Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
File: 19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa (raw, json)
Hash identifier: LZ3Bs3e84RlArce1YCqiFEzqp4ZSSgL2iENLAvEH4/Q=
Subject key identifier: C2:E4:37:25:48:56:52:0C:63:B1:D0:86:EF:07:8E:7E:58:F4:51:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E93C9D5E519A29E2AE9684274C675A7E3581AC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
Signing time: Sat 28 Feb 2026 05:31:11 +0000
ROA not before: Sat 28 Feb 2026 05:31:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:93:c9:d5:e5:19:a2:9e:2a:e9:68:42:74:c6:75:a7:e3:58:1a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=11ef5e9c6f151d541a12b01faec2ad9c65eab7fe0569edaaa034d7d61137ace8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e0:00:2a:01:8c:51:8c:ba:3a:a5:7f:e1:9b:
0f:fc:7a:5e:29:00:3c:2c:24:73:01:cb:14:77:de:
ce:79:32:d5:41:fc:77:d7:dc:e8:5f:b9:d5:83:d5:
50:c2:35:2f:93:8c:e9:42:5a:ab:32:1b:c3:94:ff:
ea:26:a3:76:40:f4:d1:1c:a0:7a:e3:2a:17:45:83:
1a:7f:42:67:59:00:bf:cc:0a:63:dd:1b:7a:ad:06:
4a:64:19:2f:fc:71:0f:9b:94:96:cf:b2:c2:fb:35:
64:6b:24:04:9e:f1:22:66:b0:d5:76:46:7b:1a:2b:
b5:64:3e:6e:fd:f1:8b:82:4e:68:0c:bd:56:57:a2:
fb:15:2a:bf:2e:cd:98:c2:e9:c5:7d:38:67:b2:67:
1b:25:ac:61:06:41:46:fc:00:f4:5f:15:99:ad:b1:
a6:67:70:f9:a5:0f:9e:05:2f:7c:17:d7:37:58:93:
fb:d8:86:ce:41:96:fa:a5:1f:04:d4:67:71:12:86:
3e:6a:dd:ad:e3:16:24:38:3b:37:26:8d:30:d4:9a:
83:79:d2:ba:cc:82:ff:1c:78:6a:f1:e8:fc:ff:1b:
08:fa:58:b5:0c:3d:9e:77:84:37:06:3e:99:4e:64:
33:b3:55:ff:0f:53:40:94:bf:1e:05:50:f5:58:98:
30:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:E4:37:25:48:56:52:0C:63:B1:D0:86:EF:07:8E:7E:58:F4:51:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5080::/48
Signature Algorithm: sha256WithRSAEncryption
1d:9f:e3:77:25:21:49:e1:ca:54:a2:6b:5f:59:a4:ed:92:76:
25:e3:09:14:1e:7f:71:85:ac:e5:c0:ea:49:bb:0a:d5:b4:96:
9f:30:d4:75:4e:31:52:90:3e:9a:b4:6c:aa:e9:ef:6b:73:6a:
ae:a0:f5:31:48:31:e8:6b:9a:07:9b:a5:12:ac:fb:90:42:59:
c1:27:23:ed:46:33:2c:0b:61:07:e9:d3:58:5b:71:f8:82:a7:
e3:6e:bc:e9:51:68:0b:40:0f:19:9c:34:11:c4:97:df:4c:4f:
dd:ec:fd:35:ef:fc:b0:0e:f8:a3:42:d4:a4:bd:00:e0:b0:4d:
15:de:44:ac:c2:3b:2e:0b:cc:db:37:a6:03:62:52:00:bd:05:
61:66:e1:9b:09:59:d9:ca:f3:64:d0:e6:61:9f:2f:59:92:4b:
34:50:c6:3e:92:1f:50:79:ec:03:b9:2d:74:e1:39:82:ff:f9:
5d:c3:43:04:c2:d4:fa:57:c5:0a:a6:3d:d1:9b:c5:5f:d1:26:
f5:fb:ad:b1:7a:0e:62:ad:ea:be:82:14:de:24:28:2e:21:b6:
8e:ee:83:48:33:24:63:e9:4e:12:b9:a1:66:73:73:87:e2:94:
95:d9:9e:dc:6b:3d:c3:3c:28:30:8c:c8:99:4a:d1:ba:99:78:
fa:bf:50:90
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHpPJ1eUZop4q6WhCdMZ1p+NYGsQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDExZWY1ZTljNmYxNTFkNTQxYTEyYjAxZmFlYzJhZDljNjVlYWI3ZmUwNTY5
ZWRhYWEwMzRkN2Q2MTEzN2FjZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHgACoBjFGMujqlf+GbD/x6XikAPCwkcwHLFHfeznky1UH8d9fc6F+51YPV
UMI1L5OM6UJaqzIbw5T/6iajdkD00RygeuMqF0WDGn9CZ1kAv8wKY90beq0GSmQZ
L/xxD5uUls+ywvs1ZGskBJ7xImaw1XZGexortWQ+bv3xi4JOaAy9Vlei+xUqvy7N
mMLpxX04Z7JnGyWsYQZBRvwA9F8Vma2xpmdw+aUPngUvfBfXN1iT+9iGzkGW+qUf
BNRncRKGPmrdreMWJDg7NyaNMNSag3nSusyC/xx4avHo/P8bCPpYtQw9nneENwY+
mU5kM7NV/w9TQJS/HgVQ9ViYMBUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTC5Dcl
SFZSDGOx0IbvB45+WPRRGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTlhMjdkOWYtM2NjOS00YWM0LTlhZmItMzk5ZjY2YmVlNjBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAHZ/jdyUhSeHKVKJrX1mk7ZJ2JeMJFB5/cYWs
5cDqSbsK1bSWnzDUdU4xUpA+mrRsqunva3NqrqD1MUgx6GuaB5ulEqz7kEJZwScj
7UYzLAthB+nTWFtx+IKn42686VFoC0APGZw0EcSX30xP3ez9Ne/8sA74o0LUpL0A
4LBNFd5ErMI7LgvM2zemA2JSAL0FYWbhmwlZ2crzZNDmYZ8vWZJLNFDGPpIfUHns
A7ktdOE5gv/5XcNDBMLU+lfFCqY90ZvFX9Em9futsXoOYq3qvoIU3iQoLiG2ju6D
SDMkY+lOErmhZnNzh+KUldme3Gs9wzwoMIzImUrRupl4+r9QkA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:22 2026 by rpki-client