Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03a11d7d-6d37-488c-8fe1-258c484d1682.roa
File: 03a11d7d-6d37-488c-8fe1-258c484d1682.roa (raw, json)
Hash identifier: N0hYenpv25NF0h8Xt4q4Izz+OaPQSRlCqpvEeL/tNhA=
Subject key identifier: BF:C7:CF:72:6C:10:85:F0:CB:EE:CC:CC:F0:0E:36:68:55:AE:77:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73AB52F049E6CDB0ABF540791888D21381036D1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03a11d7d-6d37-488c-8fe1-258c484d1682.roa
Signing time: Sat 28 Feb 2026 05:41:04 +0000
ROA not before: Sat 28 Feb 2026 05:41:04 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ab:52:f0:49:e6:cd:b0:ab:f5:40:79:18:88:d2:13:81:03:6d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:04 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=fd331b9859aff823f3f92e018be339bad5477a805d46db714d8e0b87299e9c67, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d2:13:b4:08:09:4a:2e:bf:80:93:53:fb:ee:
3f:6b:e9:19:e9:05:1e:b3:bf:3c:17:3a:c0:1e:96:
a2:8b:d1:75:00:24:8a:bc:97:8c:dc:30:c8:bf:4b:
a2:1d:7f:ea:bd:c8:5d:64:17:4b:61:61:e3:4d:c3:
81:3b:d3:6f:17:72:6b:ef:04:02:cf:c5:82:5c:20:
b9:ac:5e:2e:f9:0b:98:32:e3:12:ee:d5:f2:f9:61:
e2:3a:7b:13:9a:a0:e4:8f:a4:a5:0c:77:05:ef:03:
45:eb:b7:23:f2:49:96:fd:0f:11:8a:31:bf:15:da:
ea:ab:8c:aa:60:6b:ae:ec:7a:88:02:d5:54:a8:0e:
4d:15:90:08:a0:55:2a:18:03:74:25:34:db:e9:65:
1a:87:b1:62:23:4b:2b:e6:bb:51:28:12:f4:cb:39:
30:e8:ae:11:73:36:b7:a8:2d:84:ff:b4:58:42:b8:
6d:af:b7:70:a3:4a:73:96:c0:03:b8:7a:64:3e:9e:
01:3a:29:fc:11:ba:2a:46:1e:5a:7c:77:f2:b3:1d:
13:f6:31:fe:6a:de:a1:2d:ea:aa:75:5d:b3:83:1e:
b2:6b:3e:8d:4a:9a:04:33:c3:62:9e:19:eb:25:56:
2b:10:8e:3a:4e:26:db:2d:27:e0:ed:3c:f8:da:ef:
af:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C7:CF:72:6C:10:85:F0:CB:EE:CC:CC:F0:0E:36:68:55:AE:77:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03a11d7d-6d37-488c-8fe1-258c484d1682.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:b000::/40
Signature Algorithm: sha256WithRSAEncryption
8a:f6:a9:d8:fb:bf:25:9f:6d:3b:cb:eb:e4:6c:50:72:b9:92:
76:5e:0a:fb:18:2b:a2:e8:bb:c9:29:ea:ee:a9:07:9c:63:e8:
2e:d1:33:bc:3b:0b:c2:e6:06:7e:aa:d5:36:e9:09:b3:d6:20:
82:32:db:ae:2e:dd:a3:d8:87:07:da:05:fe:cb:7e:eb:67:1d:
2d:39:6e:de:a3:f9:dc:fc:af:9d:90:b0:57:2d:85:ac:d9:8a:
37:e2:9d:da:97:c6:11:a3:58:b1:14:e1:76:23:5c:9e:71:10:
62:53:89:a1:1a:9a:14:b5:dc:cb:40:cb:36:15:12:fa:19:78:
69:ab:23:46:98:57:36:4e:48:22:49:1c:55:58:61:21:ae:fe:
76:c3:38:cf:99:00:d9:d4:5b:85:7d:2d:34:c6:5a:77:77:47:
5f:db:b2:77:da:f4:f8:95:25:e0:1b:dd:46:36:86:f2:0c:20:
e6:60:13:3a:eb:b1:6a:35:14:ac:5b:2d:60:56:02:2d:ba:2c:
24:24:97:2a:70:76:80:3b:dd:b4:6f:34:ef:ac:6b:68:2d:cb:
3c:d0:13:12:27:d3:66:1f:46:63:23:a6:b2:7c:63:63:2a:79:
60:d4:93:1c:5d:e8:fe:2e:6d:01:3c:96:f5:9f:16:37:32:86:
d9:22:e7:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc6tS8EnmzbCr9UB5GIjSE4EDbR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMDRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMzMxYjk4NTlhZmY4MjNmM2Y5MmUwMThiZTMzOWJhZDU0NzdhODA1ZDQ2
ZGI3MTRkOGUwYjg3Mjk5ZTljNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDSE7QICUouv4CTU/vuP2vpGekFHrO/PBc6wB6WoovRdQAkiryXjNwwyL9L
oh1/6r3IXWQXS2Fh403DgTvTbxdya+8EAs/FglwguaxeLvkLmDLjEu7V8vlh4jp7
E5qg5I+kpQx3Be8DReu3I/JJlv0PEYoxvxXa6quMqmBrrux6iALVVKgOTRWQCKBV
KhgDdCU02+llGoexYiNLK+a7USgS9Ms5MOiuEXM2t6gthP+0WEK4ba+3cKNKc5bA
A7h6ZD6eATop/BG6KkYeWnx38rMdE/Yx/mreoS3qqnVds4Mesms+jUqaBDPDYp4Z
6yVWKxCOOk4m2y0n4O08+Nrvrz8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS/x89y
bBCF8MvuzMzwDjZoVa53QTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNhMTFkN2QtNmQzNy00ODhjLThmZTEtMjU4YzQ4NGQxNjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCw
MA0GCSqGSIb3DQEBCwUAA4IBAQCK9qnY+78ln207y+vkbFByuZJ2Xgr7GCui6LvJ
KeruqQecY+gu0TO8OwvC5gZ+qtU26Qmz1iCCMtuuLt2j2IcH2gX+y37rZx0tOW7e
o/nc/K+dkLBXLYWs2Yo34p3al8YRo1ixFOF2I1yecRBiU4mhGpoUtdzLQMs2FRL6
GXhpqyNGmFc2TkgiSRxVWGEhrv52wzjPmQDZ1FuFfS00xlp3d0df27J32vT4lSXg
G91GNobyDCDmYBM667FqNRSsWy1gVgItuiwkJJcqcHaAO920bzTvrGtoLcs80BMS
J9NmH0ZjI6ayfGNjKnlg1JMcXej+Lm0BPJb1nxY3MobZIudA
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:07 2026 by rpki-client