Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
File: 03f51c56-79aa-48ca-895c-790a431bbd73.roa (raw, json)
Hash identifier: wkOJb54aPg5eI7eHEjJyY5UFA4kPF9ONyAh+Zc4ktYk=
Subject key identifier: E0:8E:ED:07:45:0C:D6:42:62:11:5C:4F:EB:BF:2F:25:84:6E:DC:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D17083B2BDFAB68A9C895FB845C25CBFEC3B75D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
Signing time: Thu 26 Feb 2026 02:00:11 +0000
ROA not before: Thu 26 Feb 2026 02:00:11 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:17:08:3b:2b:df:ab:68:a9:c8:95:fb:84:5c:25:cb:fe:c3:b7:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:00:11 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=06acda86c984108af396baaf10222c850f1793ad82ecebd8da6ee00a9ed4f31b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ab:7a:c2:b2:14:bb:a2:b7:cf:0b:c4:80:cd:
40:c6:bc:89:c2:e0:53:4d:88:7f:47:8e:ab:89:5a:
8d:65:5c:9c:3d:b9:32:31:3b:11:28:18:c9:c8:95:
a4:63:67:11:22:d2:67:53:63:e6:b6:7b:23:06:67:
ca:0f:7d:2f:73:4c:98:ad:ae:ee:fe:c1:5f:07:4f:
25:f3:24:9e:d4:73:7b:a1:1d:02:19:56:e1:d5:8a:
28:b4:b3:08:1a:2c:2a:8e:c2:0c:90:26:06:4d:7a:
66:ba:f3:95:cc:d8:77:1d:7d:01:99:82:5e:80:60:
cf:86:c6:8b:c2:10:45:54:54:5b:53:3a:f4:1f:3b:
22:11:70:3d:e2:ba:11:7b:f9:7c:68:1f:e2:c7:d6:
8d:bc:d1:52:0d:c8:65:1c:d6:91:63:33:38:a8:f8:
de:df:32:29:a8:97:be:bf:99:03:8d:06:e9:6d:e3:
80:11:f3:0b:f0:2e:22:40:3e:9f:44:03:9c:0e:ea:
c8:f3:db:fc:7a:d6:64:c4:75:03:df:98:ec:50:55:
de:bf:e1:32:f6:38:35:66:28:ec:0d:33:d7:c3:8d:
27:cb:af:95:93:7c:7f:48:69:c2:e1:03:09:98:8c:
e5:9c:51:f2:ec:5e:e9:22:a5:05:5a:81:da:dd:78:
c7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8E:ED:07:45:0C:D6:42:62:11:5C:4F:EB:BF:2F:25:84:6E:DC:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:800::/40
Signature Algorithm: sha256WithRSAEncryption
82:61:8c:28:73:32:4e:3f:b7:8a:40:ab:eb:82:86:b3:fb:0b:
e8:1a:70:7d:48:10:5a:96:d2:cf:bc:7d:7e:0b:fa:58:4b:b9:
c9:c3:c8:73:24:5a:2b:cc:06:f1:fa:14:df:a0:22:da:53:b1:
62:e4:fd:f1:b4:ea:ba:ea:0e:6b:68:f8:44:6c:3c:ff:57:39:
de:a5:a6:35:71:4c:6b:e5:68:b1:1b:a7:ed:e4:f4:00:46:46:
9b:6f:aa:d6:e1:38:e5:29:05:2d:1d:d6:b7:f8:68:4d:c3:55:
6f:46:3e:93:e8:67:7b:d2:05:ef:ac:18:a1:03:d2:6e:e6:f7:
40:6c:f4:2e:99:1e:aa:d7:b0:dd:a8:32:53:f5:87:b8:c9:d2:
76:3f:4e:cf:48:00:10:23:20:5a:1e:06:f9:6a:45:6b:89:b6:
1a:e2:dd:00:ba:8d:09:0a:25:6d:9b:1d:55:3c:8d:09:05:10:
c9:b7:d4:79:ca:3d:5a:f4:10:b2:6e:ce:1c:26:d5:28:98:1d:
ed:92:25:f0:56:5a:73:c0:3b:ab:c4:aa:09:8b:3a:f1:3f:c6:
df:9d:86:01:b6:22:3f:d2:0f:d9:a9:18:52:5d:de:55:2f:c0:
f2:10:36:6f:db:a3:c0:11:67:3d:b6:7f:0c:2b:ff:a9:9f:e0:
a5:01:b5:1a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfRcIOyvfq2ipyJX7hFwly/7Dt10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjAwMTFaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2YWNkYTg2Yzk4NDEwOGFmMzk2YmFhZjEwMjIyYzg1MGYxNzkzYWQ4MmVj
ZWJkOGRhNmVlMDBhOWVkNGYzMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGresKyFLuit88LxIDNQMa8icLgU02If0eOq4lajWVcnD25MjE7ESgYyciV
pGNnESLSZ1Nj5rZ7IwZnyg99L3NMmK2u7v7BXwdPJfMkntRze6EdAhlW4dWKKLSz
CBosKo7CDJAmBk16ZrrzlczYdx19AZmCXoBgz4bGi8IQRVRUW1M69B87IhFwPeK6
EXv5fGgf4sfWjbzRUg3IZRzWkWMzOKj43t8yKaiXvr+ZA40G6W3jgBHzC/AuIkA+
n0QDnA7qyPPb/HrWZMR1A9+Y7FBV3r/hMvY4NWYo7A0z18ONJ8uvlZN8f0hpwuED
CZiM5ZxR8uxe6SKlBVqB2t14x1UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgju0H
RQzWQmIRXE/rvy8lhG7cvjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNmNTFjNTYtNzlhYS00OGNhLTg5NWMtNzkwYTQzMWJiZDczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUI
MA0GCSqGSIb3DQEBCwUAA4IBAQCCYYwoczJOP7eKQKvrgoaz+wvoGnB9SBBaltLP
vH1+C/pYS7nJw8hzJForzAbx+hTfoCLaU7Fi5P3xtOq66g5raPhEbDz/VznepaY1
cUxr5WixG6ft5PQARkabb6rW4TjlKQUtHda3+GhNw1VvRj6T6Gd70gXvrBihA9Ju
5vdAbPQumR6q17DdqDJT9Ye4ydJ2P07PSAAQIyBaHgb5akVribYa4t0Auo0JCiVt
mx1VPI0JBRDJt9R5yj1a9BCybs4cJtUomB3tkiXwVlpzwDurxKoJizrxP8bfnYYB
tiI/0g/ZqRhSXd5VL8DyEDZv26PAEWc9tn8MK/+pn+ClAbUa
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:12:45 2026 by rpki-client