Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b360e2c-382b-4420-8550-330a58e946ee.roa
File: 0b360e2c-382b-4420-8550-330a58e946ee.roa (raw, json)
Hash identifier: MfTtixNQKoM2oJ/zDtg/QJKAdsYdGHgrF2AzeiWan5Q=
Subject key identifier: F4:97:C4:D9:B3:52:05:6A:24:09:BC:14:F6:28:C5:2E:BA:A3:FA:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59980D145EC8D10CA5DC824A6792D29318E2C7A8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b360e2c-382b-4420-8550-330a58e946ee.roa
Signing time: Sat 28 Feb 2026 06:20:47 +0000
ROA not before: Sat 28 Feb 2026 06:20:47 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:98:0d:14:5e:c8:d1:0c:a5:dc:82:4a:67:92:d2:93:18:e2:c7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:47 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=ae71324ccd2ed75e049cd827a164817b8d19e57e89d91cf218bb986f9c220039, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6e:9d:e6:5b:9f:fd:76:27:5e:d0:25:46:d3:
de:5b:fe:f1:f4:0d:d4:0d:c1:dd:82:35:d1:23:bb:
62:e3:75:f3:cb:ef:36:a2:6b:cd:34:de:a8:9e:bb:
74:a5:66:01:fb:fc:b8:aa:00:07:b3:38:8d:85:89:
4a:0d:63:c8:21:f3:5e:ed:7d:bb:cc:27:73:28:c2:
7a:5a:f6:6a:5c:40:e7:19:6e:70:9e:b3:31:52:2d:
c3:81:4e:d1:17:e0:ea:f0:4d:f0:f3:32:d9:73:6c:
99:d4:30:28:09:00:81:af:e6:d0:76:da:04:ce:d3:
67:23:b2:ed:b5:74:dc:0f:1c:2f:09:d7:2d:de:28:
22:49:d3:c2:e2:99:78:4d:d4:da:b7:3d:61:22:2e:
a2:64:4d:61:5d:ea:e6:b4:26:f1:31:5d:90:b5:53:
38:4c:d2:1c:13:27:8d:16:2c:79:c6:2a:30:11:7d:
ea:87:05:54:8d:c5:f6:ee:3c:9b:45:2e:96:17:ac:
4a:e8:80:ec:fc:a7:0b:6d:9a:0e:0a:80:76:15:19:
a1:30:bb:dc:53:75:6a:2d:c5:61:95:96:cb:21:4e:
03:db:a9:56:69:c7:aa:ce:da:0c:44:ef:67:63:ba:
41:17:a7:71:d4:fc:2b:dd:8e:30:a6:3c:74:bd:b3:
ff:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:97:C4:D9:B3:52:05:6A:24:09:BC:14:F6:28:C5:2E:BA:A3:FA:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b360e2c-382b-4420-8550-330a58e946ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:6000::/40
Signature Algorithm: sha256WithRSAEncryption
4a:3e:b7:c1:45:7b:85:55:4a:5f:7a:1c:99:09:f5:d6:04:a1:
54:b9:a3:39:b0:76:f0:1a:81:47:20:fb:18:da:d0:45:3e:52:
c1:ef:98:ac:d4:d0:30:cc:55:db:0c:1e:be:f3:fa:a7:02:44:
b3:d0:79:80:63:63:9d:11:c7:a0:b3:b6:0f:db:37:f8:94:2d:
8c:49:33:e8:30:72:35:67:12:03:46:6f:46:31:6b:24:22:30:
ba:c4:df:f2:18:a2:ff:67:e3:da:75:03:0b:48:21:24:02:15:
da:fb:2e:66:2a:e5:a0:34:94:74:a8:b7:f4:aa:30:66:2e:c3:
8c:71:f3:23:5c:68:50:27:e1:53:3f:5b:70:1d:72:5c:0a:cd:
97:c2:66:6c:19:13:6a:f8:77:4c:7b:9d:ec:61:1c:93:2b:47:
87:05:d3:bc:e3:2e:ee:31:57:89:24:e3:7e:d0:08:d5:77:14:
f3:54:79:26:ff:8a:fb:cc:22:f0:01:ea:ac:79:78:a6:8b:3c:
17:b4:c5:20:3b:88:e1:7a:e3:27:31:21:97:9a:e8:98:9d:22:
a6:0b:90:29:e0:47:c2:50:46:53:b2:8a:b2:3c:a9:ec:ed:a8:
23:9c:e0:72:ac:84:fc:1c:2c:a5:ef:36:d3:7d:92:59:33:76:
83:8f:34:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWZgNFF7I0Qyl3IJKZ5LSkxjix6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwNDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlNzEzMjRjY2QyZWQ3NWUwNDljZDgyN2ExNjQ4MTdiOGQxOWU1N2U4OWQ5
MWNmMjE4YmI5ODZmOWMyMjAwMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZuneZbn/12J17QJUbT3lv+8fQN1A3B3YI10SO7YuN188vvNqJrzTTeqJ67
dKVmAfv8uKoAB7M4jYWJSg1jyCHzXu19u8wncyjCelr2alxA5xlucJ6zMVItw4FO
0Rfg6vBN8PMy2XNsmdQwKAkAga/m0HbaBM7TZyOy7bV03A8cLwnXLd4oIknTwuKZ
eE3U2rc9YSIuomRNYV3q5rQm8TFdkLVTOEzSHBMnjRYsecYqMBF96ocFVI3F9u48
m0UulhesSuiA7PynC22aDgqAdhUZoTC73FN1ai3FYZWWyyFOA9upVmnHqs7aDETv
Z2O6QRencdT8K92OMKY8dL2z/y0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0l8TZ
s1IFaiQJvBT2KMUuuqP6SDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIzNjBlMmMtMzgyYi00NDIwLTg1NTAtMzMwYTU4ZTk0NmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fhg
MA0GCSqGSIb3DQEBCwUAA4IBAQBKPrfBRXuFVUpfehyZCfXWBKFUuaM5sHbwGoFH
IPsY2tBFPlLB75is1NAwzFXbDB6+8/qnAkSz0HmAY2OdEcegs7YP2zf4lC2MSTPo
MHI1ZxIDRm9GMWskIjC6xN/yGKL/Z+PadQMLSCEkAhXa+y5mKuWgNJR0qLf0qjBm
LsOMcfMjXGhQJ+FTP1twHXJcCs2XwmZsGRNq+HdMe53sYRyTK0eHBdO84y7uMVeJ
JON+0AjVdxTzVHkm/4r7zCLwAeqseXimizwXtMUgO4jheuMnMSGXmuiYnSKmC5Ap
4EfCUEZTsoqyPKns7agjnOByrIT8HCyl7zbTfZJZM3aDjzSG
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:26 2026 by rpki-client