Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
File: 12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa (raw, json)
Hash identifier: UHLTGjRoKn4yAPkRrCkfZUdxkHjb5sgMUvjf70XtpNo=
Subject key identifier: 0C:3A:42:0E:26:7B:F4:7A:44:94:77:5C:89:11:BC:E4:1D:C3:4F:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D7AEF84EDF0FEFBCFB90B3C1818F5B398EC772F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
Signing time: Sat 28 Feb 2026 06:00:10 +0000
ROA not before: Sat 28 Feb 2026 06:00:10 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:7a:ef:84:ed:f0:fe:fb:cf:b9:0b:3c:18:18:f5:b3:98:ec:77:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:10 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c6bd795ed4ef4e58084930f9d81b1f2aae643a5903e65e2a4b53cd965e524e3a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:06:78:52:7f:24:b5:66:94:40:6a:d4:3b:2f:
88:88:70:0c:c3:4e:08:6c:90:fd:7e:45:43:f6:62:
81:17:56:6e:e5:20:5f:8e:06:77:64:28:aa:59:4c:
8a:f4:53:d3:24:8b:dd:c4:fd:d1:c6:97:be:38:14:
b9:b9:b6:a4:6e:30:ec:a4:96:e1:ef:f0:f5:21:b9:
31:e3:8d:e9:06:92:bd:5b:7b:ec:ce:5d:5e:56:f5:
de:10:f8:f8:9c:d8:fc:78:c2:6d:6a:64:c3:f1:66:
46:3e:ab:9b:cf:01:3d:43:f8:38:95:82:18:34:63:
8f:94:3b:35:ea:6f:56:d4:71:da:15:af:7a:bf:81:
9f:a7:75:b3:58:ab:23:8e:54:62:9b:82:ea:e4:50:
8a:d9:2c:49:0c:b8:99:e9:1c:45:7b:31:c3:87:55:
a1:98:72:ae:bd:b0:e9:ff:b7:bf:aa:f4:48:32:69:
42:48:18:e4:6a:70:59:c2:7f:9f:39:e2:28:38:61:
32:58:83:08:58:bf:bf:38:b0:43:50:4e:6d:92:67:
d9:1e:12:88:ac:94:10:1f:c8:e6:92:e7:d6:ba:e0:
69:de:6a:cb:a5:02:73:06:47:6e:db:26:ec:d9:2d:
d6:86:96:3f:68:03:b9:e6:f5:be:e8:50:a0:64:54:
9d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3A:42:0E:26:7B:F4:7A:44:94:77:5C:89:11:BC:E4:1D:C3:4F:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/38
Signature Algorithm: sha256WithRSAEncryption
8a:ab:09:04:41:04:4c:05:11:11:5d:34:49:ea:24:e3:a0:31:
3e:8c:99:71:6c:89:40:db:5b:b8:4c:37:86:50:ad:d9:95:20:
65:ae:a6:b4:14:5d:ce:a0:da:24:5b:d2:a5:97:ee:63:e3:3d:
a6:67:d1:ef:ef:67:ee:03:48:39:01:5f:10:13:04:d8:d3:38:
aa:f0:c7:3e:85:e5:78:d0:7d:97:90:7f:bd:0f:33:6f:4d:2c:
d2:53:c4:22:de:91:e9:04:ae:e8:32:63:93:2e:c8:29:95:42:
bc:36:d4:d5:49:bb:41:f1:85:ff:4d:be:41:4d:51:70:77:17:
e2:a0:b9:f1:1f:5b:b8:61:66:fa:bd:e2:67:2e:e1:67:9d:ed:
60:f1:21:e3:2a:43:2f:ff:a4:ce:bf:2a:32:78:78:5f:a9:de:
c9:44:3f:32:f9:0e:32:c5:53:d8:d2:f4:c2:ed:29:39:24:f2:
ed:f0:6a:24:92:69:03:74:28:68:61:e0:1b:55:29:8b:7d:e6:
94:c9:93:31:9c:19:9e:6b:e6:9b:5d:40:86:64:38:9b:2a:fa:
cf:2d:04:ac:17:8d:b5:01:8d:ce:88:72:cb:47:cf:eb:50:d9:
14:96:7a:de:e9:dc:ec:96:b1:6a:e5:45:f4:87:51:a0:3c:1d:
30:5c:86:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTXrvhO3w/vvPuQs8GBj1s5jsdy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwMTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2YmQ3OTVlZDRlZjRlNTgwODQ5MzBmOWQ4MWIxZjJhYWU2NDNhNTkwM2U2
NWUyYTRiNTNjZDk2NWU1MjRlM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOMGeFJ/JLVmlEBq1DsviIhwDMNOCGyQ/X5FQ/ZigRdWbuUgX44Gd2QoqllM
ivRT0ySL3cT90caXvjgUubm2pG4w7KSW4e/w9SG5MeON6QaSvVt77M5dXlb13hD4
+JzY/HjCbWpkw/FmRj6rm88BPUP4OJWCGDRjj5Q7NepvVtRx2hWver+Bn6d1s1ir
I45UYpuC6uRQitksSQy4mekcRXsxw4dVoZhyrr2w6f+3v6r0SDJpQkgY5GpwWcJ/
nzniKDhhMliDCFi/vziwQ1BObZJn2R4SiKyUEB/I5pLn1rrgad5qy6UCcwZHbtsm
7Nkt1oaWP2gDueb1vuhQoGRUnfECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQMOkIO
Jnv0ekSUd1yJEbzkHcNPEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIwOTliZjUtZjljMS00NjNlLTlmYzktZWFmNzkxZTMzOWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQCKqwkEQQRMBRERXTRJ6iTjoDE+jJlxbIlA21u4
TDeGUK3ZlSBlrqa0FF3OoNokW9Kll+5j4z2mZ9Hv72fuA0g5AV8QEwTY0ziq8Mc+
heV40H2XkH+9DzNvTSzSU8Qi3pHpBK7oMmOTLsgplUK8NtTVSbtB8YX/Tb5BTVFw
dxfioLnxH1u4YWb6veJnLuFnne1g8SHjKkMv/6TOvyoyeHhfqd7JRD8y+Q4yxVPY
0vTC7Sk5JPLt8GokkmkDdChoYeAbVSmLfeaUyZMxnBmea+abXUCGZDibKvrPLQSs
F421AY3OiHLLR8/rUNkUlnre6dzslrFq5UX0h1GgPB0wXIar
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:21 2026 by rpki-client