Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
File: 14a1cb35-92d7-4bc2-854c-094a3829c73e.roa (raw, json)
Hash identifier: BFnJXhmNRKkt/K5rIK1wvlKLispUfM+muQIIyHo23eI=
Subject key identifier: 6E:53:15:5D:E2:00:15:48:40:90:9F:29:4C:9B:62:B5:24:DB:26:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 671194ED0408FC168E3837B10612A7FEF3887587
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
Signing time: Sat 28 Feb 2026 05:41:28 +0000
ROA not before: Sat 28 Feb 2026 05:41:28 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:11:94:ed:04:08:fc:16:8e:38:37:b1:06:12:a7:fe:f3:88:75:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:28 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2416bf269fdc39a7f1f3106e36473d29a36d3b7bd5fd358bcc4e7093e252a3d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e4:e9:cb:25:90:bd:ab:c5:60:12:2b:98:5e:
6b:bb:4c:d6:2d:1d:cd:5b:9d:dc:61:50:de:a5:18:
38:b2:04:43:21:52:a5:42:8c:e3:87:e0:2f:b0:1b:
45:70:b7:96:85:a0:e2:db:2d:21:97:91:0e:d0:69:
1b:c5:75:2c:3b:47:95:c6:5a:33:53:69:3d:35:47:
4c:8c:d8:8f:2c:9a:07:61:cc:7e:2b:c1:5c:58:42:
3d:fa:7c:c9:44:57:7b:c9:88:47:f3:e9:2f:2c:d4:
0c:f7:c8:7e:12:db:e3:55:4d:e7:25:8d:13:08:4d:
a2:01:f1:e4:ab:f0:00:48:65:47:0f:df:66:fb:4f:
f4:40:ab:19:16:d7:dc:b7:a7:69:d7:3d:f7:81:da:
ae:e8:6d:39:b8:ee:e5:19:08:bf:63:c3:07:5a:f3:
32:2b:e7:01:21:03:40:48:2f:cb:cd:7d:27:be:fd:
34:72:a0:d8:eb:a2:f1:06:e1:c7:da:c0:86:61:f8:
ff:81:a0:e0:81:91:03:74:84:f1:86:05:24:25:4b:
0e:03:de:e7:43:b4:79:df:dc:09:b1:fe:0e:1c:ba:
ca:78:fe:b6:68:72:2f:ac:fd:1e:8c:3d:ff:44:1c:
1e:6d:bf:75:4e:c9:c8:32:d1:21:a8:ea:d9:fe:af:
b0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:53:15:5D:E2:00:15:48:40:90:9F:29:4C:9B:62:B5:24:DB:26:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8040::/48
Signature Algorithm: sha256WithRSAEncryption
4a:87:99:49:60:83:4b:45:7d:0d:f6:f2:f0:be:d7:fb:1e:7a:
ba:fc:26:8d:d0:38:38:c6:f5:56:7f:60:4e:37:8d:e1:ca:66:
e8:c3:b3:94:81:35:99:66:38:2b:4b:c4:cc:ce:09:9e:d3:4e:
74:fb:58:5e:5b:54:97:9b:a5:f8:7c:df:10:60:d2:ca:15:c9:
55:a8:2e:cf:3c:3b:68:f5:a3:8c:14:ac:8b:d0:79:98:14:c5:
9c:b8:39:da:99:1e:a0:5a:21:5b:c0:d4:0b:b2:b8:d6:55:3f:
2a:48:28:eb:ac:bb:92:55:31:24:ec:ed:d8:f5:4b:16:67:0b:
00:e9:20:6e:21:14:11:8d:1d:21:4b:04:e4:9a:a0:41:11:75:
11:5c:6b:ce:66:5d:bf:cd:89:fc:73:70:e5:e5:57:4c:44:0d:
3a:e2:2d:b4:59:a5:dc:7a:68:77:09:18:6d:fc:69:0e:7b:8b:
b2:30:1f:bb:73:a3:3a:1b:6d:10:d9:7b:d1:fe:c3:77:e5:50:
b0:e0:8f:4c:ce:e4:38:8a:12:38:77:47:96:d2:01:c0:02:79:
be:1b:54:40:c7:58:be:e4:13:6a:3b:e8:71:4f:07:3e:53:34:
b7:21:8f:57:63:65:2f:40:d4:cb:50:39:c2:28:07:78:6e:07:
1d:dc:ae:55
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZxGU7QQI/BaOODexBhKn/vOIdYcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0MTZiZjI2OWZkYzM5YTdmMWYzMTA2ZTM2NDczZDI5YTM2ZDNiN2JkNWZk
MzU4YmNjNGU3MDkzZTI1MmEzZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHk6cslkL2rxWASK5hea7tM1i0dzVud3GFQ3qUYOLIEQyFSpUKM44fgL7Ab
RXC3loWg4tstIZeRDtBpG8V1LDtHlcZaM1NpPTVHTIzYjyyaB2HMfivBXFhCPfp8
yURXe8mIR/PpLyzUDPfIfhLb41VN5yWNEwhNogHx5KvwAEhlRw/fZvtP9ECrGRbX
3Lenadc994HaruhtObju5RkIv2PDB1rzMivnASEDQEgvy819J779NHKg2Oui8Qbh
x9rAhmH4/4Gg4IGRA3SE8YYFJCVLDgPe50O0ed/cCbH+Dhy6ynj+tmhyL6z9How9
/0QcHm2/dU7JyDLRIajq2f6vsLECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRuUxVd
4gAVSECQnylMm2K1JNsmyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTRhMWNiMzUtOTJkNy00YmMyLTg1NGMtMDk0YTM4MjljNzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
QDANBgkqhkiG9w0BAQsFAAOCAQEASoeZSWCDS0V9Dfby8L7X+x56uvwmjdA4OMb1
Vn9gTjeN4cpm6MOzlIE1mWY4K0vEzM4JntNOdPtYXltUl5ul+HzfEGDSyhXJVagu
zzw7aPWjjBSsi9B5mBTFnLg52pkeoFohW8DUC7K41lU/Kkgo66y7klUxJOzt2PVL
FmcLAOkgbiEUEY0dIUsE5JqgQRF1EVxrzmZdv82J/HNw5eVXTEQNOuIttFml3Hpo
dwkYbfxpDnuLsjAfu3OjOhttENl70f7Dd+VQsOCPTM7kOIoSOHdHltIBwAJ5vhtU
QMdYvuQTajvocU8HPlM0tyGPV2NlL0DUy1A5wigHeG4HHdyuVQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:03 2026 by rpki-client