Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json)
Hash identifier: 3WhH+0dpHY+L85zFG/J9P9tkDI60oDJm5Jq0aZWX1ek=
Subject key identifier: 1C:75:F8:54:03:19:65:B1:06:4B:DA:07:7D:45:21:CD:38:1C:62:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DDFDA9A49E368D6D5E2487C8378B445F80308EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
Signing time: Sat 28 Feb 2026 05:30:13 +0000
ROA not before: Sat 28 Feb 2026 05:30:13 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:df:da:9a:49:e3:68:d6:d5:e2:48:7c:83:78:b4:45:f8:03:08:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:13 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=17acd46233a7bb4032f9e4691b2aafcd6eac99445e6a985d00fd143d4cc5d2be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9a:b3:9a:86:9a:7e:c9:74:18:17:70:ad:99:
f3:02:be:74:6d:26:c2:f1:2a:3b:b0:6c:bb:5b:33:
be:d9:f7:a5:07:96:2d:3e:c9:92:41:7b:40:f4:a6:
07:09:13:83:53:6e:f0:fa:b3:01:7a:ea:ed:c3:5f:
03:d7:55:f9:cf:21:32:37:80:bb:2b:f4:3e:1a:50:
2d:f1:4f:a7:70:29:5c:46:4a:ad:6e:66:2f:7b:24:
20:c3:a8:e6:8f:b2:ae:f4:12:3b:1e:40:73:51:77:
32:c4:5a:b8:6c:58:32:a1:63:51:d3:31:5d:8b:b4:
08:e3:bd:41:59:a1:80:02:99:69:b3:0a:1f:42:16:
d6:29:77:56:88:e4:b4:76:1e:aa:6e:c7:c0:98:94:
74:83:53:9b:0d:fb:a7:a6:52:cc:6c:2b:3c:2a:39:
bf:ac:80:8c:cb:75:9f:12:e4:1b:ed:26:73:e6:ad:
a5:6d:35:5e:ad:e1:d7:7e:81:10:3c:ec:26:aa:45:
a6:14:bd:a9:fe:84:b9:04:07:90:52:e6:bc:cf:20:
45:ca:e9:1e:63:02:45:53:cc:84:ba:36:df:12:2a:
6b:e9:2a:d0:6d:df:31:79:f6:c5:8e:a0:12:c8:e4:
c4:c9:00:75:46:1b:a6:d1:fa:ff:4e:8c:8d:8f:8d:
79:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:75:F8:54:03:19:65:B1:06:4B:DA:07:7D:45:21:CD:38:1C:62:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:a000::/40
Signature Algorithm: sha256WithRSAEncryption
83:ba:55:db:9a:1b:34:34:69:5a:0d:98:29:b9:46:db:14:fe:
d1:04:1b:c7:c6:2f:4e:f5:cb:d1:fd:5b:75:51:ee:c8:61:8a:
1c:d3:c6:b5:0d:31:51:b3:9f:05:04:b4:9b:56:b7:5a:aa:7a:
2a:83:d4:6e:85:06:63:0c:c0:3a:5c:f2:83:98:01:d2:72:ee:
c1:12:71:05:ca:14:07:7e:8e:08:f5:7a:9a:61:66:fc:b1:ff:
f1:95:a6:f3:9d:57:bf:02:41:70:4f:04:56:a7:77:35:4c:88:
93:6d:ce:1e:36:cb:94:c6:14:02:48:32:90:57:c8:3e:d7:c8:
e8:9e:07:ff:9d:47:b3:49:4b:87:0f:7e:d4:c6:e3:35:3a:3c:
22:5f:81:c8:c5:b0:ab:3f:d7:64:a4:2a:28:22:03:ce:77:c1:
7f:50:9c:14:ca:f1:07:b1:3d:a4:79:d9:92:d9:22:d0:0b:1e:
4e:4a:a0:71:b0:52:f7:a0:6e:41:e4:7d:8a:b1:f4:38:60:12:
6f:f4:f5:c8:41:2c:fd:1c:b9:e3:29:ab:78:cd:30:f2:c0:29:
91:c0:7a:72:21:30:2e:d7:d7:bd:26:fb:5c:7c:e1:62:b8:5a:
c9:d5:02:61:8b:fd:49:e1:bf:94:37:b7:ea:a1:b5:ec:c4:d9:
59:2c:f6:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXd/amknjaNbV4kh8g3i0RfgDCO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwMTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3YWNkNDYyMzNhN2JiNDAzMmY5ZTQ2OTFiMmFhZmNkNmVhYzk5NDQ1ZTZh
OTg1ZDAwZmQxNDNkNGNjNWQyYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyas5qGmn7JdBgXcK2Z8wK+dG0mwvEqO7Bsu1szvtn3pQeWLT7JkkF7QPSm
BwkTg1Nu8PqzAXrq7cNfA9dV+c8hMjeAuyv0PhpQLfFPp3ApXEZKrW5mL3skIMOo
5o+yrvQSOx5Ac1F3MsRauGxYMqFjUdMxXYu0COO9QVmhgAKZabMKH0IW1il3Vojk
tHYeqm7HwJiUdINTmw37p6ZSzGwrPCo5v6yAjMt1nxLkG+0mc+atpW01Xq3h136B
EDzsJqpFphS9qf6EuQQHkFLmvM8gRcrpHmMCRVPMhLo23xIqa+kq0G3fMXn2xY6g
EsjkxMkAdUYbptH6/06MjY+NeeECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcdfhU
AxllsQZL2gd9RSHNOBxi9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig
MA0GCSqGSIb3DQEBCwUAA4IBAQCDulXbmhs0NGlaDZgpuUbbFP7RBBvHxi9O9cvR
/Vt1Ue7IYYoc08a1DTFRs58FBLSbVrdaqnoqg9RuhQZjDMA6XPKDmAHScu7BEnEF
yhQHfo4I9XqaYWb8sf/xlabznVe/AkFwTwRWp3c1TIiTbc4eNsuUxhQCSDKQV8g+
18jongf/nUezSUuHD37UxuM1OjwiX4HIxbCrP9dkpCooIgPOd8F/UJwUyvEHsT2k
edmS2SLQCx5OSqBxsFL3oG5B5H2KsfQ4YBJv9PXIQSz9HLnjKat4zTDywCmRwHpy
ITAu19e9JvtcfOFiuFrJ1QJhi/1J4b+UN7fqobXsxNlZLPZI
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:38 2026 by rpki-client