Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
File: 05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa (raw, json)
Hash identifier: kJAcwvWwwriH3+b5ZpRJVDXg4Oxctln7xxxOcOA23kw=
Subject key identifier: BC:D0:62:3B:A7:84:2E:FB:EB:D9:E4:5C:A1:BB:D8:EE:58:1C:E5:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24071847CB66BCB2810392D5BB496C32346FEC9B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
Signing time: Sat 28 Feb 2026 06:21:23 +0000
ROA not before: Sat 28 Feb 2026 06:21:23 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8050::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:07:18:47:cb:66:bc:b2:81:03:92:d5:bb:49:6c:32:34:6f:ec:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:23 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2fc9bdd5a4ef27f26ea8fe663528986e65749076d11d70bc91d2cee29d8caded, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3b:7f:8b:fe:42:e3:ae:f7:fe:76:41:db:c5:
61:4d:90:29:36:96:06:4f:7c:41:b1:37:5f:80:39:
32:b7:19:a4:d9:dd:d1:54:47:7b:6e:40:fe:2c:6e:
1d:46:7d:5d:45:52:63:03:d7:c1:75:25:33:01:92:
55:68:1a:01:23:46:00:74:8d:f1:54:52:63:ef:4e:
48:be:30:5e:7a:5d:7b:71:50:d5:b5:82:31:31:cb:
c2:00:73:98:b0:53:0b:68:f2:37:ab:95:c3:b0:59:
4a:bc:3d:91:28:c3:31:24:28:cc:f4:13:d7:d7:5e:
4d:3e:d4:77:8f:86:17:69:ba:91:db:99:9e:c4:8f:
f0:00:1b:ec:53:20:8a:14:c6:e8:7b:fe:00:10:9f:
ca:6d:8c:d8:a4:71:ee:f1:b3:96:1d:05:a9:56:80:
18:d4:2c:ba:a2:24:16:b8:96:17:a7:ca:39:2b:87:
61:df:b1:ee:66:c5:66:ba:4d:91:fb:29:38:5b:7b:
76:7a:00:66:2f:a1:f3:b9:88:87:27:45:47:56:6f:
f3:90:52:68:96:5d:4b:21:8a:1d:2c:b2:78:ed:52:
ed:b2:eb:d5:1c:8d:7e:ab:5b:08:c0:b1:09:e9:bd:
37:b7:9d:59:17:a7:0f:00:e3:6d:c8:fc:f4:1d:8f:
b2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D0:62:3B:A7:84:2E:FB:EB:D9:E4:5C:A1:BB:D8:EE:58:1C:E5:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8050::/48
Signature Algorithm: sha256WithRSAEncryption
1a:cb:f9:75:24:e7:c5:4d:9b:a3:28:86:b1:9e:60:96:72:b4:
e2:91:89:d8:0e:36:07:31:b9:25:a7:7e:c8:63:fd:d9:85:9b:
a7:94:50:e8:4c:fd:ad:f5:bb:11:96:0b:a9:14:1c:bc:57:32:
7c:d7:b8:e2:1b:a0:ed:7c:56:14:5b:4e:5f:aa:1e:dc:68:21:
a8:bb:63:94:1d:6c:3a:60:e7:88:5e:03:1e:83:60:6f:5d:90:
d2:27:cf:05:8f:f5:2d:41:33:06:f0:5a:48:c8:92:6e:b9:c1:
6e:3f:e9:38:12:5c:fb:67:6a:c8:a3:79:41:66:ec:f6:79:9a:
8b:98:01:23:65:1f:8a:a0:53:64:53:dc:b4:1d:bb:a9:c0:cf:
ec:81:94:5e:d9:44:19:56:fd:e8:9b:13:43:bc:30:6c:2d:d3:
43:d5:91:92:6c:10:5a:36:6f:37:e6:d3:9e:6f:bf:b8:68:d4:
64:0b:be:31:9a:c2:50:39:59:6c:60:ea:b6:f0:cc:c3:b0:9f:
b6:46:47:07:26:37:ff:3f:9b:a1:48:3a:d7:d7:f1:9a:94:ad:
03:f7:e1:2a:0f:32:da:03:39:ff:0c:62:c3:b8:56:3c:c9:31:
d9:10:d6:ec:2f:08:7a:f3:13:d6:66:79:7c:7e:8b:eb:1d:18:
e5:60:78:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJAcYR8tmvLKBA5LVu0lsMjRv7JswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMjNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmYzliZGQ1YTRlZjI3ZjI2ZWE4ZmU2NjM1Mjg5ODZlNjU3NDkwNzZkMTFk
NzBiYzkxZDJjZWUyOWQ4Y2FkZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKg7f4v+QuOu9/52QdvFYU2QKTaWBk98QbE3X4A5MrcZpNnd0VRHe25A/ixu
HUZ9XUVSYwPXwXUlMwGSVWgaASNGAHSN8VRSY+9OSL4wXnpde3FQ1bWCMTHLwgBz
mLBTC2jyN6uVw7BZSrw9kSjDMSQozPQT19deTT7Ud4+GF2m6kduZnsSP8AAb7FMg
ihTG6Hv+ABCfym2M2KRx7vGzlh0FqVaAGNQsuqIkFriWF6fKOSuHYd+x7mbFZrpN
kfspOFt7dnoAZi+h87mIhydFR1Zv85BSaJZdSyGKHSyyeO1S7bLr1RyNfqtbCMCx
Cem9N7edWRenDwDjbcj89B2PsnECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS80GI7
p4Qu++vZ5Fyhu9juWBzl/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDVmN2FiM2YtY2I3My00OWE2LWFhZGEtNDQwYmY0ZGJmM2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
UDANBgkqhkiG9w0BAQsFAAOCAQEAGsv5dSTnxU2boyiGsZ5glnK04pGJ2A42BzG5
Jad+yGP92YWbp5RQ6Ez9rfW7EZYLqRQcvFcyfNe44hug7XxWFFtOX6oe3GghqLtj
lB1sOmDniF4DHoNgb12Q0ifPBY/1LUEzBvBaSMiSbrnBbj/pOBJc+2dqyKN5QWbs
9nmai5gBI2UfiqBTZFPctB27qcDP7IGUXtlEGVb96JsTQ7wwbC3TQ9WRkmwQWjZv
N+bTnm+/uGjUZAu+MZrCUDlZbGDqtvDMw7CftkZHByY3/z+boUg619fxmpStA/fh
Kg8y2gM5/wxiw7hWPMkx2RDW7C8IevMT1mZ5fH6L6x0Y5WB4DQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:01:00 2026 by rpki-client