Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
File: 2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa (raw, json)
Hash identifier: 7GKWolCSstU/of++l022FNB6PdEaoQn14t22Wao+k/M=
Subject key identifier: C3:94:77:C0:6D:1F:B5:EE:B3:3A:62:77:18:2F:1B:96:3E:65:44:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F5ACF3B361FA3EB53FB717D5BC43DC431ABA759
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
Signing time: Sat 28 Feb 2026 05:41:25 +0000
ROA not before: Sat 28 Feb 2026 05:41:25 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:5a:cf:3b:36:1f:a3:eb:53:fb:71:7d:5b:c4:3d:c4:31:ab:a7:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:25 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=89ad635da3964c9bd9669261c2b1b36998b549d27098c96ce8bf4a96d7afbf31, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ff:46:41:3c:68:18:ba:9b:83:22:1e:ca:20:
39:40:d0:2f:5c:7b:38:de:ac:00:31:6d:0b:2f:99:
cf:f1:06:78:1e:59:10:0f:ce:58:4f:73:f7:15:34:
83:02:b9:c8:fd:bc:68:ed:d1:05:fe:9f:b5:88:b0:
22:7c:b3:f6:4d:62:a6:11:0e:62:ce:34:1f:e3:90:
2f:dd:a3:81:1d:80:8d:51:4e:df:ec:79:6a:cc:11:
bf:03:62:ed:68:73:2a:56:2a:0b:ed:d4:8b:57:ed:
15:73:a3:e8:56:eb:e2:6b:26:67:ff:d8:e9:3e:22:
30:bd:89:76:d9:de:a3:0e:4b:fb:3b:6b:f2:ff:31:
33:7f:70:09:23:25:31:e5:ae:9b:21:97:00:fc:15:
29:e7:00:31:48:f7:fc:bf:d2:25:5b:f4:83:08:45:
37:25:e3:1b:c4:76:19:99:b0:ac:3d:bb:48:16:98:
86:38:1b:eb:30:70:fb:0a:f4:ec:47:12:a1:b5:4d:
81:63:2e:40:07:87:3b:4c:ed:45:29:9b:24:f7:d5:
d3:6f:76:19:9a:7e:67:8a:8f:a1:13:e4:b0:0c:b1:
86:b0:c3:80:9f:46:8d:8c:dd:1c:b9:65:51:71:01:
53:e7:1f:e4:38:09:74:2e:83:80:00:ad:d8:d3:e0:
26:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:94:77:C0:6D:1F:B5:EE:B3:3A:62:77:18:2F:1B:96:3E:65:44:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:ae:88:74:9e:64:60:c7:59:82:a7:c2:4c:1f:86:8f:41:89:
14:39:a0:83:9f:03:90:27:26:ee:24:d8:ac:8c:57:f3:6e:26:
7f:0e:0b:11:7c:85:dd:ac:38:00:8c:55:f2:74:6b:5d:90:93:
6e:44:b6:ef:66:c7:13:96:8c:53:cc:8b:8e:36:0a:5c:8d:b6:
40:0d:f2:94:d9:2c:0a:ee:d7:49:12:05:70:59:85:5f:f7:31:
9f:ed:40:c0:6e:9c:02:56:89:f5:5a:ef:78:79:4d:4b:cb:7f:
c3:47:4e:37:c3:41:38:cc:19:98:e4:aa:52:52:fc:8e:6f:04:
e5:47:60:9e:f6:39:3f:59:00:47:e0:c3:25:c9:33:c7:4d:03:
72:b8:c0:c4:f8:cf:c0:0a:98:99:5a:3b:2b:55:73:78:fc:8b:
65:1e:13:4a:48:f5:8b:fa:a3:78:ff:ec:4a:39:36:59:d0:7f:
83:bd:fb:33:2a:0e:0f:d1:ff:de:01:4f:2c:0c:50:7e:ad:35:
2c:0d:c7:d9:20:8e:3d:3a:29:36:d7:57:10:a5:86:a6:be:fb:
b4:be:b6:3a:93:d2:9d:d3:a9:e8:a8:ee:83:5f:c0:ed:96:fd:
83:9c:97:c8:7c:6c:d6:61:e2:91:69:89:25:d6:ff:39:60:cd:
18:42:cc:08
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP1rPOzYfo+tT+3F9W8Q9xDGrp1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5YWQ2MzVkYTM5NjRjOWJkOTY2OTI2MWMyYjFiMzY5OThiNTQ5ZDI3MDk4
Yzk2Y2U4YmY0YTk2ZDdhZmJmMzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANz/RkE8aBi6m4MiHsogOUDQL1x7ON6sADFtCy+Zz/EGeB5ZEA/OWE9z9xU0
gwK5yP28aO3RBf6ftYiwInyz9k1iphEOYs40H+OQL92jgR2AjVFO3+x5aswRvwNi
7WhzKlYqC+3Ui1ftFXOj6Fbr4msmZ//Y6T4iML2Jdtneow5L+ztr8v8xM39wCSMl
MeWumyGXAPwVKecAMUj3/L/SJVv0gwhFNyXjG8R2GZmwrD27SBaYhjgb6zBw+wr0
7EcSobVNgWMuQAeHO0ztRSmbJPfV0292GZp+Z4qPoRPksAyxhrDDgJ9GjYzdHLll
UXEBU+cf5DgJdC6DgACt2NPgJmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDlHfA
bR+17rM6YncYLxuWPmVEPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmIwZGUxMmEtZWMxZC00NjViLThmMzgtNjhhMmRkNmExOWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABg
MA0GCSqGSIb3DQEBCwUAA4IBAQCfroh0nmRgx1mCp8JMH4aPQYkUOaCDnwOQJybu
JNisjFfzbiZ/DgsRfIXdrDgAjFXydGtdkJNuRLbvZscTloxTzIuONgpcjbZADfKU
2SwK7tdJEgVwWYVf9zGf7UDAbpwCVon1Wu94eU1Ly3/DR043w0E4zBmY5KpSUvyO
bwTlR2Ce9jk/WQBH4MMlyTPHTQNyuMDE+M/ACpiZWjsrVXN4/ItlHhNKSPWL+qN4
/+xKOTZZ0H+DvfszKg4P0f/eAU8sDFB+rTUsDcfZII49Oik211cQpYamvvu0vrY6
k9Kd06noqO6DX8Dtlv2DnJfIfGzWYeKRaYkl1v85YM0YQswI
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:50:03 2026 by rpki-client