Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
File: 36851825-b64c-4907-b152-006b17b6b7d7.roa (raw, json)
Hash identifier: 48wVss76Qz2OhtNlH35g2gClC9V99Ad8yWdwqHwrkiQ=
Subject key identifier: B8:B3:1F:AB:6E:5A:7B:6B:72:ED:0B:1C:1F:DF:67:0D:19:1A:49:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52C5841C083919104FD9C9BED80436943CF11A90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
Signing time: Sat 28 Feb 2026 06:30:11 +0000
ROA not before: Sat 28 Feb 2026 06:30:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:c5:84:1c:08:39:19:10:4f:d9:c9:be:d8:04:36:94:3c:f1:1a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:30:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=0c8a0559ca24b335a4b2f947c500bfa1adb977408a2a14eba859fd6aafdf8285, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fb:ef:04:90:26:1b:61:fe:ca:94:a1:71:0e:
7a:4b:6b:6a:ee:06:5c:99:90:74:90:d6:fa:88:62:
78:00:fc:19:98:84:12:1b:64:1e:61:6e:ee:44:6e:
f1:13:29:2e:83:06:01:c9:f8:d2:65:db:43:a4:9c:
1b:4e:42:03:61:63:b5:34:7a:ee:4e:28:52:cc:67:
1d:44:fc:fc:be:b2:8d:8c:9d:70:a8:b3:14:3f:5c:
b3:19:15:a9:f0:b2:a8:21:b6:da:80:90:24:a7:90:
7d:46:52:f6:c7:55:6a:56:b5:f0:84:80:cb:ba:5c:
98:f7:0a:17:f4:b7:7b:fc:37:3d:13:fe:ef:4f:f9:
dd:7d:c9:31:8e:45:f0:0e:76:73:dc:64:30:c9:72:
05:a7:c8:b0:fe:3a:f0:a1:5b:14:5a:d2:af:6c:49:
77:2f:eb:c8:71:a4:54:7f:64:3e:86:5d:57:9d:c8:
ae:a3:c4:80:f5:d9:9b:31:94:ee:79:97:89:61:e2:
c4:a2:d0:5b:3f:06:7b:c9:96:3a:d6:98:f6:3f:9e:
0b:e9:3f:ba:f8:ba:54:16:d8:a8:f6:ab:c5:55:75:
a9:df:ff:94:98:da:f1:e3:36:15:b2:e1:2a:78:52:
10:1b:26:77:04:93:77:84:91:75:60:31:b5:4a:c2:
67:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B3:1F:AB:6E:5A:7B:6B:72:ED:0B:1C:1F:DF:67:0D:19:1A:49:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:b000::/40
Signature Algorithm: sha256WithRSAEncryption
76:2f:73:b9:d5:85:6b:a5:b4:c3:86:9b:78:d5:fe:01:7c:e1:
f5:bc:2e:31:1b:1e:2f:dc:a8:bd:99:42:4b:2e:9a:4a:e3:5f:
b5:03:24:43:59:1e:97:ec:d5:02:26:f1:c6:13:43:ce:26:04:
12:32:44:9c:e5:33:80:80:59:49:4a:2d:7b:3f:4b:94:13:b7:
75:b5:8a:3d:39:61:9c:8b:dc:5d:c2:28:32:54:5a:c0:3d:a4:
45:8b:f1:ac:68:71:b5:b0:8b:41:e0:e6:46:6f:55:10:b9:88:
b8:66:5b:98:78:5e:cf:b1:98:6c:a7:a1:40:18:f7:8d:cb:9a:
6b:8c:77:e1:f9:53:14:d2:8b:75:95:f4:83:60:9b:c7:29:41:
8c:66:86:9a:d9:67:2f:06:f7:6c:95:09:96:43:4c:28:c1:04:
69:9e:8a:fe:27:b7:89:19:e3:4b:25:18:17:2f:22:0a:9a:f9:
a2:d7:0f:04:68:de:b6:a6:a6:45:5e:9a:45:58:7c:98:71:3e:
b4:a6:19:38:f9:f6:a0:c3:f9:e8:6e:7d:5f:15:d7:1b:00:12:
3c:6d:87:77:b2:9b:7e:6c:09:cc:9f:20:e9:5c:3e:17:39:d7:
a7:86:cf:89:a2:e3:70:cd:b6:ce:e6:3d:5d:00:75:b2:bc:28:
c5:22:3f:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUsWEHAg5GRBP2cm+2AQ2lDzxGpAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjMwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjOGEwNTU5Y2EyNGIzMzVhNGIyZjk0N2M1MDBiZmExYWRiOTc3NDA4YTJh
MTRlYmE4NTlmZDZhYWZkZjgyODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANT77wSQJhth/sqUoXEOektrau4GXJmQdJDW+ohieAD8GZiEEhtkHmFu7kRu
8RMpLoMGAcn40mXbQ6ScG05CA2FjtTR67k4oUsxnHUT8/L6yjYydcKizFD9csxkV
qfCyqCG22oCQJKeQfUZS9sdVala18ISAy7pcmPcKF/S3e/w3PRP+70/53X3JMY5F
8A52c9xkMMlyBafIsP468KFbFFrSr2xJdy/ryHGkVH9kPoZdV53IrqPEgPXZmzGU
7nmXiWHixKLQWz8Ge8mWOtaY9j+eC+k/uvi6VBbYqParxVV1qd//lJja8eM2FbLh
KnhSEBsmdwSTd4SRdWAxtUrCZ00CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4sx+r
blp7a3LtCxwf32cNGRpJnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzY4NTE4MjUtYjY0Yy00OTA3LWIxNTItMDA2YjE3YjZiN2Q3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGw
MA0GCSqGSIb3DQEBCwUAA4IBAQB2L3O51YVrpbTDhpt41f4BfOH1vC4xGx4v3Ki9
mUJLLppK41+1AyRDWR6X7NUCJvHGE0POJgQSMkSc5TOAgFlJSi17P0uUE7d1tYo9
OWGci9xdwigyVFrAPaRFi/GsaHG1sItB4OZGb1UQuYi4ZluYeF7PsZhsp6FAGPeN
y5prjHfh+VMU0ot1lfSDYJvHKUGMZoaa2WcvBvdslQmWQ0wowQRpnor+J7eJGeNL
JRgXLyIKmvmi1w8EaN62pqZFXppFWHyYcT60phk4+fagw/nobn1fFdcbABI8bYd3
spt+bAnMnyDpXD4XOdenhs+JouNwzbbO5j1dAHWyvCjFIj+e
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:59 2026 by rpki-client