Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
File: 0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa (raw, json)
Hash identifier: Sxsllcb3ustlSC/hGE9JKSyDGsuNgBR2nr7m8ktAvW8=
Subject key identifier: D8:A0:69:C0:A0:74:CC:65:CF:06:15:4B:CE:03:EB:02:68:95:7C:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0245389284FD4643187962447EAF2369E82133B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
Signing time: Sat 28 Feb 2026 05:30:15 +0000
ROA not before: Sat 28 Feb 2026 05:30:15 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:45:38:92:84:fd:46:43:18:79:62:44:7e:af:23:69:e8:21:33:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:15 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=35bead3848a522afddbc0de976d1702cfa60c3c12cc333bcad6e873d09a8f495, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b0:e9:63:1e:fa:bd:ad:bd:b4:f5:53:9d:cc:
3a:e9:10:de:c1:0d:47:ce:2c:1a:81:91:e3:4c:81:
47:c0:71:ea:75:a2:2a:8f:d3:b3:06:bb:48:c4:72:
f6:95:fe:e8:c9:3c:f3:3e:7e:46:d3:b0:7f:ad:23:
9d:0a:a5:40:62:3a:09:0c:f5:c0:54:06:31:da:e5:
54:ea:29:98:1e:3a:c1:b1:5f:d9:5c:c1:59:c6:fe:
0f:6f:53:2c:24:3f:81:0f:85:e8:03:dc:ba:c7:39:
00:73:c6:77:ce:5d:6a:04:3e:19:ea:5f:76:35:79:
e1:1f:a9:f5:fe:7c:45:19:70:fa:e2:c6:b1:dc:5f:
ec:ba:2d:6e:cb:4d:c7:db:38:bb:a4:73:b2:4d:a6:
40:5b:d7:90:ea:69:05:e6:1d:1b:3a:97:17:22:6b:
3c:f6:b1:c5:87:b2:73:8f:d6:a5:e3:f5:95:1a:32:
72:54:5c:13:32:ce:9d:84:85:2f:fd:5f:13:da:34:
56:10:53:b9:13:14:04:64:b5:43:ce:d5:f2:43:c2:
22:cb:4c:b7:a4:83:4f:6a:53:37:91:a9:68:03:96:
ac:d7:f6:84:ae:85:4d:74:1f:ea:7e:9e:eb:f2:9e:
c2:49:0f:b1:74:81:31:bb:59:72:39:eb:2f:02:0b:
e8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A0:69:C0:A0:74:CC:65:CF:06:15:4B:CE:03:EB:02:68:95:7C:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
b9:f2:f0:fb:ca:ab:3f:1d:75:90:db:99:e4:dd:bc:fc:61:65:
14:d6:80:3d:98:e0:9d:d7:0d:75:8e:17:aa:ab:bb:a7:85:a3:
f7:1b:d3:b6:b8:6b:d5:9c:91:9d:79:0e:42:db:23:3a:a1:1d:
49:dd:7e:0a:95:2b:39:82:6b:16:46:04:6b:de:73:6f:ee:92:
47:c6:e2:7e:5a:11:19:32:0f:1c:e0:a2:80:32:b0:31:fd:69:
02:ae:5f:ac:d0:0c:3a:4d:e2:05:36:e1:b1:c8:00:bb:8c:f4:
93:c1:ec:3d:6e:51:d4:28:87:bf:40:ee:52:68:3c:df:60:e9:
10:0d:a6:77:00:27:e5:8e:e0:d9:d7:e3:60:54:b4:0a:55:c9:
73:ba:40:fe:20:f1:c1:6d:ea:2e:2b:47:b4:45:6d:5a:e0:5d:
10:86:9d:bc:d4:19:63:2a:4d:c0:96:5b:81:95:14:59:f4:68:
a5:39:f5:71:14:64:7d:ec:b3:e1:ee:ad:ac:af:73:50:da:b0:
c4:fc:c0:39:f8:eb:a8:74:63:62:0e:6f:b2:b6:41:f4:d3:73:
0c:00:95:b9:91:8c:4d:e5:67:9f:e1:16:85:6d:b9:45:a4:be:
99:c7:02:d5:8c:55:61:4e:60:67:a7:99:99:c0:7f:9b:40:3d:
9b:50:61:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAkU4koT9RkMYeWJEfq8jaeghM7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwMTVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1YmVhZDM4NDhhNTIyYWZkZGJjMGRlOTc2ZDE3MDJjZmE2MGMzYzEyY2Mz
MzNiY2FkNmU4NzNkMDlhOGY0OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqw6WMe+r2tvbT1U53MOukQ3sENR84sGoGR40yBR8Bx6nWiKo/Tswa7SMRy
9pX+6Mk88z5+RtOwf60jnQqlQGI6CQz1wFQGMdrlVOopmB46wbFf2VzBWcb+D29T
LCQ/gQ+F6APcusc5AHPGd85dagQ+GepfdjV54R+p9f58RRlw+uLGsdxf7LotbstN
x9s4u6Rzsk2mQFvXkOppBeYdGzqXFyJrPPaxxYeyc4/WpeP1lRoyclRcEzLOnYSF
L/1fE9o0VhBTuRMUBGS1Q87V8kPCIstMt6SDT2pTN5GpaAOWrNf2hK6FTXQf6n6e
6/KewkkPsXSBMbtZcjnrLwIL6M0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTYoGnA
oHTMZc8GFUvOA+sCaJV8xzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyZTMwOWUtZTlkNC00NTQ2LTg5NjktMmQ3YjRiOWQ1MTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAufLw+8qrPx11kNuZ5N28/GFlFNaAPZjgndcN
dY4Xqqu7p4Wj9xvTtrhr1ZyRnXkOQtsjOqEdSd1+CpUrOYJrFkYEa95zb+6SR8bi
floRGTIPHOCigDKwMf1pAq5frNAMOk3iBTbhscgAu4z0k8HsPW5R1CiHv0DuUmg8
32DpEA2mdwAn5Y7g2dfjYFS0ClXJc7pA/iDxwW3qLitHtEVtWuBdEIadvNQZYypN
wJZbgZUUWfRopTn1cRRkfeyz4e6trK9zUNqwxPzAOfjrqHRjYg5vsrZB9NNzDACV
uZGMTeVnn+EWhW25RaS+mccC1YxVYU5gZ6eZmcB/m0A9m1BhFg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:42:55 2026 by rpki-client