Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
File: 31246558-533e-42f5-8c90-dc91729aa7fa.roa (raw, json)
Hash identifier: y89aaPGZtouy+uIQJcIzZDfzYqHUnP3fkd5djDd1lvI=
Subject key identifier: B7:AB:7B:5E:A2:89:7D:42:09:C5:99:52:4D:AB:F5:AA:71:35:40:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D8827E0662248D726C6D98BB3AED753DACCD928
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
Signing time: Sat 28 Feb 2026 05:20:26 +0000
ROA not before: Sat 28 Feb 2026 05:20:26 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:88:27:e0:66:22:48:d7:26:c6:d9:8b:b3:ae:d7:53:da:cc:d9:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:26 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=fbf54a10f65583107c48e67ef36072c88ef535a4943496482ff419fd4b31b84d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:39:e3:a2:33:b0:d4:b5:2d:0a:d7:db:72:97:
2f:13:59:bc:59:79:d7:bb:38:b5:7c:d8:9a:46:96:
81:cd:fa:ef:4b:5a:d1:31:c5:f8:91:01:dd:b4:3f:
6a:f6:68:29:1d:aa:ff:f1:93:a5:3a:2d:35:a6:78:
91:4d:c4:58:c1:b4:5b:1c:41:67:fb:9b:74:78:c1:
0e:d9:b4:74:63:73:a6:3b:66:97:67:7f:41:f0:7c:
8c:09:3c:a4:4c:9c:bf:15:a6:7d:93:7e:a3:b2:8d:
5c:6f:6f:cf:68:98:02:23:64:e4:33:a1:c7:26:f2:
a1:84:4b:02:05:82:7e:10:d8:3d:6a:8c:ed:ed:b7:
51:08:9a:b0:ec:2c:3a:88:3c:c2:7e:b6:7d:59:92:
e1:8c:34:54:b3:42:36:28:c9:54:7e:a6:9c:a8:31:
65:ea:ff:44:1b:12:01:6b:ef:ef:b8:e6:3b:d6:91:
42:df:66:f0:38:13:fb:fb:0b:a1:2a:a1:17:98:21:
97:2f:9f:32:37:1d:d1:0e:52:6f:8d:6e:77:d4:a3:
5c:91:d2:d5:fd:1d:68:a6:7a:f2:2b:60:09:b0:9e:
00:9a:4e:67:ff:93:3e:54:6f:71:56:f9:72:17:ba:
72:b5:8b:6b:e1:23:c3:af:1c:b3:b2:09:43:cb:29:
d7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AB:7B:5E:A2:89:7D:42:09:C5:99:52:4D:AB:F5:AA:71:35:40:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:b9:6b:d5:6e:50:f4:b0:e0:46:3a:42:97:4b:20:b6:c8:cd:
1d:d5:d4:8e:37:1e:e1:13:f4:6f:46:81:0d:60:52:a1:4f:b9:
c2:cd:1b:53:60:2f:f8:aa:44:0b:dd:77:58:d4:9d:94:74:ba:
30:ec:5a:81:f2:2b:df:3f:fb:b7:f7:3c:b4:cb:7b:0c:6a:fb:
e1:e9:b4:05:35:e7:8a:64:41:b2:bb:ef:9c:76:4b:e7:29:a2:
d4:20:f9:3a:92:a6:55:5d:70:cd:0d:0b:98:54:b9:14:89:27:
2e:72:44:29:fa:e7:c5:7a:d4:bd:e6:da:36:ba:88:f6:05:6a:
ff:f8:db:9f:19:4b:72:4b:c8:9d:82:e3:66:aa:f9:24:f3:b9:
25:e8:72:85:57:7f:ea:4a:ec:93:73:8c:54:12:97:69:d0:f3:
43:e3:b7:c6:9a:5b:02:c3:1c:04:0c:79:87:94:70:4d:95:f7:
96:3e:cf:0c:60:48:69:66:a2:7d:8a:1f:b6:27:a2:6a:2e:4e:
66:a8:ef:36:04:89:6a:53:bd:ff:d5:34:db:57:9e:54:2b:e1:
42:28:88:6d:57:f8:3b:59:68:d4:7f:1e:5e:58:e0:e3:2b:d4:
a2:0a:e2:29:78:46:0b:27:61:a5:b1:fa:0e:d8:dc:e7:7e:4f:
93:1c:a5:a5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXYgn4GYiSNcmxtmLs67XU9rM2SgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMjZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiZjU0YTEwZjY1NTgzMTA3YzQ4ZTY3ZWYzNjA3MmM4OGVmNTM1YTQ5NDM0
OTY0ODJmZjQxOWZkNGIzMWI4NGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4546IzsNS1LQrX23KXLxNZvFl517s4tXzYmkaWgc3670ta0THF+JEB3bQ/
avZoKR2q//GTpTotNaZ4kU3EWMG0WxxBZ/ubdHjBDtm0dGNzpjtml2d/QfB8jAk8
pEycvxWmfZN+o7KNXG9vz2iYAiNk5DOhxybyoYRLAgWCfhDYPWqM7e23UQiasOws
Oog8wn62fVmS4Yw0VLNCNijJVH6mnKgxZer/RBsSAWvv77jmO9aRQt9m8DgT+/sL
oSqhF5ghly+fMjcd0Q5Sb41ud9SjXJHS1f0daKZ68itgCbCeAJpOZ/+TPlRvcVb5
che6crWLa+Ejw68cs7IJQ8sp1+MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3q3te
ool9QgnFmVJNq/WqcTVAxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEyNDY1NTgtNTMzZS00MmY1LThjOTAtZGM5MTcyOWFhN2ZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCguWvVblD0sOBGOkKXSyC2yM0d1dSONx7hE/Rv
RoENYFKhT7nCzRtTYC/4qkQL3XdY1J2UdLow7FqB8ivfP/u39zy0y3sMavvh6bQF
NeeKZEGyu++cdkvnKaLUIPk6kqZVXXDNDQuYVLkUiScuckQp+ufFetS95to2uoj2
BWr/+NufGUtyS8idguNmqvkk87kl6HKFV3/qSuyTc4xUEpdp0PND47fGmlsCwxwE
DHmHlHBNlfeWPs8MYEhpZqJ9ih+2J6JqLk5mqO82BIlqU73/1TTbV55UK+FCKIht
V/g7WWjUfx5eWODjK9SiCuIpeEYLJ2GlsfoO2Nznfk+THKWl
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:18 2026 by rpki-client