Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b335fe6-f4fb-45b7-9424-51f574ab2742.roa
File: 0b335fe6-f4fb-45b7-9424-51f574ab2742.roa (raw, json)
Hash identifier: EWzstcIz8bG5nSiB8z8UoeEVUc4Eh6fG1Ys6P/HCe04=
Subject key identifier: FD:13:6C:E4:A8:52:E8:D3:A7:3A:8A:9A:AE:7D:2D:70:1F:D4:B4:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F4064FC71E60886BAE6059EB531865D5AF6F728
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b335fe6-f4fb-45b7-9424-51f574ab2742.roa
Signing time: Tue 24 Feb 2026 00:40:09 +0000
ROA not before: Tue 24 Feb 2026 00:40:09 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:40:64:fc:71:e6:08:86:ba:e6:05:9e:b5:31:86:5d:5a:f6:f7:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 00:40:09 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=aee5575f441b53236ff340850e438f97f35d37a40abfe7033c0194a03be10430, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:26:7e:b1:c3:90:13:c7:80:d7:c4:29:31:56:
73:f5:e5:65:a4:27:c9:cc:5c:b3:60:41:eb:3e:b9:
94:40:da:ee:38:11:b7:cf:98:9d:3f:24:d1:2f:0b:
d5:2a:f7:25:bb:32:1d:f8:f0:6a:3b:a6:03:ef:e9:
94:c1:94:42:68:5d:a8:91:c5:46:37:64:50:7e:db:
3c:ab:b5:7d:79:80:c2:5e:92:d9:3e:81:a9:7f:58:
5b:5f:a0:50:ac:af:5c:c1:34:6c:d3:f5:0b:79:06:
6f:af:41:cb:f1:8f:ed:3f:d7:ef:cf:78:96:70:3d:
38:74:8c:b6:64:8d:cb:3f:39:5e:f3:b8:81:82:f6:
38:58:25:5a:9e:b6:c2:f5:f9:3d:7f:d6:3c:9d:5d:
4f:5f:2d:d8:64:b7:f5:dd:94:e4:7c:cf:c1:d9:73:
aa:24:6d:2a:2d:f9:48:9c:20:9e:81:42:ef:9d:0b:
b2:6c:08:09:3a:35:da:78:e1:aa:96:09:37:33:fb:
99:47:2b:40:20:37:fc:8c:43:02:8f:5c:a7:38:75:
7c:67:2e:d0:dd:d3:9a:1c:ed:63:22:05:77:45:fc:
c2:7f:49:8f:2a:b3:7f:05:ff:56:d0:c3:e7:30:22:
86:b0:2a:c4:b9:98:82:fa:96:4c:b0:b8:da:4b:ce:
5c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:13:6C:E4:A8:52:E8:D3:A7:3A:8A:9A:AE:7D:2D:70:1F:D4:B4:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b335fe6-f4fb-45b7-9424-51f574ab2742.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:800::/48
Signature Algorithm: sha256WithRSAEncryption
89:51:2d:41:41:f0:81:a3:04:20:d7:e5:02:04:fc:13:01:6f:
6a:87:44:dc:1f:b0:63:d0:21:2e:79:64:54:1f:79:da:ac:66:
85:78:06:4a:59:6b:5c:2c:d0:b8:3a:5f:f2:df:3a:a6:40:7c:
ba:cd:aa:d5:23:ff:76:e7:3e:49:2c:e9:66:e4:bb:74:d6:75:
94:b5:9f:b3:04:b2:02:de:d3:ac:28:b9:31:cb:c7:78:96:c6:
5e:97:e9:d1:d8:38:8d:05:d9:ed:ad:b2:52:db:78:d2:44:96:
f2:f4:49:69:c5:1b:7e:1b:f6:90:28:91:4e:7b:9b:2a:2c:03:
5f:13:d1:4d:d2:d9:51:89:d2:af:ed:d8:57:59:ed:00:8f:32:
3d:10:39:f7:83:45:b5:57:6d:18:6a:81:9b:89:1b:80:69:bf:
df:c5:3f:12:3e:b6:cd:1a:bf:52:29:c1:75:17:ee:60:79:3b:
ab:a7:16:f7:c1:f7:24:33:76:fc:6c:be:38:56:0f:ea:be:5a:
73:ec:15:d5:37:5a:67:eb:49:c3:40:85:46:7d:93:6a:18:74:
4c:dd:fe:a4:05:73:61:9e:72:f3:5a:33:ac:fd:68:90:e6:49:
8d:7e:c3:d6:5d:1c:f1:e6:09:13:9e:d4:0b:5c:76:dd:ad:e6:
a4:20:04:4d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf0Bk/HHmCIa65gWetTGGXVr29ygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwMDQwMDlaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlZTU1NzVmNDQxYjUzMjM2ZmYzNDA4NTBlNDM4Zjk3ZjM1ZDM3YTQwYWJm
ZTcwMzNjMDE5NGEwM2JlMTA0MzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALImfrHDkBPHgNfEKTFWc/XlZaQnycxcs2BB6z65lEDa7jgRt8+YnT8k0S8L
1Sr3JbsyHfjwajumA+/plMGUQmhdqJHFRjdkUH7bPKu1fXmAwl6S2T6BqX9YW1+g
UKyvXME0bNP1C3kGb69By/GP7T/X7894lnA9OHSMtmSNyz85XvO4gYL2OFglWp62
wvX5PX/WPJ1dT18t2GS39d2U5HzPwdlzqiRtKi35SJwgnoFC750LsmwICTo12njh
qpYJNzP7mUcrQCA3/IxDAo9cpzh1fGcu0N3TmhztYyIFd0X8wn9JjyqzfwX/VtDD
5zAihrAqxLmYgvqWTLC42kvOXD8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT9E2zk
qFLo06c6ipqufS1wH9S04DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIzMzVmZTYtZjRmYi00NWI3LTk0MjQtNTFmNTc0YWIyNzQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GwI
ADANBgkqhkiG9w0BAQsFAAOCAQEAiVEtQUHwgaMEINflAgT8EwFvaodE3B+wY9Ah
LnlkVB952qxmhXgGSllrXCzQuDpf8t86pkB8us2q1SP/duc+SSzpZuS7dNZ1lLWf
swSyAt7TrCi5McvHeJbGXpfp0dg4jQXZ7a2yUtt40kSW8vRJacUbfhv2kCiRTnub
KiwDXxPRTdLZUYnSr+3YV1ntAI8yPRA594NFtVdtGGqBm4kbgGm/38U/Ej62zRq/
UinBdRfuYHk7q6cW98H3JDN2/Gy+OFYP6r5ac+wV1TdaZ+tJw0CFRn2Tahh0TN3+
pAVzYZ5y81ozrP1okOZJjX7D1l0c8eYJE57UC1x23a3mpCAETQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:53:18 2026 by rpki-client