Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
File: 04a64076-9adb-4301-817c-2be1c1e1d57e.roa (raw, json)
Hash identifier: 1Zis50wfktaryjxEHD2iQkwq3wb5gyUuT92040mPkBM=
Subject key identifier: BB:4B:B4:F2:E1:D8:A1:35:FB:05:D7:96:66:93:23:18:92:1B:8E:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B235DDCE3BFE6D3902B232D8F4334771A9CFC6F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
Signing time: Thu 26 Feb 2026 02:10:07 +0000
ROA not before: Thu 26 Feb 2026 02:10:07 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:23:5d:dc:e3:bf:e6:d3:90:2b:23:2d:8f:43:34:77:1a:9c:fc:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:10:07 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=34b28216d0585e23dd8a19c3fe200f508e690a5cd84f7a0ed8c6014e997c2185, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c9:50:de:cd:01:0f:10:33:77:1a:3a:1b:1e:
d8:40:ce:1d:da:7a:3b:5c:85:7a:87:65:f2:f7:ba:
15:27:6d:cd:63:c1:c6:e5:bb:ba:cf:03:cd:8e:cb:
ea:f4:34:74:5f:37:93:c6:dc:52:7d:33:ff:57:8f:
95:02:81:07:ac:7e:3f:22:30:9c:b9:65:48:f2:e3:
17:1e:d5:bc:53:54:d5:96:d3:25:1d:c3:8c:2f:08:
37:8d:60:7a:dd:87:9b:d4:96:67:c5:63:f9:74:01:
07:e9:07:34:af:ed:27:5a:88:35:dd:44:57:bd:c5:
f7:61:f4:6d:24:08:0b:74:c3:13:9b:8e:60:a6:93:
f0:cd:54:d0:0f:62:19:fe:d3:40:6e:6c:c5:29:46:
92:93:b2:cf:0b:db:f0:09:38:f2:d2:c4:4b:f8:a6:
df:8f:ee:97:62:bc:5c:10:a0:e9:32:8e:9e:6e:36:
62:eb:9e:93:a2:51:6c:4f:1a:94:bd:e5:5e:31:d4:
aa:f1:4c:cb:fe:b9:d8:30:65:33:d3:93:02:32:ce:
c2:c5:05:96:96:f7:42:86:3a:af:a7:51:cf:52:73:
04:21:8a:d4:df:77:36:39:99:06:e8:a3:27:a1:4a:
b1:bb:8e:51:23:1e:7b:2f:93:13:5e:17:be:d8:26:
ec:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:4B:B4:F2:E1:D8:A1:35:FB:05:D7:96:66:93:23:18:92:1B:8E:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:800::/40
Signature Algorithm: sha256WithRSAEncryption
1c:4e:89:7c:73:c1:81:14:43:66:b7:9f:c3:96:5c:1b:db:8e:
6d:3e:e7:f9:06:3a:26:56:9e:2e:16:1d:20:fe:2d:17:7f:31:
2c:0d:16:a1:1d:46:52:cd:6f:8d:b3:92:9d:7a:3b:6f:81:c7:
93:96:07:40:48:d1:ef:35:c3:33:98:00:ab:21:bf:f1:0f:41:
6f:aa:48:d4:89:a2:fe:5f:48:12:99:8f:6d:69:1d:26:64:81:
2c:86:4a:7f:e1:ca:a0:80:a6:02:72:66:d0:f2:2c:7e:66:e5:
0b:6c:2e:c5:8f:b0:1f:36:a2:80:6a:56:99:d5:3f:89:7c:fb:
7a:1a:b6:a9:2e:97:1b:09:5d:f0:6e:d0:82:7d:95:ad:dd:53:
dd:7f:62:ac:59:10:22:0d:66:7a:8a:7f:54:36:e8:21:7e:19:
3f:52:61:6a:69:51:f3:44:b7:ac:8e:a1:f7:67:7b:44:78:da:
68:87:90:fb:07:af:c2:f5:bc:45:15:c6:f3:41:f6:ff:2e:e2:
3c:8e:78:fe:56:4b:e1:f0:fa:84:64:aa:b5:b0:4e:b9:c4:67:
11:99:e3:98:00:16:d8:4e:4c:e7:9f:ac:88:46:14:57:32:b8:
e9:b2:aa:ab:2e:2c:a9:73:7e:08:50:95:8a:47:01:0f:4d:ef:
2d:47:24:a5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCyNd3OO/5tOQKyMtj0M0dxqc/G8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjEwMDdaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0YjI4MjE2ZDA1ODVlMjNkZDhhMTljM2ZlMjAwZjUwOGU2OTBhNWNkODRm
N2EwZWQ4YzYwMTRlOTk3YzIxODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvJUN7NAQ8QM3caOhse2EDOHdp6O1yFeodl8ve6FSdtzWPBxuW7us8DzY7L
6vQ0dF83k8bcUn0z/1ePlQKBB6x+PyIwnLllSPLjFx7VvFNU1ZbTJR3DjC8IN41g
et2Hm9SWZ8Vj+XQBB+kHNK/tJ1qINd1EV73F92H0bSQIC3TDE5uOYKaT8M1U0A9i
Gf7TQG5sxSlGkpOyzwvb8Ak48tLES/im34/ul2K8XBCg6TKOnm42Yuuek6JRbE8a
lL3lXjHUqvFMy/652DBlM9OTAjLOwsUFlpb3QoY6r6dRz1JzBCGK1N93NjmZBuij
J6FKsbuOUSMeey+TE14Xvtgm7HcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7S7Ty
4dihNfsF15ZmkyMYkhuOJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNjQwNzYtOWFkYi00MzAxLTgxN2MtMmJlMWMxZTFkNTdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEI
MA0GCSqGSIb3DQEBCwUAA4IBAQAcTol8c8GBFENmt5/Dllwb245tPuf5BjomVp4u
Fh0g/i0XfzEsDRahHUZSzW+Ns5KdejtvgceTlgdASNHvNcMzmACrIb/xD0FvqkjU
iaL+X0gSmY9taR0mZIEshkp/4cqggKYCcmbQ8ix+ZuULbC7Fj7AfNqKAalaZ1T+J
fPt6GrapLpcbCV3wbtCCfZWt3VPdf2KsWRAiDWZ6in9UNughfhk/UmFqaVHzRLes
jqH3Z3tEeNpoh5D7B6/C9bxFFcbzQfb/LuI8jnj+Vkvh8PqEZKq1sE65xGcRmeOY
ABbYTkznn6yIRhRXMrjpsqqrLiypc34IUJWKRwEPTe8tRySl
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:39 2026 by rpki-client