Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
File: 28181159-5695-4944-b901-f84b836b4d8f.roa (raw, json)
Hash identifier: Pi8OebXBKaiqMaePrwqoWaEhQKwgXiBn2hQNTZVpl74=
Subject key identifier: 6F:72:99:5F:F5:4B:B1:21:C2:43:39:FF:3B:92:DB:E1:4D:1D:64:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49827620E4EF95C420F850D46BA7C370B21462DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
Signing time: Wed 25 Feb 2026 03:00:11 +0000
ROA not before: Wed 25 Feb 2026 03:00:11 +0000
ROA not after: Tue 26 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:82:76:20:e4:ef:95:c4:20:f8:50:d4:6b:a7:c3:70:b2:14:62:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 25 03:00:11 2026 GMT
Not After : May 26 23:59:59 2026 GMT
Subject: serialNumber=0abc7bcf3f5cb24a80ff8002fb8db0f0b8096ee09a9d11b85d4ca5da44c2677c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:da:df:ee:70:f2:ee:a9:8f:cd:8a:9c:00:f0:
91:46:2e:37:c0:ed:78:5f:db:3c:f9:ea:3b:5a:66:
20:8d:7f:86:0f:ff:c9:5e:93:a2:4c:5e:27:eb:a0:
56:0c:e6:63:75:e8:7a:10:f5:26:9d:27:61:fb:40:
fb:e6:7a:c4:3f:49:7d:87:bd:da:17:31:c7:dd:6a:
d6:2e:4c:65:9d:52:26:14:8e:82:59:81:fc:e9:0c:
29:44:ec:13:24:54:42:97:22:a6:ad:a3:b5:de:a6:
83:32:12:58:07:05:e1:d4:0e:95:ee:2c:c7:7b:08:
1a:eb:80:a2:b8:d8:26:ab:ab:44:bd:41:ca:f8:cf:
74:95:be:24:9a:4e:12:53:a2:cf:fc:90:89:f3:55:
7f:b1:10:5e:da:13:f7:4b:0b:66:90:1b:39:c1:d4:
c5:78:17:99:2c:80:1f:d3:4d:ca:89:49:e2:ac:73:
93:83:09:04:ff:9a:8e:20:45:fa:8c:1a:3a:96:a6:
8a:e4:13:1c:e0:94:4d:89:b5:bd:b2:56:0e:cf:08:
6a:13:a1:99:34:1d:e5:0f:2d:66:9f:74:96:9d:9f:
9f:40:01:7c:fa:1b:ec:0f:4a:8c:19:2f:5d:75:70:
ca:ed:c1:1c:f8:a4:c4:09:7b:4e:64:b2:aa:62:e8:
87:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:72:99:5F:F5:4B:B1:21:C2:43:39:FF:3B:92:DB:E1:4D:1D:64:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/40
Signature Algorithm: sha256WithRSAEncryption
69:b8:37:d4:55:71:eb:04:04:ed:88:cb:65:71:67:7c:75:ff:
f0:36:8a:21:48:1d:8c:79:b1:fe:88:b7:6e:9f:33:e8:eb:9a:
27:bf:4b:3a:f1:ab:2b:3d:38:30:5a:df:5b:6e:90:b0:0a:5e:
00:10:57:f2:e4:eb:7f:4c:bd:01:99:f7:96:ff:b4:c0:1d:7c:
4a:2f:b0:89:1b:b1:f6:8f:bb:43:fd:dc:0e:03:22:42:5b:45:
e5:35:fc:91:4b:a1:99:2d:a9:05:f7:10:36:62:93:c1:60:62:
fa:d8:8c:6c:66:f7:19:91:7e:9f:d0:c4:87:3c:d2:47:24:2f:
86:b9:df:8a:ae:35:d8:f7:0a:c2:42:df:b8:17:f0:a3:3b:28:
01:48:cb:90:f5:8a:0e:58:b1:19:b4:1d:56:3f:0a:13:88:c0:
ca:be:c9:d9:e0:f1:08:aa:bd:0b:a8:cb:70:2e:2d:8e:9f:b0:
66:68:da:fb:f5:7c:f9:ea:01:27:5d:d6:20:4f:fe:87:08:64:
d7:5e:b0:e5:9c:b5:6e:d1:fa:54:4f:aa:3c:6d:fd:72:1d:a2:
4c:27:a2:8a:5e:47:cc:dc:72:af:1f:c2:b0:29:b8:4f:ed:e7:
17:3a:4f:94:58:cd:a2:b7:b3:cd:6d:37:f1:11:5a:54:1a:ac:
e2:e7:5d:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSYJ2IOTvlcQg+FDUa6fDcLIUYt0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjUwMzAwMTFaFw0yNjA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhYmM3YmNmM2Y1Y2IyNGE4MGZmODAwMmZiOGRiMGYwYjgwOTZlZTA5YTlk
MTFiODVkNGNhNWRhNDRjMjY3N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANna3+5w8u6pj82KnADwkUYuN8DteF/bPPnqO1pmII1/hg//yV6TokxeJ+ug
VgzmY3XoehD1Jp0nYftA++Z6xD9JfYe92hcxx91q1i5MZZ1SJhSOglmB/OkMKUTs
EyRUQpcipq2jtd6mgzISWAcF4dQOle4sx3sIGuuAorjYJqurRL1ByvjPdJW+JJpO
ElOiz/yQifNVf7EQXtoT90sLZpAbOcHUxXgXmSyAH9NNyolJ4qxzk4MJBP+ajiBF
+owaOpamiuQTHOCUTYm1vbJWDs8IahOhmTQd5Q8tZp90lp2fn0ABfPob7A9KjBkv
XXVwyu3BHPikxAl7TmSyqmLoh/cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRvcplf
9UuxIcJDOf87ktvhTR1kezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjgxODExNTktNTY5NS00OTQ0LWI5MDEtZjg0YjgzNmI0ZDhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBpuDfUVXHrBATtiMtlcWd8df/wNoohSB2MebH+
iLdunzPo65onv0s68asrPTgwWt9bbpCwCl4AEFfy5Ot/TL0BmfeW/7TAHXxKL7CJ
G7H2j7tD/dwOAyJCW0XlNfyRS6GZLakF9xA2YpPBYGL62IxsZvcZkX6f0MSHPNJH
JC+Gud+KrjXY9wrCQt+4F/CjOygBSMuQ9YoOWLEZtB1WPwoTiMDKvsnZ4PEIqr0L
qMtwLi2On7BmaNr79Xz56gEnXdYgT/6HCGTXXrDlnLVu0fpUT6o8bf1yHaJMJ6KK
XkfM3HKvH8KwKbhP7ecXOk+UWM2it7PNbTfxEVpUGqzi512k
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:17:00 2026 by rpki-client