Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
File: 1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa (raw, json)
Hash identifier: cOeTFD+dPPImBPkUqBMsj5KfNHQvO25h0v9TbK4pPdM=
Subject key identifier: D5:78:DE:D3:69:6C:F9:1D:51:1E:A2:BA:6F:2D:71:F9:52:32:65:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30DEDEAE2F60036C141FAACA2D98E328D0D3D684
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
Signing time: Sat 28 Feb 2026 06:20:49 +0000
ROA not before: Sat 28 Feb 2026 06:20:49 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:de:de:ae:2f:60:03:6c:14:1f:aa:ca:2d:98:e3:28:d0:d3:d6:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:49 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=11cb067299ae0d631dd2485fc68215cbea2d2c939e2e0596cbfdbd10b84f17c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f6:56:70:37:e4:dd:52:67:8a:89:e9:2b:d3:
8f:ae:41:78:d8:9d:36:e6:1c:ca:2f:98:fa:c8:ff:
21:ed:93:a9:4e:30:09:f8:ae:f0:e8:f6:11:54:e0:
12:32:7e:a3:c3:b9:6f:d6:66:ed:1b:28:1c:4d:7a:
be:89:e6:2f:55:5e:9a:9e:1f:e8:72:af:74:83:1c:
28:02:29:d3:eb:75:3e:d0:b4:c5:e4:d4:2f:10:f0:
98:09:d6:45:c6:02:d6:bf:9c:92:06:99:23:9c:a8:
35:05:dd:9d:5d:14:8d:6f:95:44:74:f6:96:fb:ae:
23:ce:8b:40:f5:9b:f1:84:67:38:c6:2a:18:15:8a:
cf:83:10:e0:4d:98:56:58:8d:3e:11:ad:ed:d5:d8:
e1:bb:08:b4:2f:b0:a7:26:a0:40:e0:1e:1b:03:80:
d9:5e:4a:56:57:7c:14:c6:ed:2e:a7:6e:f4:fd:15:
27:71:dc:f1:79:3d:5c:0c:66:a2:0a:96:fe:3b:ad:
68:7a:9f:17:9d:4b:74:7b:5b:1b:f5:01:53:d0:7c:
85:49:91:3f:08:2c:79:e4:41:74:c1:89:45:2c:47:
0e:a7:5c:e5:7a:6a:7a:63:91:e0:cc:4c:a7:09:48:
95:5e:da:15:0d:70:d2:e7:ba:01:cb:7e:08:92:e3:
0f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:78:DE:D3:69:6C:F9:1D:51:1E:A2:BA:6F:2D:71:F9:52:32:65:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d:800::/37
Signature Algorithm: sha256WithRSAEncryption
77:2f:91:fe:dd:c9:46:3d:d8:d3:1c:7a:76:5a:56:f5:f7:07:
c3:af:3f:85:7f:48:e8:ae:cb:3d:65:c6:54:ef:99:09:71:89:
75:58:13:8e:64:fd:1d:cc:72:d1:a5:47:1c:9e:a8:c8:22:0f:
aa:24:47:eb:5e:9a:30:a7:03:36:5c:09:54:52:c7:a3:d6:08:
75:c8:93:c3:75:8e:56:31:96:fa:03:33:88:b9:6e:53:b1:dc:
89:17:c8:07:50:a0:57:5a:6a:7c:ed:7f:b6:4c:34:72:8f:5e:
41:8c:82:71:9b:a8:c5:40:5f:fc:32:d1:14:90:5d:b7:b1:9a:
6c:79:a1:8e:c2:95:88:8c:3f:59:cd:e1:85:a8:41:73:3f:51:
54:b8:83:0e:5e:79:de:ce:83:3e:27:6d:c0:5a:ac:9e:a2:ce:
9b:f9:5a:5f:9d:64:1c:e2:17:ab:99:dd:56:d5:30:a3:d9:4b:
8f:55:4a:1d:b8:d9:bf:64:ca:3b:1d:88:32:d4:9f:46:89:f4:
fd:8e:62:8c:e8:84:2d:9c:95:7b:9f:ff:74:df:b7:94:0f:9f:
8d:09:4c:54:eb:2a:bc:75:f3:00:9b:0b:7c:8e:62:df:e8:23:
da:dc:d1:1e:55:32:fc:a6:3a:99:86:a5:02:a7:46:32:8a:0e:
9f:b5:ea:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMN7eri9gA2wUH6rKLZjjKNDT1oQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwNDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDExY2IwNjcyOTlhZTBkNjMxZGQyNDg1ZmM2ODIxNWNiZWEyZDJjOTM5ZTJl
MDU5NmNiZmRiZDEwYjg0ZjE3YzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIn2VnA35N1SZ4qJ6SvTj65BeNidNuYcyi+Y+sj/Ie2TqU4wCfiu8Oj2EVTg
EjJ+o8O5b9Zm7RsoHE16vonmL1Vemp4f6HKvdIMcKAIp0+t1PtC0xeTULxDwmAnW
RcYC1r+ckgaZI5yoNQXdnV0UjW+VRHT2lvuuI86LQPWb8YRnOMYqGBWKz4MQ4E2Y
VliNPhGt7dXY4bsItC+wpyagQOAeGwOA2V5KVld8FMbtLqdu9P0VJ3Hc8Xk9XAxm
ogqW/jutaHqfF51LdHtbG/UBU9B8hUmRPwgseeRBdMGJRSxHDqdc5XpqemOR4MxM
pwlIlV7aFQ1w0ue6Act+CJLjDxkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVeN7T
aWz5HVEeorpvLXH5UjJl3zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ0ODBiNmQtMjVmYy00ZjM3LWIxMjUtZjQ1Y2UyMzZmNGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0I
MA0GCSqGSIb3DQEBCwUAA4IBAQB3L5H+3clGPdjTHHp2Wlb19wfDrz+Ff0jorss9
ZcZU75kJcYl1WBOOZP0dzHLRpUccnqjIIg+qJEfrXpowpwM2XAlUUsej1gh1yJPD
dY5WMZb6AzOIuW5TsdyJF8gHUKBXWmp87X+2TDRyj15BjIJxm6jFQF/8MtEUkF23
sZpseaGOwpWIjD9ZzeGFqEFzP1FUuIMOXnnezoM+J23AWqyeos6b+VpfnWQc4her
md1W1TCj2UuPVUoduNm/ZMo7HYgy1J9GifT9jmKM6IQtnJV7n/9037eUD5+NCUxU
6yq8dfMAmwt8jmLf6CPa3NEeVTL8pjqZhqUCp0Yyig6fteoB
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:41 2026 by rpki-client