Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
File: 2f449809-abd8-4202-adc3-ce8dd1767b62.roa (raw, json)
Hash identifier: 6Cx6Fj3be8ZSXYwG/P1+myxeGm/w/bnq5daN1t0UHRI=
Subject key identifier: 46:D6:C6:6C:F9:F9:B7:2B:97:8B:B1:73:05:F7:2D:A9:72:5F:C6:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44E32680B4BBB8532276B4E021A4D959B1C21332
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
Signing time: Sat 28 Feb 2026 05:10:13 +0000
ROA not before: Sat 28 Feb 2026 05:10:13 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:e3:26:80:b4:bb:b8:53:22:76:b4:e0:21:a4:d9:59:b1:c2:13:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:13 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=46b6e28947479cc1babc116f9e0c64d17e8d00dd84bfdd59aea69ab60346d47f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bf:f7:45:85:2b:42:19:3b:34:e7:a8:38:ba:
50:4d:c3:60:6b:c7:24:48:36:75:4c:45:3e:ce:37:
62:d4:b2:aa:a3:fa:19:11:b3:61:05:7a:8f:d6:88:
c9:4c:14:48:13:c7:a7:68:be:fb:01:22:9e:af:0a:
bd:0c:ca:d0:c7:65:5b:65:ee:50:09:91:c0:b4:65:
8c:28:1e:9d:25:a0:6e:7d:3a:70:0d:a1:49:8d:1c:
74:5c:28:52:91:5a:30:45:00:47:35:d7:34:44:aa:
7f:24:ec:ef:16:15:3a:89:24:79:cb:83:a9:a6:e1:
4c:47:94:9a:9c:e6:44:c9:29:ea:65:b7:6d:6e:64:
dc:2e:2d:51:9c:76:82:f0:e4:a7:ee:dd:84:68:70:
4d:05:aa:a8:df:96:6b:52:c8:44:73:6d:eb:fd:0d:
00:09:7c:85:6e:ff:53:87:40:c0:b3:24:c2:d6:d3:
d7:fd:b9:af:84:3a:ab:4a:26:39:a0:9c:25:c9:07:
c0:1c:6c:cf:84:2c:29:45:9d:22:f3:04:89:af:56:
59:45:28:cf:a1:17:33:b5:d4:5b:8d:b8:a0:5b:ca:
04:9a:55:b2:8a:6c:93:da:44:ab:ba:e0:b7:38:92:
ea:07:43:cb:49:da:0c:32:9d:96:72:97:ce:5e:b9:
19:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D6:C6:6C:F9:F9:B7:2B:97:8B:B1:73:05:F7:2D:A9:72:5F:C6:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:5000::/40
Signature Algorithm: sha256WithRSAEncryption
75:ef:69:f0:11:9a:7f:80:b9:d9:29:23:a7:75:b3:42:42:4e:
e2:01:7d:b9:43:8d:c9:e4:0b:4e:fd:99:8d:1b:06:72:41:23:
f1:9d:a3:14:92:c5:db:80:79:ce:9b:4a:33:e6:62:d5:09:82:
5b:d0:5e:41:cf:38:de:71:23:df:0a:00:84:6a:ad:95:06:08:
23:c6:82:95:93:c8:a9:12:7c:b2:d3:53:27:40:58:db:2a:a3:
fe:18:a3:77:82:12:8f:42:a3:1b:db:f1:e5:e4:d7:e6:18:c8:
8f:60:05:53:27:28:fa:d3:17:31:9b:eb:02:8c:9f:cc:ab:65:
4c:43:ae:19:b0:d9:c1:1c:23:98:16:cd:1e:9f:a9:9f:6e:99:
4f:54:4e:52:a0:6e:2d:0c:f0:00:91:9b:96:87:d8:76:b4:52:
e1:58:e8:c6:8a:0a:6c:42:df:18:09:7b:3e:78:11:cc:8b:96:
6a:e1:68:f5:0c:37:7c:e4:67:c9:c7:86:34:a8:06:a8:29:e1:
c7:7a:79:44:57:e6:c4:63:1e:8a:85:3f:6f:aa:c0:af:c5:82:
53:f1:f8:e2:ef:76:0d:f8:0f:6f:99:5a:72:78:23:23:a4:c1:
96:c8:69:98:18:a1:b0:b7:91:f3:66:7a:50:9d:91:2c:b7:8d:
99:aa:f2:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUROMmgLS7uFMidrTgIaTZWbHCEzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2YjZlMjg5NDc0NzljYzFiYWJjMTE2ZjllMGM2NGQxN2U4ZDAwZGQ4NGJm
ZGQ1OWFlYTY5YWI2MDM0NmQ0N2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALy/90WFK0IZOzTnqDi6UE3DYGvHJEg2dUxFPs43YtSyqqP6GRGzYQV6j9aI
yUwUSBPHp2i++wEinq8KvQzK0MdlW2XuUAmRwLRljCgenSWgbn06cA2hSY0cdFwo
UpFaMEUARzXXNESqfyTs7xYVOokkecuDqabhTEeUmpzmRMkp6mW3bW5k3C4tUZx2
gvDkp+7dhGhwTQWqqN+Wa1LIRHNt6/0NAAl8hW7/U4dAwLMkwtbT1/25r4Q6q0om
OaCcJckHwBxsz4QsKUWdIvMEia9WWUUoz6EXM7XUW424oFvKBJpVsopsk9pEq7rg
tziS6gdDy0naDDKdlnKXzl65GZMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRG1sZs
+fm3K5eLsXMF9y2pcl/GrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmY0NDk4MDktYWJkOC00MjAyLWFkYzMtY2U4ZGQxNzY3YjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB172nwEZp/gLnZKSOndbNCQk7iAX25Q43J5AtO
/ZmNGwZyQSPxnaMUksXbgHnOm0oz5mLVCYJb0F5BzzjecSPfCgCEaq2VBggjxoKV
k8ipEnyy01MnQFjbKqP+GKN3ghKPQqMb2/Hl5NfmGMiPYAVTJyj60xcxm+sCjJ/M
q2VMQ64ZsNnBHCOYFs0en6mfbplPVE5SoG4tDPAAkZuWh9h2tFLhWOjGigpsQt8Y
CXs+eBHMi5Zq4Wj1DDd85GfJx4Y0qAaoKeHHenlEV+bEYx6KhT9vqsCvxYJT8fji
73YN+A9vmVpyeCMjpMGWyGmYGKGwt5HzZnpQnZEst42ZqvJl
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:26:05 2026 by rpki-client