Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
File: 24b496aa-161c-4d5d-a9ca-3ba09772390a.roa (raw, json)
Hash identifier: wIU8Kc73rGk6iq7KMotJT2dxKHFGaMMHtyIXyPxjCLQ=
Subject key identifier: 46:2D:0C:D9:61:E9:5F:5C:6D:94:27:94:3E:CA:BF:8E:6E:EB:05:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D3ACE035FB25ACB2E11A8DEA28871A83E1C982C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
Signing time: Sat 28 Feb 2026 06:21:09 +0000
ROA not before: Sat 28 Feb 2026 06:21:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:3a:ce:03:5f:b2:5a:cb:2e:11:a8:de:a2:88:71:a8:3e:1c:98:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5e761b26159a6e0ab11df2fbf9e26969be77ec98687d6c46198baac7e57e6cfc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a9:36:fa:7f:a8:bd:3e:10:bb:01:6a:de:51:
e0:d2:17:5f:9d:a8:56:90:10:5d:f7:3a:f9:ae:eb:
cc:2e:62:24:8a:52:d3:7b:8c:30:f5:af:1e:c4:2b:
e1:5c:61:f7:78:f0:55:00:2b:c4:a9:11:c5:a6:8f:
c0:5b:de:3f:0c:ec:0e:3e:fb:b9:0b:2c:b3:59:00:
1a:07:ac:39:91:45:be:d3:0a:f9:a3:de:62:28:f4:
e5:1b:00:99:ae:ae:2d:9c:69:2d:d9:b4:d8:03:3f:
73:ff:32:2f:74:16:21:84:a7:88:28:e8:f7:2e:f3:
e2:f6:6c:cd:1c:1f:6a:31:c1:f3:b6:28:39:85:b6:
36:b3:5a:98:77:95:f3:d7:81:1a:d6:5a:a7:77:58:
0c:e5:3d:ae:54:1d:cd:2e:16:99:c5:da:58:91:65:
c1:29:22:38:65:29:1a:d4:7c:9d:1c:9b:78:01:7e:
9d:16:51:3a:c5:77:d2:f5:a7:30:b4:9a:72:aa:85:
c4:97:6f:68:f1:4b:5a:db:55:d3:35:52:ca:dd:0e:
4b:4d:1e:ec:aa:64:73:50:20:db:ff:e1:c2:09:7c:
6f:ac:4b:65:37:56:1b:af:5a:9e:0b:25:ef:32:fb:
2d:6f:3b:5b:0b:28:b0:b7:fa:5e:ab:79:5c:ad:87:
10:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:2D:0C:D9:61:E9:5F:5C:6D:94:27:94:3E:CA:BF:8E:6E:EB:05:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:6000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:75:2a:a9:0f:87:12:90:d5:65:cf:c0:6e:a2:19:fd:fe:7c:
32:76:f1:8d:17:d6:4e:eb:d4:a6:8e:07:2b:1a:e0:fa:47:b7:
72:3b:74:e5:ff:5a:f6:53:27:4c:67:a5:b5:93:a5:bc:ca:2f:
03:54:ee:e1:52:6a:57:ad:d8:49:ea:65:b6:fa:46:ba:8e:20:
24:8e:f2:ce:43:2c:b1:da:7b:86:08:92:70:2b:47:70:cb:11:
95:ea:41:05:31:ba:49:34:31:d3:f9:a0:48:61:74:bc:5c:ac:
03:66:b8:32:e9:07:d3:7e:f6:a3:80:5f:41:42:5b:ae:74:a2:
66:c8:43:17:5e:a2:fd:8a:ed:46:84:10:e1:cc:00:b2:f3:8f:
4b:05:b8:d1:9c:00:57:d6:82:c1:2a:1b:7c:0e:01:75:9b:f1:
5d:aa:ce:70:dc:11:b1:7a:fa:03:81:3b:9a:70:0d:02:05:79:
86:cf:e9:8b:23:97:bd:2d:65:65:97:bb:8c:56:4d:77:ca:b8:
83:60:93:4e:53:42:6e:1a:0b:91:f4:35:4a:a3:68:ad:fe:7e:
fd:93:6e:1c:dd:1b:48:96:34:44:4f:65:fe:b1:10:99:9f:e8:
00:b8:45:4d:1d:ea:61:41:a3:09:71:19:c9:87:34:61:79:6a:
23:81:36:cf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULTrOA1+yWssuEajeoohxqD4cmCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlNzYxYjI2MTU5YTZlMGFiMTFkZjJmYmY5ZTI2OTY5YmU3N2VjOTg2ODdk
NmM0NjE5OGJhYWM3ZTU3ZTZjZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKpNvp/qL0+ELsBat5R4NIXX52oVpAQXfc6+a7rzC5iJIpS03uMMPWvHsQr
4Vxh93jwVQArxKkRxaaPwFvePwzsDj77uQsss1kAGgesOZFFvtMK+aPeYij05RsA
ma6uLZxpLdm02AM/c/8yL3QWIYSniCjo9y7z4vZszRwfajHB87YoOYW2NrNamHeV
89eBGtZap3dYDOU9rlQdzS4WmcXaWJFlwSkiOGUpGtR8nRybeAF+nRZROsV30vWn
MLSacqqFxJdvaPFLWttV0zVSyt0OS00e7Kpkc1Ag2//hwgl8b6xLZTdWG69angsl
7zL7LW87WwsosLf6Xqt5XK2HEMECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGLQzZ
YelfXG2UJ5Q+yr+ObusF4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjRiNDk2YWEtMTYxYy00ZDVkLWE5Y2EtM2JhMDk3NzIzOTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZg
MA0GCSqGSIb3DQEBCwUAA4IBAQAsdSqpD4cSkNVlz8Buohn9/nwydvGNF9ZO69Sm
jgcrGuD6R7dyO3Tl/1r2UydMZ6W1k6W8yi8DVO7hUmpXrdhJ6mW2+ka6jiAkjvLO
Qyyx2nuGCJJwK0dwyxGV6kEFMbpJNDHT+aBIYXS8XKwDZrgy6QfTfvajgF9BQluu
dKJmyEMXXqL9iu1GhBDhzACy849LBbjRnABX1oLBKht8DgF1m/Fdqs5w3BGxevoD
gTuacA0CBXmGz+mLI5e9LWVll7uMVk13yriDYJNOU0JuGguR9DVKo2it/n79k24c
3RtIljRET2X+sRCZn+gAuEVNHephQaMJcRnJhzRheWojgTbP
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:51:15 2026 by rpki-client