Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
File: 2331f846-3447-4dea-ac7a-63323853ebb9.roa (raw, json)
Hash identifier: J50yAkOqWCXWEbSuuryXKxQpsp4KSbRYx2nhttKlqSw=
Subject key identifier: 5A:5C:F0:B6:97:48:51:A2:56:3F:F5:13:77:82:C9:A4:59:E3:D3:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FD0123D5821520861552264E7865C7C27D12487
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
Signing time: Sat 28 Feb 2026 05:41:10 +0000
ROA not before: Sat 28 Feb 2026 05:41:10 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:d0:12:3d:58:21:52:08:61:55:22:64:e7:86:5c:7c:27:d1:24:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:10 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=63b03373c55d92c88529eaeb3825cfe28920f57a9a1f4ea40586e2f994f1e114, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e3:41:8d:ec:55:2c:29:79:d0:c9:4b:6d:d2:
16:dd:64:96:5b:79:42:d8:e6:a1:82:59:2f:b4:7d:
f7:2b:f5:45:0c:46:64:d4:f6:f4:4d:5c:d9:35:5d:
66:4b:73:9b:41:83:94:bb:89:41:f2:0d:d2:af:db:
2d:a8:89:74:38:a6:5c:00:5e:8d:c1:f5:1b:19:bd:
35:d2:00:23:8c:92:15:fc:43:ce:ea:49:19:cb:99:
25:97:4d:eb:c0:81:0b:06:d7:e3:b4:2d:c9:27:21:
4a:a4:3a:b4:f9:65:1c:c3:9f:5f:68:0a:b4:ed:34:
6f:d4:e1:ac:09:72:97:99:a8:b5:6d:aa:39:a2:0f:
90:da:c1:7d:b7:7e:9c:f0:2c:46:64:d7:69:64:cf:
bc:40:2d:3c:ee:e5:60:71:2c:27:e6:2a:1c:c1:2e:
09:cd:ad:c7:18:28:3b:e9:2f:99:b5:85:1a:70:4f:
f9:0b:bd:f8:0f:91:e1:4f:77:75:6b:79:9d:76:c5:
38:50:f9:7a:05:aa:2e:9c:55:d1:d4:44:96:36:78:
5b:74:73:9f:5d:73:55:68:a9:b8:e2:98:a0:d1:ea:
4c:25:76:00:e8:c8:f7:f7:62:0c:13:1b:fb:6d:84:
4e:e4:96:e8:97:90:d5:db:07:e2:a4:42:dc:4b:e4:
97:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5C:F0:B6:97:48:51:A2:56:3F:F5:13:77:82:C9:A4:59:E3:D3:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
46:b4:46:f3:ec:b6:52:aa:51:fa:40:d9:0c:46:8d:ff:18:9a:
ce:28:26:b9:30:2d:1a:1f:1f:95:a7:03:e5:a6:f7:41:e8:6d:
b7:d0:35:bd:ef:3e:bb:67:71:73:a2:f2:7f:a3:74:70:3f:aa:
47:82:c5:ca:d7:7e:c0:c2:72:a7:f9:f4:b4:18:08:c3:08:ca:
6d:6e:6c:01:cd:70:13:d3:6a:25:fc:66:bd:0a:df:ac:d1:70:
d6:54:f3:55:1d:ba:0a:f0:8a:f6:3a:94:43:47:e5:66:ff:71:
5d:29:83:fe:7d:fa:c6:94:8d:ea:63:7e:fb:b3:31:b8:6d:19:
f5:35:b4:ee:b4:e6:4b:be:d6:b0:ce:5a:9a:87:07:2f:19:96:
cd:54:f1:c1:e8:c0:32:67:20:02:e6:97:7b:0b:8e:79:cf:a4:
e0:e8:75:6f:d6:fb:cf:45:21:60:d4:1b:fd:69:2b:0d:36:5c:
c1:d9:3f:bc:3f:31:05:75:5e:44:99:3c:32:5f:51:09:f1:a1:
0f:4d:fd:2a:6b:e0:cd:76:3b:18:e8:28:72:16:11:72:41:84:
4f:d6:75:b4:2f:08:3a:2e:c8:0e:41:19:92:f1:fa:a2:cc:d6:
ef:e9:de:dc:7a:4b:ed:8e:2a:5b:3f:b4:8f:f0:4e:2a:b7:82:
55:81:45:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP9ASPVghUghhVSJk54ZcfCfRJIcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzYjAzMzczYzU1ZDkyYzg4NTI5ZWFlYjM4MjVjZmUyODkyMGY1N2E5YTFm
NGVhNDA1ODZlMmY5OTRmMWUxMTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTjQY3sVSwpedDJS23SFt1kllt5QtjmoYJZL7R99yv1RQxGZNT29E1c2TVd
Zktzm0GDlLuJQfIN0q/bLaiJdDimXABejcH1Gxm9NdIAI4ySFfxDzupJGcuZJZdN
68CBCwbX47QtySchSqQ6tPllHMOfX2gKtO00b9ThrAlyl5motW2qOaIPkNrBfbd+
nPAsRmTXaWTPvEAtPO7lYHEsJ+YqHMEuCc2txxgoO+kvmbWFGnBP+Qu9+A+R4U93
dWt5nXbFOFD5egWqLpxV0dREljZ4W3Rzn11zVWipuOKYoNHqTCV2AOjI9/diDBMb
+22ETuSW6JeQ1dsH4qRC3EvklyMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRaXPC2
l0hRolY/9RN3gsmkWePTujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjMzMWY4NDYtMzQ0Ny00ZGVhLWFjN2EtNjMzMjM4NTNlYmI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g
MA0GCSqGSIb3DQEBCwUAA4IBAQBGtEbz7LZSqlH6QNkMRo3/GJrOKCa5MC0aHx+V
pwPlpvdB6G230DW97z67Z3FzovJ/o3RwP6pHgsXK137AwnKn+fS0GAjDCMptbmwB
zXAT02ol/Ga9Ct+s0XDWVPNVHboK8Ir2OpRDR+Vm/3FdKYP+ffrGlI3qY377szG4
bRn1NbTutOZLvtawzlqahwcvGZbNVPHB6MAyZyAC5pd7C455z6Tg6HVv1vvPRSFg
1Bv9aSsNNlzB2T+8PzEFdV5EmTwyX1EJ8aEPTf0qa+DNdjsY6ChyFhFyQYRP1nW0
Lwg6LsgOQRmS8fqizNbv6d7cekvtjipbP7SP8E4qt4JVgUV0
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:53 2026 by rpki-client