Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
File: 288fb7c1-6c49-475a-9dd0-2637b4e09492.roa (raw, json)
Hash identifier: eCGIQfxCnGH3dsxmUXO0Q5fmuOUF6VwolKHqGE7scbU=
Subject key identifier: 7D:C1:41:28:42:24:C5:14:83:5A:5E:0E:52:25:4C:83:BE:6B:0A:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FD66CCACAE78690A35D32F513282FDFCD21BC5E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
Signing time: Sat 28 Feb 2026 05:41:07 +0000
ROA not before: Sat 28 Feb 2026 05:41:07 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:d6:6c:ca:ca:e7:86:90:a3:5d:32:f5:13:28:2f:df:cd:21:bc:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:07 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7bf72f6e1e987cf59ec744a71244e34dba694752dc0f062630db81f767ce4109, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5a:23:44:1a:bb:27:69:ff:f0:f2:e2:4e:7b:
30:28:aa:7d:67:15:f8:a2:62:2c:16:33:43:a7:62:
a1:49:a6:06:c2:16:48:1f:34:29:5e:8c:81:20:ec:
34:e2:d1:da:c2:91:0f:d6:62:cd:b8:77:21:87:83:
41:54:a4:36:3b:cd:b7:02:51:cd:1c:f5:ee:f4:e1:
db:02:da:51:4c:11:fe:a7:60:7a:c8:12:01:80:18:
f8:fa:5d:07:61:46:01:3b:d9:27:0e:72:6d:2d:2b:
68:bc:1f:86:f5:9c:27:53:2a:52:98:31:cb:78:ff:
8b:7e:f2:0f:ec:bc:4e:bf:c6:56:c1:03:ec:6c:93:
ad:7e:f8:72:ec:e3:c2:33:c4:21:24:bc:3a:ff:af:
be:e0:f0:0d:9d:c4:38:4e:03:9f:5d:00:7a:58:94:
cc:6e:e3:c5:22:64:24:14:f4:99:35:e9:9e:bd:24:
d9:28:42:61:24:8e:e2:7c:e9:1f:56:c8:73:c1:89:
6a:8f:de:0a:a5:7a:37:e8:69:b9:57:72:c2:1a:59:
ad:3c:d7:c1:ce:9a:71:76:8f:36:5a:4e:90:b2:0c:
f3:c0:b7:75:e5:f9:25:e9:ef:70:7a:c2:03:d8:36:
7c:7d:f6:ee:54:f0:e3:9f:f8:cc:c6:7b:69:77:41:
df:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C1:41:28:42:24:C5:14:83:5A:5E:0E:52:25:4C:83:BE:6B:0A:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:400::/38
Signature Algorithm: sha256WithRSAEncryption
1f:5a:67:77:dc:f2:3d:70:f9:b6:24:f5:24:aa:c4:04:60:d8:
24:5a:b4:67:e2:f5:d7:59:c0:cf:91:d2:96:77:77:75:60:e6:
be:b7:d5:e8:fd:01:bd:ac:61:9f:97:a6:b2:09:a6:32:07:cf:
33:46:d1:c1:c7:15:c7:77:d8:cf:c5:a0:db:4a:14:2c:af:e8:
03:1c:e8:a6:d2:f1:5c:26:c9:3d:26:58:8b:f8:9f:01:01:18:
f3:15:db:c3:d8:a9:c4:0c:64:c1:ad:df:8e:60:d3:da:6d:73:
d5:89:f4:9f:51:02:17:9d:a7:b8:d3:bf:f2:92:fb:11:ca:80:
26:27:52:fb:40:b4:e4:3a:e7:28:d8:52:40:19:ed:ca:4b:c2:
1e:15:f9:f4:46:3e:e1:45:39:49:b1:3f:62:3b:0e:1e:51:98:
3d:dc:a0:56:2e:1b:f2:05:92:8b:08:95:78:7c:96:28:d0:c7:
ee:38:f9:3d:fd:98:14:ab:5b:7a:11:d3:a5:1c:b0:0f:73:e7:
b7:fb:e6:3c:78:58:12:f9:d0:8a:dd:07:90:ac:ef:39:26:70:
4c:64:6e:0e:f2:8d:f4:9c:cb:1e:3a:d4:f8:d2:2a:f0:79:0b:
99:1a:c4:8b:2f:e3:f3:6f:85:42:d3:20:38:53:b0:cf:ba:94:
55:e0:ff:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL9ZsysrnhpCjXTL1Eygv380hvF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiZjcyZjZlMWU5ODdjZjU5ZWM3NDRhNzEyNDRlMzRkYmE2OTQ3NTJkYzBm
MDYyNjMwZGI4MWY3NjdjZTQxMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVaI0Qauydp//Dy4k57MCiqfWcV+KJiLBYzQ6dioUmmBsIWSB80KV6MgSDs
NOLR2sKRD9Zizbh3IYeDQVSkNjvNtwJRzRz17vTh2wLaUUwR/qdgesgSAYAY+Ppd
B2FGATvZJw5ybS0raLwfhvWcJ1MqUpgxy3j/i37yD+y8Tr/GVsED7GyTrX74cuzj
wjPEISS8Ov+vvuDwDZ3EOE4Dn10AeliUzG7jxSJkJBT0mTXpnr0k2ShCYSSO4nzp
H1bIc8GJao/eCqV6N+hpuVdywhpZrTzXwc6acXaPNlpOkLIM88C3deX5JenvcHrC
A9g2fH327lTw45/4zMZ7aXdB39sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR9wUEo
QiTFFINaXg5SJUyDvmsK1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjg4ZmI3YzEtNmM0OS00NzVhLTlkZDAtMjYzN2I0ZTA5NDkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4E
MA0GCSqGSIb3DQEBCwUAA4IBAQAfWmd33PI9cPm2JPUkqsQEYNgkWrRn4vXXWcDP
kdKWd3d1YOa+t9Xo/QG9rGGfl6ayCaYyB88zRtHBxxXHd9jPxaDbShQsr+gDHOim
0vFcJsk9JliL+J8BARjzFdvD2KnEDGTBrd+OYNPabXPVifSfUQIXnae407/ykvsR
yoAmJ1L7QLTkOuco2FJAGe3KS8IeFfn0Rj7hRTlJsT9iOw4eUZg93KBWLhvyBZKL
CJV4fJYo0MfuOPk9/ZgUq1t6EdOlHLAPc+e3++Y8eFgS+dCK3QeQrO85JnBMZG4O
8o30nMseOtT40irweQuZGsSLL+Pzb4VC0yA4U7DPupRV4P8h
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:32:33 2026 by rpki-client