:aa:38:24:c3:5b:11:
13:d2:96:66:b2:79:26:c9:02:9f:ec:06:13:ad:fc:
b6:16:56:a8:42:5a:22:51:96:8f:34:b0:89:04:99:
3e:1b:86:6e:0f:74:ea:db:e9:76:84:f5:5a:2c:51:
35:00:53:6e:11:8e:fc:fc:9f:dc:83:47:97:03:64:
4c:85:56:1b:81:55:eb:22:03:da:2b:d7:c9:de:4d:
c8:15:61:04:a9:4f:71:23:71:31:4d:08:d3:80:b2:
ae:b5:46:b6:2b:3c:27:e3:52:16:4f:4d:7a:42:47:
0f:e1:a7:de:b8:61:6c:d0:75:9b:43:b0:63:c0:67:
7c:06:70:6d:58:b2:55:36:ae:22:e6:63:f8:d1:01:
19:bb:64:78:91:8b:e6:d6:41:f3:71:19:af:54:45:
03:5f:6b:b9:37:d4:6f:7a:84:96:55:ac:84:14:2c:
de:da:b9:ca:c7:f9:89:61:b6:62:aa:83:0e:05:4d:
9e:bf:0b:06:b2:05:91:c3:80:8a:6e:79:aa:f3:6e:
6c:05:de:a4:35:5e:f1:ac:c8:93:da:90:0f:15:91:
ce:a7:fb:1c:60:b9:69:24:f6:17:de:2b:9d:f3:47:
48:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E0:BF:D8:BC:43:E6:6D:45:1B:69:A2:27:33:B4:37:68:94:35:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079::/32
Signature Algorithm: sha256WithRSAEncryption
96:6e:72:7c:bc:f9:3a:c7:c7:d7:59:90:a8:20:b5:f5:72:62:
76:cd:7c:89:05:7c:ef:4a:a4:f5:90:95:83:7e:a9:15:7d:11:
70:bb:27:f4:8c:5c:f7:5c:41:4f:f9:95:f4:17:ab:0e:41:c5:
b5:12:93:64:fc:c8:ae:8b:d0:09:80:17:71:e5:a5:1e:c9:7f:
d6:1b:b7:e5:fe:2e:a8:81:b3:d2:81:8b:69:a1:42:9d:1c:2b:
e0:8f:4a:49:af:d9:fb:e1:90:52:59:f9:7f:52:f1:4e:38:a1:
dc:0a:b4:e2:5b:3d:95:7d:f5:3a:4a:01:29:da:28:ec:23:69:
82:90:07:9e:52:3b:c5:bd:94:94:e6:bf:00:27:9d:34:c8:96:
45:96:b3:75:1d:d0:62:f4:09:b2:6a:61:ed:8e:e0:f7:eb:a4:
68:85:36:0a:65:0a:d5:cd:04:d4:42:5a:42:19:c6:0b:64:f5:
b1:41:fc:05:18:9e:21:ba:f7:74:d6:3c:c7:5f:02:f0:f5:a4:
f9:de:97:a2:17:84:55:c3:be:92:ce:1a:b9:d7:53:64:60:4c:
e7:bd:2f:02:6e:f9:be:e3:01:bf:f5:a6:af:66:37:d1:c2:89:
ef:b6:ba:d4:da:d6:ca:7e:fe:c5:fd:3d:a4:4b:f7:fd:8a:ba:
23:2c:b2:b7
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUA7BNT5DUcBfFGuGyVDgDrZKWeZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTQwMTFaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5NmJjM2RlYjY2MmNkYTc2MzVlNTVlYjY0MTRkYmE4ODY5ODU4NjM4Njg0
ZTEyYjc3MDVjNWY3YWIxN2YzMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPhTCK7imhbZrCgwddSIoXjjzqV3uobqjgkw1sRE9KWZrJ5JskCn+wGE638
thZWqEJaIlGWjzSwiQSZPhuGbg906tvpdoT1WixRNQBTbhGO/Pyf3INHlwNkTIVW
G4FV6yID2ivXyd5NyBVhBKlPcSNxMU0I04CyrrVGtis8J+NSFk9NekJHD+Gn3rhh
bNB1m0OwY8BnfAZwbViyVTauIuZj+NEBGbtkeJGL5tZB83EZr1RFA19ruTfUb3qE
llWshBQs3tq5ysf5iWG2YqqDDgVNnr8LBrIFkcOAim55qvNubAXepDVe8azIk9qQ
DxWRzqf7HGC5aST2F94rnfNHSAECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTj4L/Y
vEPmbUUbaaInM7Q3aJQ1czAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDAyYzMxNWItMzQxMi00NjRlLWI4NjUtNjQ1ZjY1N2YxMzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hkw
DQYJKoZIhvcNAQELBQADggEBAJZucny8+TrHx9dZkKggtfVyYnbNfIkFfO9KpPWQ
lYN+qRV9EXC7J/SMXPdcQU/5lfQXqw5BxbUSk2T8yK6L0AmAF3HlpR7Jf9Ybt+X+
LqiBs9KBi2mhQp0cK+CPSkmv2fvhkFJZ+X9S8U44odwKtOJbPZV99TpKASnaKOwj
aYKQB55SO8W9lJTmvwAnnTTIlkWWs3Ud0GL0CbJqYe2O4PfrpGiFNgplCtXNBNRC
WkIZxgtk9bFB/AUYniG693TWPMdfAvD1pPnel6IXhFXDvpLOGrnXU2RgTOe9LwJu
+b7jAb/1pq9mN9HCie+2utTa1sp+/sX9PaRL9/2KuiMssrc=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:58:28 2026 by rpki-client