Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
File: 0cadec3e-a35e-4321-b172-825de7a521d7.roa (raw, json)
Hash identifier: raxGOmvhqiXnJcfI24aGxzUwOUCUsXIh+PtHvz3TzUY=
Subject key identifier: 17:D7:C0:42:17:FB:17:3D:9F:3D:82:AB:93:9A:8A:22:E1:77:74:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F30131E53DDD0A9BAB5F04917A14E29B540C2A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
Signing time: Sat 28 Feb 2026 05:30:09 +0000
ROA not before: Sat 28 Feb 2026 05:30:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:30:13:1e:53:dd:d0:a9:ba:b5:f0:49:17:a1:4e:29:b5:40:c2:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=9ef4905f5dca154a874b6b43140ed3230aad7b60b1f156c7fcdacda0b37cd86d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:65:3a:a8:e0:ba:9e:d3:fb:90:07:40:9f:94:
ee:1e:0f:60:11:a3:3f:ad:db:5c:5b:6e:68:85:4e:
54:7b:87:19:ac:99:07:dc:ca:8a:a5:ec:21:f1:e9:
f3:5f:75:80:e7:16:6f:e9:3b:29:93:92:b2:9f:7d:
53:9e:6e:94:f1:d9:30:0f:21:77:80:28:ec:fb:be:
06:1d:54:6a:ca:a9:7e:0b:e6:90:c4:b9:e8:65:7b:
83:da:57:e1:88:be:26:d4:36:e4:70:1f:ae:83:e8:
8c:f6:79:a4:b6:75:0e:19:5b:31:17:fe:b2:88:92:
fa:15:14:94:34:cf:20:2a:17:4a:9d:f5:00:9f:44:
ac:80:50:e9:59:ac:78:60:eb:9a:d3:30:11:5f:66:
fb:e1:05:27:27:ac:68:93:d3:70:db:05:af:62:fe:
fc:32:94:e2:d9:ea:c4:11:39:35:dc:78:90:6a:fe:
6f:02:c1:9b:c4:1b:c0:6e:9b:f3:28:33:c5:71:e5:
37:6c:df:e8:ca:98:d3:cc:61:42:52:f4:bc:1e:ff:
21:a7:6a:cc:a5:0d:a9:9a:d0:73:64:34:35:c8:3a:
2f:7c:b5:b3:44:d9:8b:f4:b5:df:fb:d3:59:27:72:
e7:de:26:48:c9:b5:df:06:12:f0:b5:0d:9f:7d:e9:
e2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D7:C0:42:17:FB:17:3D:9F:3D:82:AB:93:9A:8A:22:E1:77:74:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
27:63:bf:b4:17:60:b8:c6:31:90:dd:ae:77:fc:f4:d8:f2:6a:
12:39:ae:39:3f:a2:41:07:22:f3:06:aa:f7:79:18:ed:14:f9:
47:45:a1:8f:d9:19:7f:de:10:1e:49:22:a4:53:83:73:71:c1:
2b:b2:48:25:41:6c:3a:b5:e7:60:94:87:88:01:ea:5f:24:b1:
30:d7:c7:35:20:31:d2:10:97:2b:f6:66:11:ac:62:22:05:25:
a9:ae:44:d6:f2:98:f1:3d:63:6c:81:ee:27:32:0e:ba:5d:09:
71:9c:28:c0:a2:51:59:9d:25:4f:57:31:c0:69:78:c5:02:21:
ad:65:9f:a5:2c:88:2b:7c:e9:ab:ce:cb:28:b1:6b:18:3e:38:
a7:d3:0c:27:1e:57:5a:fd:75:c0:cf:03:cd:bd:b8:e5:e7:6b:
30:c2:ec:b5:de:9d:80:aa:41:e8:21:39:69:3f:a4:1c:6c:b9:
00:eb:c0:5a:e3:55:f0:a4:6d:df:08:a8:de:f5:6f:2e:2f:78:
8d:df:7e:55:1b:27:1a:88:c5:b0:1d:95:4a:d2:49:9a:55:b0:
2c:61:dc:d0:14:5e:c5:06:d8:6f:8f:07:57:21:b6:36:4e:8a:
f8:6d:31:9c:8b:b2:6b:4f:96:5f:87:f6:7f:3e:9c:e4:bc:f0:
f0:77:23:30
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXzATHlPd0Km6tfBJF6FOKbVAwqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDllZjQ5MDVmNWRjYTE1NGE4NzRiNmI0MzE0MGVkMzIzMGFhZDdiNjBiMWYx
NTZjN2ZjZGFjZGEwYjM3Y2Q4NmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBlOqjgup7T+5AHQJ+U7h4PYBGjP63bXFtuaIVOVHuHGayZB9zKiqXsIfHp
8191gOcWb+k7KZOSsp99U55ulPHZMA8hd4Ao7Pu+Bh1UasqpfgvmkMS56GV7g9pX
4Yi+JtQ25HAfroPojPZ5pLZ1DhlbMRf+soiS+hUUlDTPICoXSp31AJ9ErIBQ6Vms
eGDrmtMwEV9m++EFJyesaJPTcNsFr2L+/DKU4tnqxBE5Ndx4kGr+bwLBm8QbwG6b
8ygzxXHlN2zf6MqY08xhQlL0vB7/IadqzKUNqZrQc2Q0Ncg6L3y1s0TZi/S13/vT
WSdy594mSMm13wYS8LUNn33p4vcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQX18BC
F/sXPZ89gquTmooi4Xd0nDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhZGVjM2UtYTM1ZS00MzIxLWIxNzItODI1ZGU3YTUyMWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAJ2O/tBdguMYxkN2ud/z02PJqEjmuOT+iQQci
8waq93kY7RT5R0Whj9kZf94QHkkipFODc3HBK7JIJUFsOrXnYJSHiAHqXySxMNfH
NSAx0hCXK/ZmEaxiIgUlqa5E1vKY8T1jbIHuJzIOul0JcZwowKJRWZ0lT1cxwGl4
xQIhrWWfpSyIK3zpq87LKLFrGD44p9MMJx5XWv11wM8Dzb245edrMMLstd6dgKpB
6CE5aT+kHGy5AOvAWuNV8KRt3wio3vVvLi94jd9+VRsnGojFsB2VStJJmlWwLGHc
0BRexQbYb48HVyG2Nk6K+G0xnIuya0+WX4f2fz6c5Lzw8HcjMA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:38 2026 by rpki-client