Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
File: 0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa (raw, json)
Hash identifier: PDfuJfVBU1M+BNvBRaotVz+MsskW7y4kSSCsE0LxDkY=
Subject key identifier: FB:A9:CA:09:A6:E7:EC:83:D3:1C:8D:D5:76:6F:B8:A5:5F:61:61:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28514ADC10FD8CCBF741238638A11CE078497AC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
Signing time: Thu 26 Feb 2026 02:00:10 +0000
ROA not before: Thu 26 Feb 2026 02:00:10 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:51:4a:dc:10:fd:8c:cb:f7:41:23:86:38:a1:1c:e0:78:49:7a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:00:10 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=b8743ad11f3f954b2ac893b11622f86a049c059350a15b66a0faeacf37e65a64, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:13:06:4c:13:58:6b:03:22:42:76:24:b9:3d:
c9:aa:9a:7f:6f:7d:ec:b7:f7:36:28:44:da:97:d6:
7f:06:60:41:d4:5e:10:6d:94:87:39:39:16:80:e4:
5e:3c:44:ac:1f:9c:38:cb:38:94:42:a1:69:3e:2b:
d8:6e:fe:b6:b6:f6:d5:a5:09:f1:1c:e7:80:3f:c6:
95:ab:fd:36:23:6b:52:89:b2:f3:b0:47:b5:90:44:
87:fc:1e:8e:98:63:d2:4f:87:67:4a:3c:6b:c0:7f:
96:22:6c:4b:0c:32:8a:64:d8:97:bc:65:27:1d:1a:
41:cc:dc:2e:c9:6a:98:57:d2:50:4e:a6:2b:68:24:
4a:4c:e2:bc:0f:f4:d8:1d:04:8a:1f:0c:10:17:50:
52:34:8b:02:cb:32:c7:b4:7c:ab:ae:b1:8e:13:f1:
95:90:18:2b:cd:52:19:07:f3:ad:99:ba:2c:d5:c2:
0e:8f:e5:f6:6d:61:af:c6:65:e2:f4:57:c8:e3:52:
1f:be:22:30:35:cb:78:86:4b:db:d4:ab:28:1e:10:
7e:73:a3:68:95:a2:db:fd:62:c1:d2:90:87:db:59:
23:83:c7:27:4d:65:17:0f:d3:f2:7a:99:17:27:39:
26:fc:9f:a2:3a:ca:9d:1b:ed:de:f3:55:9d:0b:b8:
ab:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A9:CA:09:A6:E7:EC:83:D3:1C:8D:D5:76:6F:B8:A5:5F:61:61:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:800::/40
Signature Algorithm: sha256WithRSAEncryption
3c:d6:48:c8:b1:25:e6:9e:0f:0e:af:6c:4e:17:72:d3:2b:67:
37:49:c0:82:92:17:b7:33:c3:54:01:57:d1:af:50:5e:da:c2:
4b:86:2b:ca:1f:f4:57:9a:fe:40:65:4d:5b:47:29:3b:ca:9a:
c2:4b:bb:17:07:93:4d:b8:09:5f:34:f5:26:31:6d:a7:48:9f:
a9:c3:b9:eb:b3:c7:ac:32:3a:f1:f0:6b:b9:64:c9:cf:7f:3a:
c5:f1:3c:51:16:e3:88:ac:05:6b:7e:a4:4f:60:56:f1:4a:e2:
d9:5d:83:cf:45:b1:0e:08:b3:fc:db:b8:c0:c4:a3:26:02:56:
f3:cc:66:63:5e:ce:be:a0:1a:d0:0f:84:29:5b:43:4f:c8:0f:
82:c0:27:26:3d:ef:0a:71:42:81:17:fd:14:e9:60:b8:b2:10:
35:85:e0:89:0d:66:f9:ad:4a:96:dc:5e:5c:a3:63:a0:ff:89:
ed:b3:90:59:fc:e4:d9:18:0a:d8:14:30:a0:99:cb:23:ec:db:
ae:45:51:bf:0f:f7:51:71:de:dc:c4:49:09:ee:a3:50:5b:f5:
96:a4:9f:e7:3a:6d:32:17:6c:f8:6c:d7:f8:c3:2d:fb:1d:36:
b3:14:d1:05:71:53:5b:5f:69:d3:1a:1f:06:f2:ff:19:1c:95:
df:28:4a:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKFFK3BD9jMv3QSOGOKEc4HhJesQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjAwMTBaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4NzQzYWQxMWYzZjk1NGIyYWM4OTNiMTE2MjJmODZhMDQ5YzA1OTM1MGEx
NWI2NmEwZmFlYWNmMzdlNjVhNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4TBkwTWGsDIkJ2JLk9yaqaf2997Lf3NihE2pfWfwZgQdReEG2Uhzk5FoDk
XjxErB+cOMs4lEKhaT4r2G7+trb21aUJ8RzngD/Glav9NiNrUomy87BHtZBEh/we
jphj0k+HZ0o8a8B/liJsSwwyimTYl7xlJx0aQczcLslqmFfSUE6mK2gkSkzivA/0
2B0Eih8MEBdQUjSLAssyx7R8q66xjhPxlZAYK81SGQfzrZm6LNXCDo/l9m1hr8Zl
4vRXyONSH74iMDXLeIZL29SrKB4QfnOjaJWi2/1iwdKQh9tZI4PHJ01lFw/T8nqZ
Fyc5JvyfojrKnRvt3vNVnQu4q7MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT7qcoJ
pufsg9McjdV2b7ilX2FhwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGQ3Y2NlNDctMDY0ZS00YmEyLWFlYzUtMmFjYzJjYTA0YTU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4I
MA0GCSqGSIb3DQEBCwUAA4IBAQA81kjIsSXmng8Or2xOF3LTK2c3ScCCkhe3M8NU
AVfRr1Be2sJLhivKH/RXmv5AZU1bRyk7yprCS7sXB5NNuAlfNPUmMW2nSJ+pw7nr
s8esMjrx8Gu5ZMnPfzrF8TxRFuOIrAVrfqRPYFbxSuLZXYPPRbEOCLP827jAxKMm
AlbzzGZjXs6+oBrQD4QpW0NPyA+CwCcmPe8KcUKBF/0U6WC4shA1heCJDWb5rUqW
3F5co2Og/4nts5BZ/OTZGArYFDCgmcsj7NuuRVG/D/dRcd7cxEkJ7qNQW/WWpJ/n
Om0yF2z4bNf4wy37HTazFNEFcVNbX2nTGh8G8v8ZHJXfKErS
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:55 2026 by rpki-client