Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
File: 36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa (raw, json)
Hash identifier: 0KTn5wWT5FPDQfFmeY/ADU6vvs//KKm2DKfJUiFqEQw=
Subject key identifier: 8C:2E:56:CC:24:7F:4F:22:71:88:ED:77:DA:6E:A9:AE:CD:5C:70:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F299BAC9BC18B256D5B47A52EF8EA77DA44D3B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
Signing time: Sat 28 Feb 2026 06:21:24 +0000
ROA not before: Sat 28 Feb 2026 06:21:24 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:29:9b:ac:9b:c1:8b:25:6d:5b:47:a5:2e:f8:ea:77:da:44:d3:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:24 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e32e6dc6abf1fa0a905a3279803b85e584fbaaa773aa77b5cdf0f0e55d6a6a64, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:13:f0:3f:7e:28:23:46:72:e1:1e:1b:43:0b:
f3:92:1e:e4:3d:1a:13:62:cf:b0:dc:08:11:e0:1e:
cc:8d:c5:4f:db:b3:13:71:8f:ca:81:37:2d:38:47:
51:94:0d:09:e8:14:05:18:55:20:7a:d9:a8:e7:ff:
24:ab:9f:cc:e1:23:1c:ea:f5:c2:7f:2c:35:51:3c:
83:13:b9:3e:89:b0:bd:ec:c2:86:aa:f3:e4:6c:2e:
27:bd:e5:a5:e5:7a:32:36:77:9a:96:e2:66:d7:66:
b6:f1:9c:d3:31:f9:bc:f8:0f:18:4c:8c:54:7a:a9:
bd:ed:ed:95:ca:ac:11:c1:bc:27:ab:6e:72:22:55:
07:f3:3a:f7:34:ca:c8:2a:89:b6:08:bb:60:f1:f2:
18:32:06:d0:7f:8d:4d:ca:f3:3f:ae:48:e3:a7:48:
4e:45:5d:66:df:ba:2e:4b:3d:f7:ab:e7:7a:54:20:
cd:f4:ae:e2:c3:3e:c3:3a:67:9e:49:1e:1f:97:80:
26:80:52:6d:2c:6a:13:8b:ee:e8:3a:8c:18:e7:5d:
af:b2:6c:8e:55:55:1d:c8:43:72:4b:ce:d6:e6:94:
76:13:8b:3b:3f:64:d9:f9:f4:13:f1:f2:bc:14:be:
31:0e:32:6d:49:c7:5a:88:14:52:7c:57:e3:f7:80:
ca:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:2E:56:CC:24:7F:4F:22:71:88:ED:77:DA:6E:A9:AE:CD:5C:70:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a020::/48
Signature Algorithm: sha256WithRSAEncryption
46:49:87:79:6d:3e:a3:b3:5e:8d:e7:24:15:52:90:3a:69:16:
cf:a5:a2:e5:da:2a:1d:96:01:4c:fc:08:a1:f1:ce:22:dd:86:
94:c9:3b:a9:51:c3:70:ef:aa:1b:05:da:22:66:11:4c:4e:a2:
44:01:4d:0b:2c:80:04:04:25:01:5e:34:67:3f:d9:06:31:42:
dd:9c:8b:7d:21:69:9f:6c:a8:8f:ca:3b:7e:55:d9:5c:88:1f:
24:a1:46:5c:63:42:96:da:47:bb:f6:48:09:68:84:9d:93:af:
1c:55:07:08:26:fb:39:07:8d:17:05:60:0c:a3:0b:54:ec:aa:
5c:ef:fd:34:43:2b:4a:b8:d1:c3:0d:17:74:cf:ea:70:27:3b:
49:70:01:59:46:e8:74:c6:93:3b:fe:c2:49:32:d0:47:7d:8f:
20:f4:2c:0a:f1:ea:8f:6b:fe:ab:1f:3d:6f:74:3d:7e:38:d2:
50:24:7e:b7:75:4a:b6:6a:3e:47:a3:8e:9a:31:3e:e1:21:74:
eb:3d:49:7f:c8:da:69:3c:89:47:f1:ce:5c:66:1d:e9:ce:e1:
c3:51:5e:ed:56:59:6b:b7:1b:2c:32:dc:14:38:47:c1:4d:f2:
76:f5:92:d6:9c:dc:4e:4c:74:4f:ff:b5:c2:ce:71:38:80:36:
d2:06:ee:36
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTymbrJvBiyVtW0elLvjqd9pE07EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMjRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMmU2ZGM2YWJmMWZhMGE5MDVhMzI3OTgwM2I4NWU1ODRmYmFhYTc3M2Fh
NzdiNWNkZjBmMGU1NWQ2YTZhNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4T8D9+KCNGcuEeG0ML85Ie5D0aE2LPsNwIEeAezI3FT9uzE3GPyoE3LThH
UZQNCegUBRhVIHrZqOf/JKufzOEjHOr1wn8sNVE8gxO5PomwvezChqrz5GwuJ73l
peV6MjZ3mpbiZtdmtvGc0zH5vPgPGEyMVHqpve3tlcqsEcG8J6tuciJVB/M69zTK
yCqJtgi7YPHyGDIG0H+NTcrzP65I46dITkVdZt+6Lks996vnelQgzfSu4sM+wzpn
nkkeH5eAJoBSbSxqE4vu6DqMGOddr7JsjlVVHchDckvO1uaUdhOLOz9k2fn0E/Hy
vBS+MQ4ybUnHWogUUnxX4/eAylUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSMLlbM
JH9PInGI7XfabqmuzVxw/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzZmZGU0YzctMzA1Yy00ZTlkLThkMWYtYmE4NWMzNjUwMjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
IDANBgkqhkiG9w0BAQsFAAOCAQEARkmHeW0+o7NejeckFVKQOmkWz6Wi5doqHZYB
TPwIofHOIt2GlMk7qVHDcO+qGwXaImYRTE6iRAFNCyyABAQlAV40Zz/ZBjFC3ZyL
fSFpn2yoj8o7flXZXIgfJKFGXGNCltpHu/ZICWiEnZOvHFUHCCb7OQeNFwVgDKML
VOyqXO/9NEMrSrjRww0XdM/qcCc7SXABWUbodMaTO/7CSTLQR32PIPQsCvHqj2v+
qx89b3Q9fjjSUCR+t3VKtmo+R6OOmjE+4SF06z1Jf8jaaTyJR/HOXGYd6c7hw1Fe
7VZZa7cbLDLcFDhHwU3ydvWS1pzcTkx0T/+1ws5xOIA20gbuNg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:29:49 2026 by rpki-client