Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
File: 16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa (raw, json)
Hash identifier: BMOzMLHL+Jr0wMbOn+LxzfKbYkICek2zaVyS4ttJ9+E=
Subject key identifier: 13:73:B0:20:B4:71:30:E6:31:B0:12:DB:9E:5D:F2:E9:51:9F:E1:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 427ABC71F8BFEC2EED5B7FFA5B22D996CD6056B7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
Signing time: Sat 28 Feb 2026 06:00:49 +0000
ROA not before: Sat 28 Feb 2026 06:00:49 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:7a:bc:71:f8:bf:ec:2e:ed:5b:7f:fa:5b:22:d9:96:cd:60:56:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:49 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f186922228b638b70b423070f87c3787f1b904039e633f23b4eecc244c39e992, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b5:b7:46:a8:f9:d4:8e:ff:d9:51:d5:8e:96:
4b:a7:d4:6d:f3:b3:36:c5:a1:01:61:f6:eb:d9:34:
f1:cd:1a:a1:9f:67:32:02:85:30:4c:a8:6c:1a:8d:
10:52:d7:8b:d5:9f:ac:76:6d:37:62:ff:e6:3b:a8:
1a:cb:21:ab:d1:47:d3:e6:19:8d:65:74:e0:d5:0e:
19:77:80:68:2f:72:35:a5:7a:3c:a8:e4:3e:9b:d6:
33:4b:71:0a:24:32:2d:75:18:bb:ba:e3:5f:02:47:
0a:fd:9f:99:34:90:1e:1b:38:70:70:46:1d:c0:b0:
ce:62:79:22:be:00:6e:bf:0e:84:80:db:e2:ca:49:
0c:c8:4b:ff:8a:17:7d:28:fa:87:43:86:19:14:c9:
30:86:8c:44:65:17:fe:14:cf:94:99:6a:d1:f8:c0:
0b:8d:4a:c4:7d:21:e4:62:25:79:4e:4d:b6:f4:e9:
d9:30:f4:0c:26:52:5d:b5:b3:66:7a:d3:7e:13:8a:
1c:1b:f9:d0:15:ca:18:a0:61:47:a1:9b:a2:d2:b7:
f5:f5:23:98:43:7c:45:77:cd:00:f6:e0:d7:8c:54:
3a:19:80:80:fb:b0:82:8a:43:81:b0:7f:6b:d9:08:
69:aa:8b:4e:32:4c:22:35:48:c1:a4:4e:a0:d4:78:
c4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:73:B0:20:B4:71:30:E6:31:B0:12:DB:9E:5D:F2:E9:51:9F:E1:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:b000::/40
Signature Algorithm: sha256WithRSAEncryption
a9:4c:a3:28:0d:4d:a1:09:f2:1d:c9:8e:09:58:01:00:3c:f0:
4d:d9:ed:98:77:ce:b1:6c:8e:c2:a8:17:05:8e:bc:33:97:38:
4d:ea:be:40:da:ee:f9:42:2d:30:97:14:75:e5:9a:9d:11:9e:
07:14:2a:8b:ef:3b:62:3d:de:e4:5b:04:4c:e9:34:d9:d9:7c:
4e:26:ac:3a:e5:29:7c:cb:0e:53:c3:18:f0:ec:b4:cd:fd:57:
6f:c6:ff:31:57:f9:b0:8c:ae:ec:2f:2d:be:3a:51:91:df:6b:
bc:ac:ae:bf:bc:13:a5:0a:91:05:20:f7:f4:3e:58:9e:4d:47:
98:38:6d:7f:3a:5e:d2:a2:8e:b0:10:3e:73:f2:37:88:6a:96:
b2:f7:ab:90:4b:bb:8e:eb:ca:62:5e:a6:59:37:46:9a:f0:61:
5e:ab:7b:6e:60:56:5f:1b:92:e4:e3:91:79:24:e7:1d:97:3b:
4c:fb:61:a0:6d:17:7b:9c:69:d4:c6:5c:09:6d:c8:84:5f:cd:
c0:03:f5:46:18:48:c0:73:93:46:ef:be:94:7d:86:f9:b3:b0:
25:f8:e9:4c:4d:4b:ff:18:2d:a9:18:63:11:25:c0:69:5e:8b:
b3:72:65:04:ed:70:49:69:39:25:de:0d:c1:6b:67:91:8e:cd:
cf:95:a4:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQnq8cfi/7C7tW3/6WyLZls1gVrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxODY5MjIyMjhiNjM4YjcwYjQyMzA3MGY4N2MzNzg3ZjFiOTA0MDM5ZTYz
M2YyM2I0ZWVjYzI0NGMzOWU5OTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKy1t0ao+dSO/9lR1Y6WS6fUbfOzNsWhAWH269k08c0aoZ9nMgKFMEyobBqN
EFLXi9WfrHZtN2L/5juoGsshq9FH0+YZjWV04NUOGXeAaC9yNaV6PKjkPpvWM0tx
CiQyLXUYu7rjXwJHCv2fmTSQHhs4cHBGHcCwzmJ5Ir4Abr8OhIDb4spJDMhL/4oX
fSj6h0OGGRTJMIaMRGUX/hTPlJlq0fjAC41KxH0h5GIleU5NtvTp2TD0DCZSXbWz
ZnrTfhOKHBv50BXKGKBhR6GbotK39fUjmEN8RXfNAPbg14xUOhmAgPuwgopDgbB/
a9kIaaqLTjJMIjVIwaROoNR4xJUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQTc7Ag
tHEw5jGwEtueXfLpUZ/hbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTZlODNkODktOWMyOS00ZDcwLTlkMWQtODVlNGRjN2UzZDZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hiw
MA0GCSqGSIb3DQEBCwUAA4IBAQCpTKMoDU2hCfIdyY4JWAEAPPBN2e2Yd86xbI7C
qBcFjrwzlzhN6r5A2u75Qi0wlxR15ZqdEZ4HFCqL7ztiPd7kWwRM6TTZ2XxOJqw6
5Sl8yw5Twxjw7LTN/Vdvxv8xV/mwjK7sLy2+OlGR32u8rK6/vBOlCpEFIPf0Plie
TUeYOG1/Ol7Soo6wED5z8jeIapay96uQS7uO68piXqZZN0aa8GFeq3tuYFZfG5Lk
45F5JOcdlztM+2GgbRd7nGnUxlwJbciEX83AA/VGGEjAc5NG776UfYb5s7Al+OlM
TUv/GC2pGGMRJcBpXouzcmUE7XBJaTkl3g3Ba2eRjs3PlaRQ
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:02 2026 by rpki-client