Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
File: 248ea861-facc-4167-976d-1e65c556b074.roa (raw, json)
Hash identifier: te2mAw3hLqHkE4+Mfwl+HBkr1n3jdyTK2rJYW+PwpRw=
Subject key identifier: 22:8F:FF:FF:68:29:A7:DA:1C:E9:D9:EB:C3:B6:9F:23:54:35:D6:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6452539A8ECB181880828834ABB8D3599AD0F982
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
Signing time: Sat 28 Feb 2026 06:10:12 +0000
ROA not before: Sat 28 Feb 2026 06:10:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:52:53:9a:8e:cb:18:18:80:82:88:34:ab:b8:d3:59:9a:d0:f9:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5952ef3906ad76c697c057b5a21fb2ea04d7a3692d4256db2dae558e0e916529, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f0:aa:5a:3c:ee:88:89:1b:8a:a4:ea:00:fd:
12:90:da:91:f7:56:ba:f1:ae:6c:a7:11:ac:38:6d:
dc:13:d3:b5:c5:54:07:01:aa:ba:76:bc:ef:31:49:
0c:bc:4c:fa:72:fb:ea:c9:21:cb:3f:c2:37:9c:24:
e1:58:9b:4b:d2:62:28:9c:96:95:db:98:7f:2f:0a:
75:2e:62:57:12:98:ea:d8:7f:1a:55:0a:4b:5e:5d:
ad:9b:f7:7c:26:69:60:01:2b:e5:44:2a:83:58:d8:
ea:fc:ce:f0:1c:2f:1d:c3:2f:9c:1c:2a:08:fc:c5:
a3:29:5e:50:33:bf:6d:8d:b6:b0:24:05:26:8f:24:
8a:18:f7:2d:bc:7a:c6:61:e2:76:dd:a6:13:1b:b0:
b7:a7:84:32:85:34:1b:06:a3:a0:a3:39:da:b8:fd:
e7:7e:b1:df:49:0b:6f:87:99:59:f0:b6:6c:26:81:
f6:4e:d5:d0:fe:21:f2:c2:85:c2:58:ac:a9:19:50:
30:ae:ac:1b:86:f0:4c:92:f7:fe:7c:0c:b7:c9:15:
11:01:f7:9d:01:a8:a2:ad:64:c4:4a:23:bc:05:e8:
e6:44:5d:70:52:24:e9:53:98:c1:53:99:a2:df:ad:
34:c2:75:a8:7e:d0:4a:27:32:80:14:f9:53:16:bd:
21:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8F:FF:FF:68:29:A7:DA:1C:E9:D9:EB:C3:B6:9F:23:54:35:D6:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:1000::/40
Signature Algorithm: sha256WithRSAEncryption
11:63:f2:28:1c:a6:50:cf:13:ed:f3:f4:2a:aa:ea:df:f2:19:
1b:14:12:eb:56:c7:9f:29:90:c8:67:e9:6a:a5:e6:44:0a:54:
35:36:37:0b:2c:6f:85:4b:a7:ce:a9:ae:4c:dd:6f:3b:a3:43:
e8:e7:01:88:35:1a:ae:dc:e2:8f:21:8b:75:bd:5a:12:8b:96:
a3:f7:25:05:f4:00:0d:2c:8f:b9:e0:7e:9f:18:c7:90:3b:73:
30:81:cc:c0:a1:2c:05:d9:70:0d:ea:ed:1e:3e:97:86:9e:df:
93:5d:dc:fc:a5:88:d6:5f:93:78:ea:ea:8a:a1:89:24:77:d1:
d2:bc:99:8d:11:a5:51:a9:df:1e:ce:a0:49:16:d2:5d:9d:c1:
e8:7c:12:75:40:d2:99:cd:95:bc:74:c0:d7:01:e8:0a:3b:3c:
63:60:36:08:53:c1:ae:bf:4e:17:5a:97:e7:d6:c8:00:83:fb:
6c:46:02:e4:a4:a2:ad:30:d9:d0:06:3b:56:7d:3b:4a:81:35:
08:53:1d:93:fd:a7:66:12:c6:17:2f:c6:e6:79:d8:fb:61:65:
00:5e:b0:7b:4a:71:3a:1d:08:fe:cc:c4:84:08:46:42:ee:cc:
e5:36:58:61:b5:a1:50:6d:6f:4d:aa:37:f4:41:36:51:98:dd:
5e:d0:8e:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZFJTmo7LGBiAgog0q7jTWZrQ+YIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5NTJlZjM5MDZhZDc2YzY5N2MwNTdiNWEyMWZiMmVhMDRkN2EzNjkyZDQy
NTZkYjJkYWU1NThlMGU5MTY1MjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvwqlo87oiJG4qk6gD9EpDakfdWuvGubKcRrDht3BPTtcVUBwGquna87zFJ
DLxM+nL76skhyz/CN5wk4VibS9JiKJyWlduYfy8KdS5iVxKY6th/GlUKS15drZv3
fCZpYAEr5UQqg1jY6vzO8BwvHcMvnBwqCPzFoyleUDO/bY22sCQFJo8kihj3Lbx6
xmHidt2mExuwt6eEMoU0GwajoKM52rj9536x30kLb4eZWfC2bCaB9k7V0P4h8sKF
wlisqRlQMK6sG4bwTJL3/nwMt8kVEQH3nQGooq1kxEojvAXo5kRdcFIk6VOYwVOZ
ot+tNMJ1qH7QSicygBT5Uxa9IUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQij///
aCmn2hzp2evDtp8jVDXWgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ4ZWE4NjEtZmFjYy00MTY3LTk3NmQtMWU2NWM1NTZiMDc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQARY/IoHKZQzxPt8/Qqqurf8hkbFBLrVsefKZDI
Z+lqpeZEClQ1NjcLLG+FS6fOqa5M3W87o0Po5wGINRqu3OKPIYt1vVoSi5aj9yUF
9AANLI+54H6fGMeQO3MwgczAoSwF2XAN6u0ePpeGnt+TXdz8pYjWX5N46uqKoYkk
d9HSvJmNEaVRqd8ezqBJFtJdncHofBJ1QNKZzZW8dMDXAegKOzxjYDYIU8Guv04X
Wpfn1sgAg/tsRgLkpKKtMNnQBjtWfTtKgTUIUx2T/admEsYXL8bmedj7YWUAXrB7
SnE6HQj+zMSECEZC7szlNlhhtaFQbW9Nqjf0QTZRmN1e0I63
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:23 2026 by rpki-client