Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
File: 0f3fbd71-85b4-48a7-8479-e942c9578262.roa (raw, json)
Hash identifier: wKfcnHOfnfYmNbrnsGOwFHxUeWVfHlJYoFn8w6IeL/Y=
Subject key identifier: 28:FD:15:23:55:56:5D:1F:8E:D9:41:20:BE:50:8F:58:86:49:22:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24D0B3FEF1DFFA925682C08014811495A6133941
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
Signing time: Sat 28 Feb 2026 06:11:00 +0000
ROA not before: Sat 28 Feb 2026 06:11:00 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:d0:b3:fe:f1:df:fa:92:56:82:c0:80:14:81:14:95:a6:13:39:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:11:00 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=fe2db908e43b7efd215d74a7086a1b11b4dfa49df536c3603e334c1e54c46589, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:70:ea:85:8d:2c:ad:b2:5e:eb:b5:15:b6:4c:
0f:07:59:0f:af:b1:05:37:3b:87:6b:d9:97:ec:4d:
70:38:99:a3:fd:f0:66:96:b5:71:a2:13:58:9a:5d:
54:0a:61:d7:1c:11:b0:65:ca:5e:48:58:a0:97:54:
2f:39:42:83:3f:5a:4d:8a:3a:04:0e:32:e3:95:74:
ac:d9:77:6c:51:81:cc:5f:a9:75:e2:0e:d0:db:3d:
c2:91:40:c7:bb:dd:aa:65:ed:93:9b:c7:44:18:39:
d1:1a:3f:12:c5:77:3b:f5:25:70:75:9a:48:7a:3a:
8e:7b:b5:80:5f:81:66:9c:65:f5:e4:08:23:2c:18:
8c:8f:55:d6:ee:19:a5:10:2c:b2:1b:53:69:10:b5:
f8:26:92:47:53:11:86:7a:07:95:07:8b:76:5a:f7:
da:cb:69:c9:9e:a3:3c:4a:0c:a4:4b:b6:d7:ac:2c:
3a:f5:91:a4:61:cb:5e:20:1b:01:55:0f:e9:d2:36:
5a:9a:41:7b:61:6a:0d:e6:5e:a1:9e:3e:56:75:61:
ae:f2:e8:ba:7e:1e:f6:4f:c2:75:21:03:c0:da:43:
00:5f:87:26:d7:f5:e4:b3:8e:0a:77:e6:9c:54:1f:
33:81:f4:e8:62:d4:6d:78:fa:a5:7d:7f:4a:c3:9d:
24:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FD:15:23:55:56:5D:1F:8E:D9:41:20:BE:50:8F:58:86:49:22:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:e9:87:88:dd:d6:91:13:af:a7:06:e0:c5:8a:2e:f2:b9:7d:
87:b5:93:26:c6:8f:40:42:6c:03:e0:bc:09:68:c4:97:8d:5e:
5d:dc:13:85:32:05:aa:0b:10:48:6f:fd:8d:e4:15:e7:e6:7d:
6f:5d:a7:1c:69:5a:96:3b:8a:c8:1a:e6:c0:8e:64:2a:6a:78:
80:e9:65:00:27:68:23:05:c0:f1:5e:87:ee:e1:18:df:44:2a:
ec:f3:57:f7:f1:b6:c5:6e:90:ff:e9:d6:12:e1:89:62:a6:03:
08:13:9d:11:49:b7:46:fa:fb:29:8b:7a:b1:ee:00:4f:e0:1d:
c9:6d:35:e1:15:4a:10:f8:1a:25:7c:16:b1:e8:47:33:57:db:
8e:3e:de:68:bf:3a:f2:0e:7e:12:70:c0:f8:b0:33:83:6f:5a:
18:e7:b0:c4:aa:9d:eb:bc:d3:92:4d:bd:52:4f:f1:7b:1e:5c:
23:27:9a:c6:51:e9:63:a8:d7:46:1d:77:6c:10:a2:62:ad:7c:
a7:21:d0:7d:94:01:4d:ec:c1:dc:a7:a0:7b:4c:26:2f:dc:be:
0a:e4:19:6b:f6:bf:f5:0c:39:9e:bb:6a:b4:42:49:96:e5:f1:
f4:de:f8:95:ae:82:34:28:67:99:06:a1:dc:8b:17:73:73:9a:
ba:04:81:85
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJNCz/vHf+pJWgsCAFIEUlaYTOUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjExMDBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlMmRiOTA4ZTQzYjdlZmQyMTVkNzRhNzA4NmExYjExYjRkZmE0OWRmNTM2
YzM2MDNlMzM0YzFlNTRjNDY1ODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1w6oWNLK2yXuu1FbZMDwdZD6+xBTc7h2vZl+xNcDiZo/3wZpa1caITWJpd
VAph1xwRsGXKXkhYoJdULzlCgz9aTYo6BA4y45V0rNl3bFGBzF+pdeIO0Ns9wpFA
x7vdqmXtk5vHRBg50Ro/EsV3O/UlcHWaSHo6jnu1gF+BZpxl9eQIIywYjI9V1u4Z
pRAsshtTaRC1+CaSR1MRhnoHlQeLdlr32stpyZ6jPEoMpEu216wsOvWRpGHLXiAb
AVUP6dI2WppBe2FqDeZeoZ4+VnVhrvLoun4e9k/CdSEDwNpDAF+HJtf15LOOCnfm
nFQfM4H06GLUbXj6pX1/SsOdJFcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQo/RUj
VVZdH47ZQSC+UI9YhkkiRTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGYzZmJkNzEtODViNC00OGE3LTg0NzktZTk0MmM5NTc4MjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCg6YeI3daRE6+nBuDFii7yuX2HtZMmxo9AQmwD
4LwJaMSXjV5d3BOFMgWqCxBIb/2N5BXn5n1vXaccaVqWO4rIGubAjmQqaniA6WUA
J2gjBcDxXofu4RjfRCrs81f38bbFbpD/6dYS4YlipgMIE50RSbdG+vspi3qx7gBP
4B3JbTXhFUoQ+BolfBax6EczV9uOPt5ovzryDn4ScMD4sDODb1oY57DEqp3rvNOS
Tb1ST/F7HlwjJ5rGUeljqNdGHXdsEKJirXynIdB9lAFN7MHcp6B7TCYv3L4K5Blr
9r/1DDmeu2q0QkmW5fH03viVroI0KGeZBqHcixdzc5q6BIGF
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:13 2026 by rpki-client