Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa
File: 375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa (raw, json)
Hash identifier: LZ4snUZuR31QkLdg9RmZndD1ooUsg8W2aWOtVt4Pomw=
Subject key identifier: F5:20:67:57:13:D2:1B:32:31:DD:44:0C:29:55:E2:A5:A8:72:43:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1023ACE5B76D5357C648DBA797E91EBB84147B95
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa
Signing time: Sat 28 Feb 2026 05:41:06 +0000
ROA not before: Sat 28 Feb 2026 05:41:06 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:23:ac:e5:b7:6d:53:57:c6:48:db:a7:97:e9:1e:bb:84:14:7b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:06 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2fee3df39b4170d284342681a8c59124ee304b3cca0fbe7d604707eec175a424, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:80:d6:d9:ca:b5:03:8c:97:fe:cc:9f:3e:1b:
89:8d:42:16:b3:6c:d7:ad:21:5b:c3:a8:6c:d5:b4:
5d:bf:6c:88:d2:48:e6:53:cc:7d:c5:a9:98:6c:43:
74:93:0d:aa:18:41:ac:a0:77:00:c2:65:25:74:60:
67:c7:21:0a:45:eb:b4:bf:cd:55:41:23:2c:53:7d:
a1:8b:2b:6f:fa:c8:76:af:c8:14:07:95:8d:c5:a9:
85:b0:2a:a1:4e:db:10:da:75:c7:f1:8a:5a:95:c9:
29:e6:44:e0:a0:9b:67:0c:4f:ff:70:5b:73:00:4e:
18:54:dd:83:e8:20:52:63:8c:14:a2:7d:3e:20:a8:
8d:14:5f:38:a4:b2:83:de:6b:d2:57:9b:46:b3:71:
69:63:dd:c0:7d:d9:2b:33:20:14:3b:95:79:22:19:
c8:94:d3:e8:73:72:51:51:96:83:a9:70:92:0c:b6:
3d:fb:38:8c:01:6e:06:02:9d:0f:57:56:63:c9:ca:
22:01:03:33:3b:8d:24:89:c3:af:ad:13:85:e6:7a:
bf:e4:e8:8e:81:05:b0:58:4c:96:d9:3d:61:ae:13:
af:df:83:f7:12:46:90:01:f3:10:b2:a5:28:de:64:
56:35:21:7c:ab:91:87:76:8f:13:a2:11:3b:8b:f5:
41:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:20:67:57:13:D2:1B:32:31:DD:44:0C:29:55:E2:A5:A8:72:43:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/375b2a31-2bf5-49ae-873f-611cb3efd6e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
0b:90:e0:16:61:dc:2a:6f:3c:64:12:48:51:27:8c:59:82:07:
97:f3:f3:54:f9:a9:3a:7a:21:32:0f:2b:cf:4d:d1:8b:18:11:
b3:f4:42:8a:fb:b4:5d:51:d1:87:a8:5c:b5:5d:45:c7:3e:ca:
06:91:7b:d6:75:8d:69:e5:72:e4:51:66:d8:43:b4:cf:82:07:
25:bc:c4:f1:05:7f:84:81:e1:23:12:ab:fe:6d:45:cb:9b:c0:
f4:6d:dc:e5:5a:af:24:53:1a:7e:18:8f:ea:36:5d:66:80:ea:
0a:37:07:4b:d9:3d:6a:e9:7b:17:26:ed:27:f2:bf:7a:be:23:
78:fc:c0:cd:1c:6a:c3:71:03:67:ae:39:10:04:9a:43:f7:b8:
b6:8f:b0:f6:32:7e:e5:96:07:fc:c3:aa:91:ec:b4:d7:87:40:
4c:3b:5f:92:df:c4:29:2c:15:50:96:44:3b:91:ef:52:a6:ad:
01:73:3a:52:ac:94:3e:c2:8d:db:4d:5e:84:07:e8:00:d8:33:
76:73:34:f7:10:6a:02:2b:19:58:44:66:b3:8c:40:df:49:01:
e8:15:1a:fb:fd:64:d4:6b:b6:e5:5f:3b:d0:65:0c:5f:a8:f7:
89:be:84:8e:5a:5f:e9:93:16:d3:f6:3a:36:f4:a2:2a:4a:5a:
63:04:d9:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUECOs5bdtU1fGSNunl+keu4QUe5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmZWUzZGYzOWI0MTcwZDI4NDM0MjY4MWE4YzU5MTI0ZWUzMDRiM2NjYTBm
YmU3ZDYwNDcwN2VlYzE3NWE0MjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2A1tnKtQOMl/7Mnz4biY1CFrNs160hW8OobNW0Xb9siNJI5lPMfcWpmGxD
dJMNqhhBrKB3AMJlJXRgZ8chCkXrtL/NVUEjLFN9oYsrb/rIdq/IFAeVjcWphbAq
oU7bENp1x/GKWpXJKeZE4KCbZwxP/3BbcwBOGFTdg+ggUmOMFKJ9PiCojRRfOKSy
g95r0lebRrNxaWPdwH3ZKzMgFDuVeSIZyJTT6HNyUVGWg6lwkgy2Pfs4jAFuBgKd
D1dWY8nKIgEDMzuNJInDr60TheZ6v+TojoEFsFhMltk9Ya4Tr9+D9xJGkAHzELKl
KN5kVjUhfKuRh3aPE6IRO4v1QesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1IGdX
E9IbMjHdRAwpVeKlqHJDJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzc1YjJhMzEtMmJmNS00OWFlLTg3M2YtNjExY2IzZWZkNmU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dog
MA0GCSqGSIb3DQEBCwUAA4IBAQALkOAWYdwqbzxkEkhRJ4xZggeX8/NU+ak6eiEy
DyvPTdGLGBGz9EKK+7RdUdGHqFy1XUXHPsoGkXvWdY1p5XLkUWbYQ7TPggclvMTx
BX+EgeEjEqv+bUXLm8D0bdzlWq8kUxp+GI/qNl1mgOoKNwdL2T1q6XsXJu0n8r96
viN4/MDNHGrDcQNnrjkQBJpD97i2j7D2Mn7llgf8w6qR7LTXh0BMO1+S38QpLBVQ
lkQ7ke9Spq0BczpSrJQ+wo3bTV6EB+gA2DN2czT3EGoCKxlYRGazjEDfSQHoFRr7
/WTUa7blXzvQZQxfqPeJvoSOWl/pkxbT9jo29KIqSlpjBNlb
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:55:42 2026 by rpki-client