Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
File: 17e30daf-f11a-4af6-8f47-661a735a22e9.roa (raw, json)
Hash identifier: e98vN3os1zrcT/Pepb8J3eJ8werCAqAvm5PolK5WFg8=
Subject key identifier: 1E:AB:27:73:C6:46:B3:94:CE:A0:B0:E6:5D:FE:F2:94:36:DC:B4:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51C61748C19F36AFBE5415C8667439D5B33D1D2A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
Signing time: Sat 28 Feb 2026 05:10:30 +0000
ROA not before: Sat 28 Feb 2026 05:10:30 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c6:17:48:c1:9f:36:af:be:54:15:c8:66:74:39:d5:b3:3d:1d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:30 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f098e9fda0f59235c96b191a9eb0e343d88b13fa3a6b420b96c281eb81357d00, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d7:4c:17:76:db:8e:19:af:86:2c:8b:f4:d4:
76:5d:f8:1e:ea:ef:3a:33:09:5b:b9:90:c7:d1:10:
06:15:0b:25:af:24:27:dd:c3:ba:98:86:b1:92:d2:
af:97:5a:ce:b2:7b:80:89:d5:aa:fa:0d:ba:34:c4:
24:82:38:b8:85:b7:6f:7f:cc:e4:a5:65:ee:50:68:
50:34:26:f8:51:fd:52:e0:ef:2a:94:4c:e5:0c:b7:
7b:cd:03:1a:83:0d:0d:57:e0:d0:65:6d:66:e5:6d:
aa:57:28:c5:68:a2:35:cd:6e:12:00:81:0f:f6:31:
ac:8a:cf:54:21:f3:e8:36:5b:09:ea:58:da:4c:79:
d2:f5:4b:41:7e:81:04:6a:2b:08:82:7d:01:15:45:
30:28:6c:4a:3e:f5:91:a1:35:87:5a:0f:17:84:e4:
f9:e3:0e:d9:32:1d:59:19:4f:0f:c6:d9:11:03:9d:
7f:9f:16:6e:ae:fb:86:51:f3:3d:ee:ad:0c:fe:8d:
c1:2d:82:b4:19:fe:e2:83:93:4b:f6:90:9d:0a:2c:
a3:a8:8e:40:79:91:76:b5:a8:db:df:cd:22:fd:b9:
df:6c:96:28:e4:a2:cd:06:63:22:aa:3e:76:3a:7d:
95:95:d6:8c:f0:6b:e1:84:b5:bc:cf:11:78:5b:2b:
ff:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AB:27:73:C6:46:B3:94:CE:A0:B0:E6:5D:FE:F2:94:36:DC:B4:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:5000::/40
Signature Algorithm: sha256WithRSAEncryption
27:6c:cf:6f:b8:3d:f6:a3:9e:78:67:7e:6c:e7:f9:af:7e:d9:
a3:cb:fa:3e:3e:fe:f4:7e:7f:6a:66:18:b1:4a:b1:c0:4f:d7:
ef:47:4c:c5:ef:1e:1d:b4:73:9e:81:96:b4:5b:69:ac:76:82:
96:ee:45:57:09:5b:7e:57:32:6f:c0:d8:43:90:6d:5f:3f:9d:
92:5a:05:cc:8b:2d:02:80:49:0a:98:c4:ab:47:21:98:9c:6e:
1f:93:b0:27:94:81:a7:60:c6:3f:59:fb:0b:97:24:f7:a2:07:
94:ff:18:65:0f:d9:3a:a7:72:15:3b:48:80:35:91:17:32:da:
b0:fa:9f:70:44:5c:5c:72:22:0f:26:43:29:49:75:3a:8a:72:
ca:10:a9:b0:a0:f0:d0:92:73:13:61:6d:66:48:36:e7:1d:5a:
89:15:2e:00:0b:b2:8d:db:d5:ab:de:47:d2:a9:99:e0:7b:f4:
76:f4:ce:e9:99:e1:6c:21:73:0f:34:1d:7b:b8:53:d1:33:10:
45:30:1b:f6:9a:82:f7:7a:bd:dd:f1:75:92:fb:02:6f:5a:8d:
51:f1:3d:c2:2b:ff:42:6c:ec:f0:cf:0c:03:01:ee:11:16:0d:
a9:99:25:81:b1:75:a7:90:24:e9:f7:b1:46:23:03:f3:16:16:
d2:48:5f:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUcYXSMGfNq++VBXIZnQ51bM9HSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMzBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwOThlOWZkYTBmNTkyMzVjOTZiMTkxYTllYjBlMzQzZDg4YjEzZmEzYTZi
NDIwYjk2YzI4MWViODEzNTdkMDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7XTBd2244Zr4Ysi/TUdl34HurvOjMJW7mQx9EQBhULJa8kJ93DupiGsZLS
r5dazrJ7gInVqvoNujTEJII4uIW3b3/M5KVl7lBoUDQm+FH9UuDvKpRM5Qy3e80D
GoMNDVfg0GVtZuVtqlcoxWiiNc1uEgCBD/YxrIrPVCHz6DZbCepY2kx50vVLQX6B
BGorCIJ9ARVFMChsSj71kaE1h1oPF4Tk+eMO2TIdWRlPD8bZEQOdf58Wbq77hlHz
Pe6tDP6NwS2CtBn+4oOTS/aQnQoso6iOQHmRdrWo29/NIv2532yWKOSizQZjIqo+
djp9lZXWjPBr4YS1vM8ReFsr//sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQeqydz
xkazlM6gsOZd/vKUNty09zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTdlMzBkYWYtZjExYS00YWY2LThmNDctNjYxYTczNWEyMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAnbM9vuD32o554Z35s5/mvftmjy/o+Pv70fn9q
ZhixSrHAT9fvR0zF7x4dtHOegZa0W2msdoKW7kVXCVt+VzJvwNhDkG1fP52SWgXM
iy0CgEkKmMSrRyGYnG4fk7AnlIGnYMY/WfsLlyT3ogeU/xhlD9k6p3IVO0iANZEX
Mtqw+p9wRFxcciIPJkMpSXU6inLKEKmwoPDQknMTYW1mSDbnHVqJFS4AC7KN29Wr
3kfSqZnge/R29M7pmeFsIXMPNB17uFPRMxBFMBv2moL3er3d8XWS+wJvWo1R8T3C
K/9CbOzwzwwDAe4RFg2pmSWBsXWnkCTp97FGIwPzFhbSSF+i
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:05:28 2026 by rpki-client