Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
File: 0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa (raw, json)
Hash identifier: hVyPR1c5SWlGFofJPIXhPUm9/tAO9aAoHpPFM3hbGM0=
Subject key identifier: 89:E5:DE:8C:8B:6E:34:7F:65:E8:68:99:54:F0:61:0B:A6:6E:48:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B7FAC5607EB5F7D098F290DD09CB84CB00BED14
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
Signing time: Sun 01 Mar 2026 00:00:37 +0000
ROA not before: Sun 01 Mar 2026 00:00:37 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:7f:ac:56:07:eb:5f:7d:09:8f:29:0d:d0:9c:b8:4c:b0:0b:ed:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 1 00:00:37 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=8d11e29df6fcfd475c5043d3b3f3f549ad07aadaa65745841673fa0c3cfc00db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:97:80:08:0e:c5:67:c1:c4:74:a1:01:a7:ef:
bc:fd:1c:38:e8:6d:51:8e:e2:ac:69:4c:c5:39:ea:
4b:4a:10:ea:8c:8e:48:12:ef:48:99:8b:af:50:a7:
6c:e5:77:af:36:38:6c:00:5a:a7:48:cf:b0:f4:de:
35:8f:b4:eb:a9:0a:62:b7:17:8e:f8:8c:2f:01:29:
b5:4a:2a:26:4c:fb:ea:15:1a:a5:5b:97:c7:91:42:
26:31:d9:e6:66:ff:fb:2c:b8:10:69:98:12:35:a0:
71:8f:dd:fe:38:17:d0:53:7e:34:c8:bf:fa:b7:d0:
cd:fd:ab:01:6f:6c:14:84:7f:ad:c9:e4:06:b2:a8:
85:fd:c2:97:f0:aa:c9:dd:9b:f2:e8:60:5b:2a:c0:
f9:96:b2:24:ba:a3:f4:d0:fd:12:33:a0:d7:53:ec:
27:bb:1c:92:98:b6:74:40:3e:7a:29:f0:51:3a:5c:
85:3d:1e:d7:57:2e:c4:99:69:bc:1c:65:c4:9b:60:
c7:f0:1c:fe:9a:5e:f8:3f:5c:10:47:ce:2b:e6:eb:
25:59:78:f0:93:1e:65:60:18:42:e4:52:3b:87:f6:
0a:ad:45:32:74:e4:13:9c:73:1e:20:65:98:0c:ae:
96:11:11:ae:c1:39:76:1b:cc:45:ab:23:06:d9:3f:
53:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E5:DE:8C:8B:6E:34:7F:65:E8:68:99:54:F0:61:0B:A6:6E:48:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1400::/38
Signature Algorithm: sha256WithRSAEncryption
a3:b9:b1:69:09:23:13:38:ab:9a:48:34:ee:78:31:73:9b:ae:
29:b7:ee:cc:0f:7a:c0:77:c0:c8:53:e0:1d:f9:95:81:57:ab:
cc:99:f0:78:fd:34:62:c4:1f:cd:75:49:03:a5:d1:75:33:b9:
b4:04:3d:21:a2:40:76:59:6d:b3:89:7b:cb:9c:2b:f9:80:0e:
a2:dc:b2:1e:b5:a8:4c:e7:78:39:38:26:88:a4:86:e1:20:9f:
f5:3a:cf:6e:8e:22:c9:b0:e3:e5:74:68:55:d3:de:24:5e:68:
dd:89:d7:08:49:93:c5:fb:e5:16:d1:47:5b:a9:89:ce:e5:13:
3b:0f:31:9d:c1:55:d7:26:4e:88:ec:6a:ca:dc:47:38:2b:2e:
fa:b0:28:e3:c1:70:b8:96:3e:d8:25:d7:84:ff:e3:f0:ab:f8:
b2:9e:e9:23:43:9a:23:ca:9f:44:cd:18:4a:5c:31:a4:16:3a:
1e:6e:51:8f:55:35:52:6b:02:22:e2:e8:6e:0c:5b:ba:a6:b6:
68:15:0c:01:e1:fe:ea:74:1f:a7:27:88:e4:d3:dd:65:87:20:
a8:66:6e:5c:70:d3:0a:d0:51:ac:a8:ca:b3:32:70:c2:6e:b0:
10:77:b9:7c:17:e7:cc:31:12:3b:87:69:d6:27:81:ad:26:39:
d5:39:d3:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK3+sVgfrX30JjykN0Jy4TLAL7RQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMDEwMDAwMzdaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkMTFlMjlkZjZmY2ZkNDc1YzUwNDNkM2IzZjNmNTQ5YWQwN2FhZGFhNjU3
NDU4NDE2NzNmYTBjM2NmYzAwZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKXgAgOxWfBxHShAafvvP0cOOhtUY7irGlMxTnqS0oQ6oyOSBLvSJmLr1Cn
bOV3rzY4bABap0jPsPTeNY+066kKYrcXjviMLwEptUoqJkz76hUapVuXx5FCJjHZ
5mb/+yy4EGmYEjWgcY/d/jgX0FN+NMi/+rfQzf2rAW9sFIR/rcnkBrKohf3Cl/Cq
yd2b8uhgWyrA+ZayJLqj9ND9EjOg11PsJ7sckpi2dEA+einwUTpchT0e11cuxJlp
vBxlxJtgx/Ac/ppe+D9cEEfOK+brJVl48JMeZWAYQuRSO4f2Cq1FMnTkE5xzHiBl
mAyulhERrsE5dhvMRasjBtk/U90CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJ5d6M
i240f2XoaJlU8GELpm5IwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZlMjc5Y2YtYjU1Zi00ZDk2LTk5NTgtZWMzZWNkNjRiMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQU
MA0GCSqGSIb3DQEBCwUAA4IBAQCjubFpCSMTOKuaSDTueDFzm64pt+7MD3rAd8DI
U+Ad+ZWBV6vMmfB4/TRixB/NdUkDpdF1M7m0BD0hokB2WW2ziXvLnCv5gA6i3LIe
tahM53g5OCaIpIbhIJ/1Os9ujiLJsOPldGhV094kXmjdidcISZPF++UW0UdbqYnO
5RM7DzGdwVXXJk6I7GrK3Ec4Ky76sCjjwXC4lj7YJdeE/+Pwq/iynukjQ5ojyp9E
zRhKXDGkFjoeblGPVTVSawIi4uhuDFu6prZoFQwB4f7qdB+nJ4jk091lhyCoZm5c
cNMK0FGsqMqzMnDCbrAQd7l8F+fMMRI7h2nWJ4GtJjnVOdMT
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:49 2026 by rpki-client