Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
File: 35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa (raw, json)
Hash identifier: dkuW95KEtErgd5L11/da4kR1Wt6hQYwg3d81DKJTljE=
Subject key identifier: EC:6B:57:10:DE:A7:8A:B0:6D:B1:32:D9:47:9D:15:E6:90:78:7F:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0861EDD49223B99EBE85E82161B6FA0405F2B085
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
Signing time: Sat 28 Feb 2026 05:10:12 +0000
ROA not before: Sat 28 Feb 2026 05:10:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:61:ed:d4:92:23:b9:9e:be:85:e8:21:61:b6:fa:04:05:f2:b0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=bcd17079fbe436a78d94c8fcd8158c16f0e06b7a895f3ca3d0da14ef75d064d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:67:36:a9:f5:f4:5a:9e:69:7e:05:03:93:fb:
2e:21:dc:c5:a3:e3:e4:e7:28:39:81:c5:86:8f:18:
74:5f:35:ae:c2:cb:0b:95:96:9e:b3:e0:07:59:b1:
f8:6f:af:ad:05:a1:80:81:68:e7:54:0e:ed:6d:0f:
61:b0:33:f5:11:45:55:c8:3f:51:d1:da:5b:d0:1b:
7b:6e:7f:12:02:9d:9b:bd:a4:23:cd:94:15:db:73:
31:a6:b2:48:3f:d6:71:63:ea:b9:09:a0:24:fb:52:
01:64:d8:b6:43:9d:45:c9:c4:66:33:53:e0:d7:ef:
ba:45:3e:43:17:dc:12:f3:82:a2:2f:1a:15:94:30:
37:20:88:90:86:7f:30:f0:69:11:37:c9:67:35:ff:
5e:51:4a:67:6a:d9:51:de:25:e7:f8:88:1a:70:76:
54:b9:33:2b:1b:bd:f3:26:da:78:55:0d:31:50:f5:
84:5e:b9:96:6c:a9:ab:da:55:8b:ef:0e:89:eb:4c:
82:df:43:37:cc:08:44:07:23:07:7f:00:20:c0:53:
13:1e:18:6e:88:30:63:a6:65:5e:60:28:54:56:59:
31:25:c3:bf:cb:0e:f8:f5:36:a3:94:91:58:ab:3a:
1f:d5:e1:a7:34:78:67:71:03:ca:77:8e:d8:85:2b:
74:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:6B:57:10:DE:A7:8A:B0:6D:B1:32:D9:47:9D:15:E6:90:78:7F:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:2000::/40
Signature Algorithm: sha256WithRSAEncryption
63:a2:60:20:d1:11:5a:e3:c9:b4:a5:0c:e2:fb:03:2e:74:ce:
d5:68:a2:bf:4c:d5:8d:94:dc:d6:62:76:bd:44:7a:3f:26:df:
40:74:c5:78:ef:2b:11:97:4c:d8:d5:b6:2b:f2:69:af:a1:bd:
88:8a:df:3b:9a:6e:71:22:5c:85:26:a5:d3:06:be:6a:09:96:
11:90:c0:d8:34:2e:d0:04:91:3d:c3:cc:73:81:55:22:90:1e:
05:75:0b:0c:9a:54:69:a5:d2:f6:a0:82:68:b9:34:17:96:62:
04:f6:eb:c4:c8:59:91:41:bf:1b:c2:29:38:d9:3b:84:cb:7c:
c2:6a:bb:86:c2:14:a8:d9:8b:fe:06:38:ad:89:67:ef:3e:d2:
ed:ce:00:f1:03:af:4a:7b:b7:ce:64:e1:19:1e:2d:a1:15:cb:
b4:37:2b:14:bd:73:9e:3f:fc:48:5e:3f:0c:ad:3e:17:57:f0:
9c:96:85:d9:20:7b:fa:d4:7b:e4:7c:a6:2c:81:e5:60:c9:5a:
e4:a1:cb:26:18:e2:2e:0b:c6:91:2c:4f:07:73:bb:41:d0:aa:
e3:bc:0c:d7:5f:31:8e:14:06:4e:55:97:ac:33:ca:61:ac:6f:
ca:77:7f:b0:ce:5b:b0:a7:14:f6:09:c7:53:a2:38:9a:51:38:
12:1a:3a:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCGHt1JIjuZ6+heghYbb6BAXysIUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjZDE3MDc5ZmJlNDM2YTc4ZDk0YzhmY2Q4MTU4YzE2ZjBlMDZiN2E4OTVm
M2NhM2QwZGExNGVmNzVkMDY0ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1nNqn19FqeaX4FA5P7LiHcxaPj5OcoOYHFho8YdF81rsLLC5WWnrPgB1mx
+G+vrQWhgIFo51QO7W0PYbAz9RFFVcg/UdHaW9Abe25/EgKdm72kI82UFdtzMaay
SD/WcWPquQmgJPtSAWTYtkOdRcnEZjNT4NfvukU+QxfcEvOCoi8aFZQwNyCIkIZ/
MPBpETfJZzX/XlFKZ2rZUd4l5/iIGnB2VLkzKxu98ybaeFUNMVD1hF65lmypq9pV
i+8OietMgt9DN8wIRAcjB38AIMBTEx4YbogwY6ZlXmAoVFZZMSXDv8sO+PU2o5SR
WKs6H9XhpzR4Z3EDyneO2IUrdN0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsa1cQ
3qeKsG2xMtlHnRXmkHh/hDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhODcxN2MtZWNmNi00Y2Y3LWE3M2MtZjU2NmY3ODg0YTE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg
MA0GCSqGSIb3DQEBCwUAA4IBAQBjomAg0RFa48m0pQzi+wMudM7VaKK/TNWNlNzW
Yna9RHo/Jt9AdMV47ysRl0zY1bYr8mmvob2Iit87mm5xIlyFJqXTBr5qCZYRkMDY
NC7QBJE9w8xzgVUikB4FdQsMmlRppdL2oIJouTQXlmIE9uvEyFmRQb8bwik42TuE
y3zCaruGwhSo2Yv+BjitiWfvPtLtzgDxA69Ke7fOZOEZHi2hFcu0NysUvXOeP/xI
Xj8MrT4XV/CcloXZIHv61HvkfKYsgeVgyVrkocsmGOIuC8aRLE8Hc7tB0KrjvAzX
XzGOFAZOVZesM8phrG/Kd3+wzluwpxT2CcdTojiaUTgSGjpa
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:01:45 2026 by rpki-client