Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: J7IwDAHlfx3RQta8nNiz9zxAskZrxruc/Cus7DdjxbU=
Subject key identifier: 8F:C7:93:BB:CC:8B:99:07:E2:18:3D:1B:45:2C:2C:FB:DB:5F:DF:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13908632AAE868565241E95D881BE1908E1A5B86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Sat 28 Feb 2026 06:30:12 +0000
ROA not before: Sat 28 Feb 2026 06:30:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:90:86:32:aa:e8:68:56:52:41:e9:5d:88:1b:e1:90:8e:1a:5b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:30:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=57781f3a11f5e2ab05da0c7c7366a2d9e910083331929c05d0ed96cd203f9411, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f9:3f:cb:c1:36:96:be:29:53:c2:a8:a5:67:
18:5a:71:15:9b:74:19:eb:da:b7:aa:ee:11:9e:70:
8c:b1:6b:c1:e3:5a:05:fc:ad:4b:de:c8:f6:6f:cc:
b1:f4:35:d4:83:7e:84:33:ef:ea:87:dc:d7:3a:67:
fc:15:5d:3e:79:77:27:18:7c:a4:df:2a:7c:42:a6:
ec:98:e9:b6:c4:33:e5:b9:63:da:cc:24:96:92:53:
9b:a9:23:9c:d1:1e:17:94:9c:62:12:e2:c2:fc:c7:
e1:de:d9:8e:ce:40:9f:97:42:05:87:5a:62:02:6d:
19:49:ab:c5:6c:dd:9f:3d:15:aa:21:2c:dc:36:3a:
c3:ac:fa:e9:61:33:bf:bd:d4:7f:ae:a2:62:f9:e7:
35:e9:62:a7:7b:c4:63:22:f8:cd:80:61:d9:3a:31:
ae:c9:19:d9:16:d3:a6:99:f2:1c:cc:d7:4b:2f:2a:
7b:5b:4c:e8:bb:ee:86:30:78:ce:52:52:c8:e5:59:
b2:cf:a0:15:0e:8d:84:23:35:97:13:d8:b8:9b:34:
1a:e1:06:d4:ca:ee:c7:a6:c5:45:c9:2d:a9:8b:52:
2c:3c:bf:16:24:d1:5c:ff:59:1c:64:3c:4a:06:c5:
fe:9a:f4:65:49:28:57:fb:ee:96:5c:18:b2:fd:d0:
f7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C7:93:BB:CC:8B:99:07:E2:18:3D:1B:45:2C:2C:FB:DB:5F:DF:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
6d:5d:95:32:f0:70:cb:ed:ac:47:ec:82:88:57:d1:3c:41:8f:
3e:7a:2e:cb:df:f8:f3:e8:d1:f1:39:e8:82:b1:94:bb:af:18:
c3:e7:f0:62:6d:75:ff:3d:d6:53:92:97:01:4d:f0:41:b8:3e:
43:fc:62:6a:21:5d:d5:0f:60:b3:f1:06:ec:0b:7e:2d:db:60:
0f:f3:f4:b7:27:24:66:7b:74:ae:13:b4:5c:77:c5:fd:79:67:
2e:ee:09:39:62:75:a0:0b:e4:aa:72:e1:af:62:68:00:40:1a:
0e:f3:67:1d:5f:66:e1:ce:11:c6:2f:e1:ce:d1:c6:27:ea:22:
28:5a:5b:b0:f8:3c:ef:ba:9c:02:c6:30:37:f1:59:6f:bb:f2:
72:8f:12:bb:e4:0a:b1:2a:da:f2:63:c2:5f:1a:10:d3:56:01:
f7:d4:6b:ed:0f:f1:b0:04:0b:39:19:e6:61:96:2f:f6:8d:78:
04:8c:c0:4b:41:ac:42:d9:f3:47:c7:fa:ea:d4:d6:05:6b:37:
c0:07:3e:c4:0b:9d:c5:9e:a5:f3:2e:25:d3:2e:40:66:d9:d4:
86:80:21:42:10:14:5c:d0:4d:cd:a6:c2:9f:11:a8:18:aa:90:
02:98:1a:0e:fb:bd:6a:6b:00:ad:e5:46:62:3d:af:78:e1:f9:
6a:1f:c6:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE5CGMqroaFZSQeldiBvhkI4aW4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjMwMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3NzgxZjNhMTFmNWUyYWIwNWRhMGM3YzczNjZhMmQ5ZTkxMDA4MzMzMTky
OWMwNWQwZWQ5NmNkMjAzZjk0MTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJT5P8vBNpa+KVPCqKVnGFpxFZt0Gevat6ruEZ5wjLFrweNaBfytS97I9m/M
sfQ11IN+hDPv6ofc1zpn/BVdPnl3Jxh8pN8qfEKm7JjptsQz5blj2swklpJTm6kj
nNEeF5ScYhLiwvzH4d7Zjs5An5dCBYdaYgJtGUmrxWzdnz0VqiEs3DY6w6z66WEz
v73Uf66iYvnnNelip3vEYyL4zYBh2ToxrskZ2RbTppnyHMzXSy8qe1tM6LvuhjB4
zlJSyOVZss+gFQ6NhCM1lxPYuJs0GuEG1Mrux6bFRcktqYtSLDy/FiTRXP9ZHGQ8
SgbF/pr0ZUkoV/vullwYsv3Q9y0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSPx5O7
zIuZB+IYPRtFLCz721/fqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQBtXZUy8HDL7axH7IKIV9E8QY8+ei7L3/jz6NHx
OeiCsZS7rxjD5/BibXX/PdZTkpcBTfBBuD5D/GJqIV3VD2Cz8QbsC34t22AP8/S3
JyRme3SuE7Rcd8X9eWcu7gk5YnWgC+SqcuGvYmgAQBoO82cdX2bhzhHGL+HO0cYn
6iIoWluw+DzvupwCxjA38Vlvu/JyjxK75AqxKtryY8JfGhDTVgH31GvtD/GwBAs5
GeZhli/2jXgEjMBLQaxC2fNHx/rq1NYFazfABz7EC53FnqXzLiXTLkBm2dSGgCFC
EBRc0E3NpsKfEagYqpACmBoO+71qawCt5UZiPa944flqH8ZN
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:51:12 2026 by rpki-client