Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
File: 35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa (raw, json)
Hash identifier: SLxKWB0b+aFKPvPKZQuT3QKEGlsCUV0DR5Rx8Bf4Jww=
Subject key identifier: BF:B1:37:2C:93:6A:FA:BE:B5:2E:F3:FC:BD:7E:20:EE:18:E7:19:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72F3378C6E092B0B2089D2989BD034D5F7145E36
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
Signing time: Sat 28 Feb 2026 05:31:15 +0000
ROA not before: Sat 28 Feb 2026 05:31:15 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:f3:37:8c:6e:09:2b:0b:20:89:d2:98:9b:d0:34:d5:f7:14:5e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:15 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f369180716a3bbc40c149068757252443d5ac5fb5b7c8a9cbd0ed7dd7e323467, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0c:6e:83:7e:ce:cc:b2:77:0b:aa:88:84:46:
14:30:de:33:06:c1:ce:4e:32:2d:ba:8a:86:fd:04:
b6:69:77:1f:87:97:72:4f:73:82:26:72:b0:a8:c3:
d3:2e:77:53:95:04:7d:15:95:b0:d4:bd:6f:09:03:
24:35:7e:94:c5:d5:32:6c:55:df:0b:c4:e4:9a:f5:
96:c6:cf:12:9c:68:a6:d3:d3:2f:e0:67:6c:5b:f2:
e6:1c:ca:f6:53:b3:f1:fc:ab:9a:d8:d0:e0:9e:1e:
40:38:96:b5:d4:73:45:37:06:c5:7d:94:02:2e:97:
18:cc:66:08:83:4e:2c:0a:d5:a0:8b:4e:30:e5:50:
75:37:56:e3:18:dc:fa:e1:4c:27:da:33:5f:87:ca:
e8:1b:5b:09:47:66:e3:7e:1c:15:0d:38:50:52:a4:
b3:af:c0:18:95:8c:9d:d0:8c:df:49:3a:e0:39:2c:
75:e5:5b:49:de:fe:2c:8a:78:7f:ff:6f:fd:c2:f5:
6c:3b:ee:b2:5f:af:39:32:36:51:68:63:49:83:50:
b7:6f:0c:d1:3f:39:6d:24:b5:82:4f:ed:0e:cc:08:
48:d0:97:bc:b2:b9:0f:2d:be:6f:0b:a6:00:a9:24:
e5:1e:d9:39:2f:e8:c0:75:08:89:70:f6:03:10:67:
45:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B1:37:2C:93:6A:FA:BE:B5:2E:F3:FC:BD:7E:20:EE:18:E7:19:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
9a:e1:c3:20:ab:72:92:56:b8:7c:f1:d0:08:21:92:83:29:31:
49:d5:11:ec:8b:86:7d:ce:a7:43:66:e7:40:e9:6c:a6:c9:c6:
1b:65:e3:6d:17:64:ab:fb:2e:70:99:21:12:ce:f9:d4:af:52:
ab:dc:12:7a:88:bd:88:42:54:74:ff:3a:47:bf:15:4e:3a:c7:
2e:6d:11:10:9c:4a:de:0a:95:b2:7c:54:72:94:98:06:29:9d:
1b:5e:66:40:95:2a:50:1a:79:f7:1d:3d:0d:af:8b:cc:ab:5a:
16:25:f0:f9:cc:1b:d0:85:46:24:89:ee:23:82:67:ea:d9:a0:
3f:d0:5d:6f:00:96:47:94:8c:56:ec:46:38:34:7c:a8:d0:5c:
4f:a6:53:22:e8:40:45:65:20:4f:4c:b3:dc:ed:95:df:5b:ff:
64:bb:7b:da:e5:75:7d:46:45:5d:94:6d:d9:d1:c6:20:a3:33:
d1:76:03:90:ef:09:cf:e6:8c:d0:3e:6a:0e:86:de:0f:36:cf:
44:96:da:de:b7:19:af:09:30:e2:e3:03:0f:43:d2:a9:94:22:
54:6e:da:72:04:3a:57:a4:54:a0:3b:d6:40:be:52:9d:73:45:
3d:21:1b:3d:c3:e4:be:2e:60:db:fa:6b:41:09:33:01:a9:cf:
c6:12:51:4c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcvM3jG4JKwsgidKYm9A01fcUXjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMTVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNjkxODA3MTZhM2JiYzQwYzE0OTA2ODc1NzI1MjQ0M2Q1YWM1ZmI1Yjdj
OGE5Y2JkMGVkN2RkN2UzMjM0NjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAMboN+zsyydwuqiIRGFDDeMwbBzk4yLbqKhv0Etml3H4eXck9zgiZysKjD
0y53U5UEfRWVsNS9bwkDJDV+lMXVMmxV3wvE5Jr1lsbPEpxoptPTL+BnbFvy5hzK
9lOz8fyrmtjQ4J4eQDiWtdRzRTcGxX2UAi6XGMxmCINOLArVoItOMOVQdTdW4xjc
+uFMJ9ozX4fK6BtbCUdm434cFQ04UFKks6/AGJWMndCM30k64DksdeVbSd7+LIp4
f/9v/cL1bDvusl+vOTI2UWhjSYNQt28M0T85bSS1gk/tDswISNCXvLK5Dy2+bwum
AKkk5R7ZOS/owHUIiXD2AxBnRcsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/sTcs
k2r6vrUu8/y9fiDuGOcZkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhZTBhYTEtYmI0Zi00OGQzLTk5MjYtMWU1ODUyZDU0YzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
oDANBgkqhkiG9w0BAQsFAAOCAQEAmuHDIKtykla4fPHQCCGSgykxSdUR7IuGfc6n
Q2bnQOlspsnGG2XjbRdkq/sucJkhEs751K9Sq9wSeoi9iEJUdP86R78VTjrHLm0R
EJxK3gqVsnxUcpSYBimdG15mQJUqUBp59x09Da+LzKtaFiXw+cwb0IVGJInuI4Jn
6tmgP9BdbwCWR5SMVuxGODR8qNBcT6ZTIuhARWUgT0yz3O2V31v/ZLt72uV1fUZF
XZRt2dHGIKMz0XYDkO8Jz+aM0D5qDobeDzbPRJba3rcZrwkw4uMDD0PSqZQiVG7a
cgQ6V6RUoDvWQL5SnXNFPSEbPcPkvi5g2/prQQkzAanPxhJRTA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:33 2026 by rpki-client