Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
File: 17057de1-0841-47c5-9f52-f4f803d5e2d4.roa (raw, json)
Hash identifier: PROr3q9sLkWQs0/D2PDeCGLKs1Q2zP129cqvjgPfSvY=
Subject key identifier: 37:3C:AB:16:13:CC:80:41:0A:1C:15:9B:DD:42:3F:88:0D:B8:CD:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 259DA6FBFCEED3C3C793B7E43D10BCB72E9785AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
Signing time: Sat 28 Feb 2026 05:51:05 +0000
ROA not before: Sat 28 Feb 2026 05:51:05 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:9d:a6:fb:fc:ee:d3:c3:c7:93:b7:e4:3d:10:bc:b7:2e:97:85:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:05 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=bc987bafa55e938d6c6160aa2811fa630b07b490038022051f114798876a979b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d9:2a:56:0c:8c:d9:a0:84:89:85:ef:3e:f1:
aa:b4:5c:ed:42:67:9f:43:1c:f9:04:1c:b0:67:24:
53:1a:31:2a:e3:88:b7:2c:3a:37:ce:21:26:19:82:
77:56:c6:b8:b9:d8:3e:f5:a6:73:e7:78:f9:00:97:
29:cd:78:85:72:c8:e7:1b:62:af:53:85:60:8b:0c:
57:1e:65:b9:18:ba:84:b1:51:2e:bc:ad:ab:65:c7:
66:eb:dd:46:60:36:2d:ac:a5:3a:89:18:73:29:97:
10:1e:2c:a6:40:d1:60:7f:5f:86:ca:c0:e5:3a:53:
db:d5:61:73:ed:62:2f:90:0b:ef:1e:a3:cc:4b:0e:
0f:70:bc:b4:e9:12:e2:dc:d0:2d:9a:cd:68:22:ce:
77:ec:08:da:31:b3:e1:56:52:5f:64:cf:96:41:0c:
8f:54:16:61:ce:e8:8e:a9:d8:bf:21:ac:69:95:ed:
03:fb:60:b8:c1:81:12:cd:27:6c:3e:1b:71:43:6d:
20:0c:f3:6f:65:2a:f8:f0:18:af:76:7f:06:0c:1a:
9a:d6:cc:a2:d8:3d:65:22:d5:f3:92:aa:09:ed:c5:
50:dd:b7:b9:f4:6a:cd:e8:14:62:9a:e1:cb:e2:a0:
c1:d4:6d:ba:d5:bf:65:e1:c7:dc:ba:5f:03:75:ba:
40:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3C:AB:16:13:CC:80:41:0A:1C:15:9B:DD:42:3F:88:0D:B8:CD:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
21:87:73:79:27:51:a2:29:0e:7c:88:eb:04:7d:0b:0c:8d:67:
b7:5c:0b:43:d7:50:2d:d5:45:46:df:ed:42:34:b3:2c:c3:d4:
8b:7c:12:06:91:5f:7e:1e:18:4f:4c:e1:1d:12:79:19:d8:39:
64:fa:8b:d9:25:57:6d:97:35:7f:65:7c:06:44:4e:1e:4f:86:
29:fb:a3:9e:e2:25:9e:9d:98:d5:21:96:5d:d5:51:36:0d:96:
05:35:71:1d:05:d1:ed:04:5e:c0:a4:83:e9:3d:e6:da:70:c0:
5a:18:6c:59:81:29:55:c9:a1:c8:21:57:b4:2b:59:da:2f:aa:
73:8c:53:0f:79:e4:fb:88:05:73:e7:cf:e5:75:31:45:e2:9f:
e3:ce:fc:8d:7f:b7:c5:68:f3:08:35:2a:e2:43:04:78:69:6f:
ad:bb:2c:46:eb:e4:70:98:50:86:5e:a1:a3:0e:e3:99:b9:88:
6c:fa:1d:16:40:c2:05:08:0e:3d:82:02:24:a8:64:f5:64:0f:
3d:95:c9:ef:29:42:b2:cb:63:b9:38:e8:c6:64:8b:ea:36:bc:
68:16:81:74:93:d2:f1:01:cd:fb:0e:d3:41:d5:61:0c:fd:c8:
a5:4f:b3:19:cc:cd:8e:ec:d0:74:b0:c1:8e:b2:1c:1a:08:05:
e1:02:43:27
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJZ2m+/zu08PHk7fkPRC8ty6Xha4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjOTg3YmFmYTU1ZTkzOGQ2YzYxNjBhYTI4MTFmYTYzMGIwN2I0OTAwMzgw
MjIwNTFmMTE0Nzk4ODc2YTk3OWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvZKlYMjNmghImF7z7xqrRc7UJnn0Mc+QQcsGckUxoxKuOItyw6N84hJhmC
d1bGuLnYPvWmc+d4+QCXKc14hXLI5xtir1OFYIsMVx5luRi6hLFRLrytq2XHZuvd
RmA2LaylOokYcymXEB4spkDRYH9fhsrA5TpT29Vhc+1iL5AL7x6jzEsOD3C8tOkS
4tzQLZrNaCLOd+wI2jGz4VZSX2TPlkEMj1QWYc7ojqnYvyGsaZXtA/tguMGBEs0n
bD4bcUNtIAzzb2Uq+PAYr3Z/BgwamtbMotg9ZSLV85KqCe3FUN23ufRqzegUYprh
y+KgwdRtutW/ZeHH3LpfA3W6QEcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3PKsW
E8yAQQocFZvdQj+IDbjNFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTcwNTdkZTEtMDg0MS00N2M1LTlmNTItZjRmODAzZDVlMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQAhh3N5J1GiKQ58iOsEfQsMjWe3XAtD11At1UVG
3+1CNLMsw9SLfBIGkV9+HhhPTOEdEnkZ2Dlk+ovZJVdtlzV/ZXwGRE4eT4Yp+6Oe
4iWenZjVIZZd1VE2DZYFNXEdBdHtBF7ApIPpPebacMBaGGxZgSlVyaHIIVe0K1na
L6pzjFMPeeT7iAVz58/ldTFF4p/jzvyNf7fFaPMINSriQwR4aW+tuyxG6+RwmFCG
XqGjDuOZuYhs+h0WQMIFCA49ggIkqGT1ZA89lcnvKUKyy2O5OOjGZIvqNrxoFoF0
k9LxAc37DtNB1WEM/cilT7MZzM2O7NB0sMGOshwaCAXhAkMn
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:04:58 2026 by rpki-client