Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28840fdb-fbc9-4b51-b09b-bc08d6342ea7.roa
File: 28840fdb-fbc9-4b51-b09b-bc08d6342ea7.roa (raw, json)
Hash identifier: 4dgUgPFraa5Z7zRPwDpCAKSnFWanvdbMnJvhvnsVYDA=
Subject key identifier: B2:04:4A:32:06:FC:1C:34:3D:BB:23:1B:EB:7A:67:7C:4C:04:03:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0124CF3904A55E30ACDD54F1A08234AA3153BD15
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28840fdb-fbc9-4b51-b09b-bc08d6342ea7.roa
Signing time: Tue 17 Feb 2026 03:10:30 +0000
ROA not before: Tue 17 Feb 2026 03:10:30 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:24:cf:39:04:a5:5e:30:ac:dd:54:f1:a0:82:34:aa:31:53:bd:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:30 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=2327e858013a8d6b37a96d0cc564b2cf0b8ace9d759761edee553f4527bb9ac4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:75:c4:7b:dc:4a:cc:a6:8c:fb:a2:3b:00:9e:
ec:31:23:4c:78:3e:a9:3a:ce:2b:04:bb:0a:55:37:
ae:f2:62:e6:1d:b4:61:43:ea:2c:61:4c:bf:fc:3d:
42:23:a5:59:6e:51:4e:5b:8a:04:21:ee:6b:77:3c:
ba:24:55:ea:31:0d:44:a4:94:84:12:35:9d:4f:c7:
aa:1a:6e:16:46:7d:aa:76:87:db:5b:cb:90:c9:cd:
26:d5:33:e9:7b:dc:16:7f:d3:df:48:78:4d:b3:ff:
6b:14:6f:2a:06:fa:a9:5b:db:1b:28:7f:63:a4:41:
96:5d:b8:d0:fa:07:d5:e9:19:cc:87:66:1f:90:02:
d3:d2:07:0d:32:bd:0e:75:c4:16:93:83:2e:90:40:
e2:0b:4c:0f:4c:b7:25:b9:67:10:db:e7:9d:a4:fb:
da:b6:3f:71:d3:8f:6c:b9:d3:aa:4a:c7:aa:66:ba:
fd:52:0e:52:ff:0e:1c:ed:88:bb:39:1b:f1:7e:7d:
08:10:61:f5:91:26:30:f9:60:bd:fb:ef:c7:9a:0c:
52:86:88:2e:4a:7b:dd:15:b4:43:2f:fd:cc:f4:e2:
1c:df:54:14:35:a3:fa:26:98:36:6a:fd:88:e6:17:
da:54:24:4c:40:d4:12:29:3f:36:c9:6c:4b:29:9d:
dc:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:04:4A:32:06:FC:1C:34:3D:BB:23:1B:EB:7A:67:7C:4C:04:03:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28840fdb-fbc9-4b51-b09b-bc08d6342ea7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:00:b8:5e:a8:92:52:ac:69:dd:11:12:5d:10:c5:8d:4e:bc:
84:2c:12:fe:cb:77:a9:6a:16:86:50:f0:6d:ea:63:b1:bd:60:
40:94:97:5e:fb:45:22:9d:ee:6d:4a:17:73:e8:57:3f:11:55:
8c:fa:01:a5:3f:62:5b:41:74:bc:5b:f6:e5:85:1d:c7:60:c5:
74:e8:29:b6:fa:49:e9:29:0a:18:13:f2:f1:e8:c5:18:97:a2:
b1:f8:2d:29:c3:22:19:fd:b5:bd:9e:56:ec:7d:eb:6f:18:6b:
9d:42:30:7f:10:68:e8:4a:cb:10:37:29:74:65:ac:e0:88:7d:
30:76:dd:52:79:3a:fa:dd:c5:f3:64:52:dc:29:ee:52:49:04:
80:96:53:bf:66:45:7f:d5:c2:b8:34:3f:8b:60:64:af:61:27:
33:12:49:53:c4:a3:66:a0:40:2b:2f:94:93:bc:bb:34:80:88:
e0:ca:e6:06:f7:b8:4c:c1:f2:de:9d:3a:3c:69:1a:ce:c2:55:
36:70:9e:a5:e5:85:7b:e6:2d:4c:4c:e5:0d:65:31:79:4f:4f:
d5:b9:f5:79:68:4b:3c:72:8a:3f:aa:21:9a:68:4e:20:31:c1:
4a:fe:b5:91:b4:e7:29:10:01:68:53:cb:93:36:bd:04:10:75:
85:c6:ff:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUASTPOQSlXjCs3VTxoII0qjFTvRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMzBaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzMjdlODU4MDEzYThkNmIzN2E5NmQwY2M1NjRiMmNmMGI4YWNlOWQ3NTk3
NjFlZGVlNTUzZjQ1MjdiYjlhYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMx1xHvcSsymjPuiOwCe7DEjTHg+qTrOKwS7ClU3rvJi5h20YUPqLGFMv/w9
QiOlWW5RTluKBCHua3c8uiRV6jENRKSUhBI1nU/HqhpuFkZ9qnaH21vLkMnNJtUz
6XvcFn/T30h4TbP/axRvKgb6qVvbGyh/Y6RBll240PoH1ekZzIdmH5AC09IHDTK9
DnXEFpODLpBA4gtMD0y3JblnENvnnaT72rY/cdOPbLnTqkrHqma6/VIOUv8OHO2I
uzkb8X59CBBh9ZEmMPlgvfvvx5oMUoaILkp73RW0Qy/9zPTiHN9UFDWj+iaYNmr9
iOYX2lQkTEDUEik/NslsSymd3KECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSyBEoy
BvwcND27Ixvremd8TAQDnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjg4NDBmZGItZmJjOS00YjUxLWIwOWItYmMwOGQ2MzQyZWE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCnALheqJJSrGndERJdEMWNTryELBL+y3epahaG
UPBt6mOxvWBAlJde+0Uine5tShdz6Fc/EVWM+gGlP2JbQXS8W/blhR3HYMV06Cm2
+knpKQoYE/Lx6MUYl6Kx+C0pwyIZ/bW9nlbsfetvGGudQjB/EGjoSssQNyl0Zazg
iH0wdt1SeTr63cXzZFLcKe5SSQSAllO/ZkV/1cK4ND+LYGSvYSczEklTxKNmoEAr
L5STvLs0gIjgyuYG97hMwfLenTo8aRrOwlU2cJ6l5YV75i1MTOUNZTF5T0/VufV5
aEs8coo/qiGaaE4gMcFK/rWRtOcpEAFoU8uTNr0EEHWFxv+5
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:27 2026 by rpki-client