Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa
File: 03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa (raw, json)
Hash identifier: 9r6/a0j7i5glozOqCNLGb1NFYO5N2+DX0XktUxWuu6g=
Subject key identifier: 28:FE:8C:9F:C0:2A:62:B0:34:73:30:20:B8:30:83:D5:A9:78:6C:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 484D7DF73AB26424BC7BA54B03D0FAA2A3F04DD4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa
Signing time: Sat 28 Feb 2026 06:10:57 +0000
ROA not before: Sat 28 Feb 2026 06:10:57 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:4d:7d:f7:3a:b2:64:24:bc:7b:a5:4b:03:d0:fa:a2:a3:f0:4d:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:57 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=d67ae30ee2a20a040bfd48697c1f72e5a4ba6bf7cec355ac1afdb5401d4a9a05, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:86:03:ee:80:07:d8:74:b6:06:24:b1:0c:f7:
44:e2:20:9a:0b:67:1f:b2:b1:9e:9e:4d:4a:39:31:
d5:64:14:1d:90:d1:9a:ef:c4:46:7e:65:ef:ca:cf:
a3:69:38:71:da:e7:a1:62:0e:81:33:40:e0:95:a8:
b0:26:7c:16:6d:ae:90:88:59:e1:60:0f:51:05:80:
c8:cb:13:b4:2f:98:0e:9c:fb:1c:c1:b0:e1:22:d1:
0b:cf:fb:7d:31:aa:40:30:37:c3:fc:76:53:0d:19:
b1:b2:a8:c0:7f:42:15:0d:98:43:c1:9f:f7:8e:f0:
00:28:95:d8:3b:c6:b0:38:7c:6b:21:00:6c:d1:b2:
e7:25:98:1d:65:ee:3d:9d:30:4c:2c:8c:e3:9c:53:
4f:6f:f7:29:c7:4b:7b:86:6c:cf:d0:f2:b7:32:a2:
ef:f2:b4:da:31:b8:69:d0:5e:44:2f:ca:70:e5:b1:
13:ab:c6:44:8b:02:d6:3c:ba:47:26:78:81:c6:49:
e2:c0:ad:69:b8:3a:e8:f7:83:8d:cc:9a:91:ed:20:
41:08:0b:f3:ba:b4:d0:45:31:ca:fe:53:f1:f5:b7:
48:db:4d:8e:5a:fc:be:7a:86:51:b1:50:de:57:71:
a5:da:96:b3:d5:8d:2a:5a:e4:ab:bc:c7:0d:39:3e:
f8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FE:8C:9F:C0:2A:62:B0:34:73:30:20:B8:30:83:D5:A9:78:6C:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8040::/48
Signature Algorithm: sha256WithRSAEncryption
9d:b6:29:1a:14:07:ef:a9:88:de:d8:50:50:0c:90:62:95:b8:
ba:a5:92:64:5b:00:37:c5:79:4b:ee:fa:72:86:45:50:2f:4e:
2e:17:e0:df:6d:5d:91:f4:41:fd:3a:9b:48:81:48:6e:be:58:
02:ef:1d:8c:9c:0e:c9:99:27:8c:f6:91:35:dd:09:8c:b9:fa:
8c:97:ef:e2:99:5d:4a:2a:78:20:18:4f:8c:f4:17:1e:97:89:
69:59:83:de:be:b6:0d:b6:7b:50:91:1c:59:af:ed:17:4d:a9:
bc:38:3a:8d:a7:10:55:d4:7c:7c:ca:4e:e9:11:aa:89:87:68:
ac:07:78:63:07:f9:47:d9:83:c3:79:af:df:7d:f8:39:04:95:
6b:d4:26:5f:5c:0c:e9:0c:59:75:02:d0:b0:80:cb:94:b1:3c:
96:c1:a4:04:20:02:6d:41:5b:bc:9b:98:d6:19:db:ad:a3:2f:
e1:b4:a0:88:86:a1:25:18:54:9c:af:5e:0e:03:89:88:e8:b8:
4b:10:aa:ee:60:11:2e:d5:90:b9:ad:e6:c3:a1:af:34:e9:1f:
05:b8:ea:b2:1b:da:d5:2f:10:4d:b7:56:88:2c:a2:58:0b:a4:
34:10:f7:b9:f4:79:25:31:aa:71:29:7d:6e:6b:db:a4:1e:a4:
fb:e3:92:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSE199zqyZCS8e6VLA9D6oqPwTdQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNTdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2N2FlMzBlZTJhMjBhMDQwYmZkNDg2OTdjMWY3MmU1YTRiYTZiZjdjZWMz
NTVhYzFhZmRiNTQwMWQ0YTlhMDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2GA+6AB9h0tgYksQz3ROIgmgtnH7Kxnp5NSjkx1WQUHZDRmu/ERn5l78rP
o2k4cdrnoWIOgTNA4JWosCZ8Fm2ukIhZ4WAPUQWAyMsTtC+YDpz7HMGw4SLRC8/7
fTGqQDA3w/x2Uw0ZsbKowH9CFQ2YQ8Gf947wACiV2DvGsDh8ayEAbNGy5yWYHWXu
PZ0wTCyM45xTT2/3KcdLe4Zsz9DytzKi7/K02jG4adBeRC/KcOWxE6vGRIsC1jy6
RyZ4gcZJ4sCtabg66PeDjcyake0gQQgL87q00EUxyv5T8fW3SNtNjlr8vnqGUbFQ
3ldxpdqWs9WNKlrkq7zHDTk++M8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQo/oyf
wCpisDRzMCC4MIPVqXhsiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDM0MTZjZTUtMDQyYS00YjhiLTgxZGQtODE5YzVlMWNkZjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
QDANBgkqhkiG9w0BAQsFAAOCAQEAnbYpGhQH76mI3thQUAyQYpW4uqWSZFsAN8V5
S+76coZFUC9OLhfg321dkfRB/TqbSIFIbr5YAu8djJwOyZknjPaRNd0JjLn6jJfv
4pldSip4IBhPjPQXHpeJaVmD3r62DbZ7UJEcWa/tF02pvDg6jacQVdR8fMpO6RGq
iYdorAd4Ywf5R9mDw3mv3334OQSVa9QmX1wM6QxZdQLQsIDLlLE8lsGkBCACbUFb
vJuY1hnbraMv4bSgiIahJRhUnK9eDgOJiOi4SxCq7mARLtWQua3mw6GvNOkfBbjq
shva1S8QTbdWiCyiWAukNBD3ufR5JTGqcSl9bmvbpB6k++OSFA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:37:37 2026 by rpki-client