Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
File: 1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa (raw, json)
Hash identifier: tYESawBw1W558uZ+LAYS/F3+M50i7TBwNk8Qk84TrF8=
Subject key identifier: 8C:B8:2B:CC:1B:6E:21:EE:27:35:E9:04:F7:2F:69:74:59:36:72:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 764B856F0B21666EC6F3126C62FCC861319A7566
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
Signing time: Sat 28 Feb 2026 06:21:21 +0000
ROA not before: Sat 28 Feb 2026 06:21:21 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:4b:85:6f:0b:21:66:6e:c6:f3:12:6c:62:fc:c8:61:31:9a:75:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:21 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=38907f558ffc23e70ddbd8c54552925b3b49bea9874a9118b47e111ebbd362d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:92:45:52:d1:39:a7:ed:4b:4e:f1:b3:8e:c4:
0b:50:40:e7:49:c2:17:06:f6:e2:f9:e8:db:0f:3e:
85:07:3c:4a:b9:57:6d:e1:38:6b:e9:75:1a:b6:c3:
52:7f:29:53:72:7f:7f:68:6a:b3:ba:93:53:fa:c8:
27:13:b7:e9:80:b5:78:af:7b:3c:f3:11:f9:79:e3:
8c:8a:05:53:fd:41:04:b9:9e:d0:e8:e1:f7:ec:ed:
3a:65:7c:85:d7:1b:ba:92:9a:fd:17:81:df:e2:d7:
4f:81:89:cf:ec:8a:cc:44:9c:d2:0b:4d:cc:63:f2:
9c:51:81:4c:70:2b:72:6b:f6:e3:a7:c7:6b:26:5a:
58:4e:c1:c6:36:23:9e:02:8b:3c:d2:cf:4b:8b:b8:
3b:db:20:c3:a5:da:93:4e:e1:20:75:52:79:6d:ef:
3d:8e:0a:0f:1d:39:f0:e1:ab:86:56:14:90:b4:5a:
40:1f:bc:8f:00:36:34:33:1f:b1:7a:15:2a:91:a2:
c4:1d:74:cd:eb:07:bd:33:97:fd:b5:f2:61:1b:66:
05:a3:c0:8d:00:02:bc:14:59:0e:41:6d:79:81:81:
20:5e:6f:a0:cd:1a:b7:e3:dc:f8:17:39:4f:a3:99:
d8:72:7b:e2:5a:3b:0f:e6:2a:45:c0:40:86:6b:b7:
10:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B8:2B:CC:1B:6E:21:EE:27:35:E9:04:F7:2F:69:74:59:36:72:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8080::/48
Signature Algorithm: sha256WithRSAEncryption
78:f7:b7:da:7d:2f:5f:79:3c:91:1f:f1:00:55:75:d0:00:ed:
fc:de:ea:9d:7a:3a:0b:44:4d:7a:bb:54:81:a1:d1:3a:fd:61:
3f:ed:93:cc:1a:26:08:5e:47:f9:0a:8e:89:73:9a:12:b5:9c:
46:16:15:3b:a8:92:17:d6:c9:0f:81:b3:c9:26:ea:e0:ad:c6:
f3:54:b6:4e:e9:48:16:3a:6a:37:db:71:e1:f1:59:eb:28:41:
42:0c:46:92:b9:0c:f7:9a:56:ff:41:53:96:ec:4f:ec:8b:26:
65:d0:60:fa:61:14:1a:ac:25:7e:05:3d:04:05:7b:3e:90:ea:
df:85:e4:c4:25:92:77:67:a7:d9:f6:0a:c2:5e:65:07:67:07:
96:d4:43:d4:e6:86:4a:2b:4f:d9:6b:cc:f5:a1:33:f9:d7:bc:
45:62:89:8f:1a:c8:f2:8c:1b:ec:91:29:1b:57:84:e4:25:5f:
ad:1b:5d:ff:50:af:5f:a1:15:b3:79:6b:c8:86:38:84:5e:da:
88:51:07:f7:e7:ed:87:f4:77:d0:84:60:6e:43:87:58:ce:0c:
81:ac:2a:24:30:a1:4c:b2:ba:e3:2a:a5:cb:cd:15:10:5a:a3:
63:3b:af:01:d4:e0:92:71:b9:12:37:f4:04:81:36:b4:23:51:
b5:e4:ac:1b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdkuFbwshZm7G8xJsYvzIYTGadWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMjFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4OTA3ZjU1OGZmYzIzZTcwZGRiZDhjNTQ1NTI5MjViM2I0OWJlYTk4NzRh
OTExOGI0N2UxMTFlYmJkMzYyZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJiSRVLROaftS07xs47EC1BA50nCFwb24vno2w8+hQc8SrlXbeE4a+l1GrbD
Un8pU3J/f2hqs7qTU/rIJxO36YC1eK97PPMR+XnjjIoFU/1BBLme0Ojh9+ztOmV8
hdcbupKa/ReB3+LXT4GJz+yKzESc0gtNzGPynFGBTHArcmv246fHayZaWE7BxjYj
ngKLPNLPS4u4O9sgw6Xak07hIHVSeW3vPY4KDx058OGrhlYUkLRaQB+8jwA2NDMf
sXoVKpGixB10zesHvTOX/bXyYRtmBaPAjQACvBRZDkFteYGBIF5voM0at+Pc+Bc5
T6OZ2HJ74lo7D+YqRcBAhmu3EOcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSMuCvM
G24h7ic16QT3L2l0WTZyvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4ZDllMTQtY2ZhOS00NDAwLWFmYTgtYjhjMGQ5ZWVlNGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
gDANBgkqhkiG9w0BAQsFAAOCAQEAePe32n0vX3k8kR/xAFV10ADt/N7qnXo6C0RN
ertUgaHROv1hP+2TzBomCF5H+QqOiXOaErWcRhYVO6iSF9bJD4GzySbq4K3G81S2
TulIFjpqN9tx4fFZ6yhBQgxGkrkM95pW/0FTluxP7IsmZdBg+mEUGqwlfgU9BAV7
PpDq34XkxCWSd2en2fYKwl5lB2cHltRD1OaGSitP2WvM9aEz+de8RWKJjxrI8owb
7JEpG1eE5CVfrRtd/1CvX6EVs3lryIY4hF7aiFEH9+fth/R30IRgbkOHWM4Mgawq
JDChTLK64yqly80VEFqjYzuvAdTgknG5Ejf0BIE2tCNRteSsGw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:30 2026 by rpki-client