Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b50b516-b90a-4f69-ace2-8e904f240f1d.roa
File: 0b50b516-b90a-4f69-ace2-8e904f240f1d.roa (raw, json)
Hash identifier: ZKDh5CMLQPy5gBJQwWjO2ioeRMQtY81cA0lX+bxQeLE=
Subject key identifier: 61:45:3A:DD:77:41:D7:C6:6F:F7:3C:80:89:9F:9A:7D:DB:CA:13:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CBD3062016FF4C44EA5492BA06C7F426292786C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b50b516-b90a-4f69-ace2-8e904f240f1d.roa
Signing time: Sat 28 Feb 2026 05:20:59 +0000
ROA not before: Sat 28 Feb 2026 05:20:59 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:bd:30:62:01:6f:f4:c4:4e:a5:49:2b:a0:6c:7f:42:62:92:78:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:59 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=cfc199aa5497c27dc17a1f195a238fc53b43a0862b181b43514ac06d8eaa5571, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0f:e2:af:88:cb:aa:91:e0:70:67:6e:ef:3e:
2d:ec:fd:6b:1e:f2:66:d0:79:2a:3b:01:c4:ae:5a:
d3:89:b1:f4:79:e1:2c:b1:16:89:42:9b:4b:89:00:
4b:a1:67:e5:90:38:03:47:d3:86:8a:c3:8e:90:db:
0e:f4:53:ce:7d:2d:68:6d:4c:29:22:69:b2:c5:9c:
b7:ea:59:7a:c1:c9:ba:59:e7:2c:bd:3b:b9:4f:62:
cc:d7:2b:6d:93:e4:a9:18:4f:ec:48:c6:45:b9:d0:
fb:3c:92:b9:7d:bd:76:ee:25:ee:36:a1:39:bc:a6:
31:f8:fb:50:1f:63:f3:32:16:b9:c9:a9:7e:21:e6:
52:2c:9e:bc:a5:14:bd:bd:44:7c:b4:bf:dc:18:ad:
cc:a0:b0:b0:c6:67:4f:9e:f4:d2:10:fd:d7:2e:0b:
b4:3b:24:1e:ce:6a:bd:46:44:ed:ce:32:c5:46:ea:
ed:97:24:49:c8:2e:fa:a7:f8:ba:96:da:ae:cd:5f:
76:c9:93:8e:9c:3d:95:b8:98:2e:26:76:7a:fd:4d:
96:2a:12:d2:6d:78:c5:fb:58:0e:15:e1:85:92:de:
03:e3:c3:3d:14:ac:ee:94:f7:16:be:db:e5:e8:c6:
81:dc:73:42:b6:c9:a9:71:dd:40:21:8e:61:f3:af:
96:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:45:3A:DD:77:41:D7:C6:6F:F7:3C:80:89:9F:9A:7D:DB:CA:13:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b50b516-b90a-4f69-ace2-8e904f240f1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:c00::/38
Signature Algorithm: sha256WithRSAEncryption
22:41:64:f8:01:ad:27:c0:44:c3:de:b4:80:7a:cc:b7:4b:32:
e3:38:36:82:6e:d4:63:ee:e5:a3:98:91:10:ff:20:df:52:dc:
17:8d:99:bd:aa:18:24:ef:43:95:da:99:dc:73:3c:51:24:9a:
b3:88:76:06:05:43:b9:04:f5:f7:7d:ba:dc:a8:03:1b:dd:c7:
9c:0f:6d:1e:fb:d2:a2:8f:bd:f0:d5:79:52:93:77:30:4f:28:
37:2a:be:a7:95:c4:6b:46:b9:b0:70:9e:aa:93:48:e4:e5:f0:
fb:00:76:55:7f:37:f7:86:2e:7b:31:b8:ad:1b:83:ea:61:54:
dd:b1:40:33:c7:a1:b5:d4:51:8a:63:6e:67:cc:49:1d:20:bb:
5f:50:78:ab:20:a8:50:34:91:4e:b8:8a:24:97:c3:4e:aa:82:
c7:76:f4:a5:25:b8:a1:73:d4:cf:8e:54:28:fd:6b:27:88:cc:
0d:83:4f:f2:3a:37:36:2b:f2:11:81:25:3e:ba:ab:47:54:bc:
8b:ba:3a:b6:c6:b1:34:32:bc:d3:18:24:0f:21:6e:77:a5:09:
58:fb:13:72:49:b6:e8:d8:bc:ea:40:39:30:51:7f:03:d4:91:
c2:3d:6c:b0:a1:11:a0:7c:44:3f:8c:ef:ac:2d:d6:28:4c:b4:
f8:93:2b:97
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbL0wYgFv9MROpUkroGx/QmKSeGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNTlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmYzE5OWFhNTQ5N2MyN2RjMTdhMWYxOTVhMjM4ZmM1M2I0M2EwODYyYjE4
MWI0MzUxNGFjMDZkOGVhYTU1NzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8P4q+Iy6qR4HBnbu8+Lez9ax7yZtB5KjsBxK5a04mx9HnhLLEWiUKbS4kA
S6Fn5ZA4A0fThorDjpDbDvRTzn0taG1MKSJpssWct+pZesHJulnnLL07uU9izNcr
bZPkqRhP7EjGRbnQ+zySuX29du4l7jahObymMfj7UB9j8zIWucmpfiHmUiyevKUU
vb1EfLS/3BitzKCwsMZnT5700hD91y4LtDskHs5qvUZE7c4yxUbq7ZckScgu+qf4
upbars1fdsmTjpw9lbiYLiZ2ev1NlioS0m14xftYDhXhhZLeA+PDPRSs7pT3Fr7b
5ejGgdxzQrbJqXHdQCGOYfOvlncCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhRTrd
d0HXxm/3PICJn5p928oTRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGI1MGI1MTYtYjkwYS00ZjY5LWFjZTItOGU5MDRmMjQwZjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoM
MA0GCSqGSIb3DQEBCwUAA4IBAQAiQWT4Aa0nwETD3rSAesy3SzLjODaCbtRj7uWj
mJEQ/yDfUtwXjZm9qhgk70OV2pncczxRJJqziHYGBUO5BPX3fbrcqAMb3cecD20e
+9Kij73w1XlSk3cwTyg3Kr6nlcRrRrmwcJ6qk0jk5fD7AHZVfzf3hi57MbitG4Pq
YVTdsUAzx6G11FGKY25nzEkdILtfUHirIKhQNJFOuIokl8NOqoLHdvSlJbihc9TP
jlQo/WsniMwNg0/yOjc2K/IRgSU+uqtHVLyLujq2xrE0MrzTGCQPIW53pQlY+xNy
Sbbo2LzqQDkwUX8D1JHCPWywoRGgfEQ/jO+sLdYoTLT4kyuX
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:27 2026 by rpki-client