Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
File: 144286ab-f239-401f-a4ef-706749b0d570.roa (raw, json)
Hash identifier: mKNmoEmKBfS+WEiAfzyIEOtTSACaKwZNZSk5sWro5V4=
Subject key identifier: 27:A9:C8:86:4B:78:86:D7:90:1F:39:6F:A2:3B:F7:5F:74:7C:A2:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53C03F6278F17F21295DD6ED3A2FF1826C52C2FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
Signing time: Sat 28 Feb 2026 05:31:08 +0000
ROA not before: Sat 28 Feb 2026 05:31:08 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:c0:3f:62:78:f1:7f:21:29:5d:d6:ed:3a:2f:f1:82:6c:52:c2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:08 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7595bd611fa4d6dc9221b69d824031541b44342303f12d44dfe8b01aa7d11be2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0e:47:8b:5a:a2:34:46:b5:d9:dd:0f:1c:84:
e3:c4:8e:90:94:c8:37:e9:38:0d:84:47:88:91:99:
c2:34:42:f6:47:01:74:90:03:b0:0e:7b:3e:ea:d4:
17:63:75:5c:3e:0a:5c:8c:42:9b:73:84:8b:a3:f7:
41:e0:bc:76:ab:b6:aa:86:6a:01:50:95:c7:25:2d:
44:16:83:ec:70:c7:de:f3:f3:e4:34:55:43:41:0e:
79:57:55:73:33:07:64:2d:f3:4d:00:65:7f:f1:6e:
d1:68:08:be:e3:b9:a1:a9:78:4c:cc:9b:41:ab:5c:
ae:f4:4a:9b:a6:9d:c4:c5:32:0e:b2:47:4c:85:fa:
bd:ac:02:23:14:71:38:cf:bf:af:16:15:cc:d6:94:
fa:5f:5e:90:b7:44:6f:16:2a:37:2e:91:7c:e2:3e:
41:a6:53:6c:47:50:42:09:b6:6d:7e:29:f9:5e:56:
b6:49:c3:3a:d7:63:a9:2f:d3:67:f1:75:0e:0e:a5:
0b:da:81:ba:f3:2d:8b:4e:ca:c8:64:02:7f:aa:da:
1b:56:ef:73:cb:23:d9:2c:4f:21:a4:c3:f9:27:11:
1b:2d:ec:1e:19:58:12:8d:b2:4e:17:66:ae:de:01:
48:b8:ad:96:16:a1:12:6a:fc:6f:1e:5e:5e:ed:32:
76:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A9:C8:86:4B:78:86:D7:90:1F:39:6F:A2:3B:F7:5F:74:7C:A2:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
b9:ca:d9:b0:e0:06:e8:9e:9e:20:00:d9:45:67:69:36:89:a2:
97:4b:88:6d:7a:0a:a6:58:bc:3d:6b:69:91:75:5f:ec:d7:38:
1b:cd:6b:9d:b8:0c:dd:5f:ba:bc:c4:cd:67:c6:1d:63:e6:38:
f0:1a:fb:00:b2:b4:91:55:9e:62:3c:91:42:cc:5d:78:0c:cf:
2c:be:c9:2b:91:bc:6d:19:5a:de:8f:ba:51:25:e8:f0:5c:c9:
2a:01:f4:10:91:11:73:ba:7a:d4:4e:d7:cc:e9:d5:18:b2:fb:
b2:08:5a:d6:6a:86:fa:af:69:95:ab:60:7a:51:59:92:3e:f3:
74:ce:f5:7e:52:88:b2:86:e7:b6:c3:e5:24:c2:ce:38:c0:58:
8f:2b:9e:07:e8:e8:70:43:e8:71:0c:e7:00:de:57:08:66:3c:
d5:54:e1:0e:33:fa:5a:0a:29:42:7b:1e:0e:9c:82:dd:24:d5:
41:a6:1d:0d:97:13:3d:1e:58:1b:f2:0f:e1:21:aa:4a:6e:1e:
c7:1d:bc:8c:ca:b4:3f:9a:f0:57:c0:b5:6a:03:6d:c2:0e:ab:
fe:08:c4:72:e7:54:dc:9a:b0:d5:6c:46:33:86:c6:77:ec:d7:
ff:76:31:3c:cd:3a:2b:16:25:24:e1:e1:8a:2c:fc:fc:88:9b:
c8:80:af:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUU8A/YnjxfyEpXdbtOi/xgmxSwvswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1OTViZDYxMWZhNGQ2ZGM5MjIxYjY5ZDgyNDAzMTU0MWI0NDM0MjMwM2Yx
MmQ0NGRmZThiMDFhYTdkMTFiZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwOR4taojRGtdndDxyE48SOkJTIN+k4DYRHiJGZwjRC9kcBdJADsA57PurU
F2N1XD4KXIxCm3OEi6P3QeC8dqu2qoZqAVCVxyUtRBaD7HDH3vPz5DRVQ0EOeVdV
czMHZC3zTQBlf/Fu0WgIvuO5oal4TMybQatcrvRKm6adxMUyDrJHTIX6vawCIxRx
OM+/rxYVzNaU+l9ekLdEbxYqNy6RfOI+QaZTbEdQQgm2bX4p+V5WtknDOtdjqS/T
Z/F1Dg6lC9qBuvMti07KyGQCf6raG1bvc8sj2SxPIaTD+ScRGy3sHhlYEo2yThdm
rt4BSLitlhahEmr8bx5eXu0ydjkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQnqciG
S3iG15AfOW+iO/dfdHyikjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTQ0Mjg2YWItZjIzOS00MDFmLWE0ZWYtNzA2NzQ5YjBkNTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
wDANBgkqhkiG9w0BAQsFAAOCAQEAucrZsOAG6J6eIADZRWdpNomil0uIbXoKpli8
PWtpkXVf7Nc4G81rnbgM3V+6vMTNZ8YdY+Y48Br7ALK0kVWeYjyRQsxdeAzPLL7J
K5G8bRla3o+6USXo8FzJKgH0EJERc7p61E7XzOnVGLL7sgha1mqG+q9platgelFZ
kj7zdM71flKIsobntsPlJMLOOMBYjyueB+jocEPocQznAN5XCGY81VThDjP6Wgop
QnseDpyC3STVQaYdDZcTPR5YG/IP4SGqSm4exx28jMq0P5rwV8C1agNtwg6r/gjE
cudU3Jqw1WxGM4bGd+zX/3YxPM06KxYlJOHhiiz8/IibyICv1g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:08:02 2026 by rpki-client