Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa
File: 3901d4e7-d120-481a-a199-4762783cff5b.roa (raw, json)
Hash identifier: P/WnieP+Nbu12/MxhdHGywPQqz3LANkPw87eBlyh4Jo=
Subject key identifier: AA:64:78:23:0F:BF:8C:95:3D:A7:85:39:38:DE:93:F9:C9:7B:E0:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6783DD642FFEFDE58CB8C9949C64FEF455062940
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa
Signing time: Sat 28 Feb 2026 06:00:04 +0000
ROA not before: Sat 28 Feb 2026 06:00:04 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:83:dd:64:2f:fe:fd:e5:8c:b8:c9:94:9c:64:fe:f4:55:06:29:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:04 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2e927df4682ef8536a42197645c030138ea52b8330d2fe1fe5dc0880b6ca8067, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e3:de:a7:6e:b5:46:d0:bf:9b:a5:b2:8c:99:
c3:c3:9e:2d:2d:b8:25:81:bc:e0:d3:e5:04:8e:af:
bd:de:fe:c1:42:c5:4d:75:0a:d9:3a:a2:30:4d:ff:
75:ec:2c:4d:b6:32:a3:9d:f1:d4:dc:f5:cf:3d:0c:
b8:06:0b:3d:3e:da:a4:60:d5:24:52:c0:47:21:ea:
4d:b8:df:c6:a8:94:7b:78:56:6c:1d:e0:72:02:f9:
8a:ca:7e:31:7c:45:5f:9a:2a:11:81:59:05:72:b4:
09:2d:e6:01:73:68:1b:a2:03:d5:a1:82:b1:03:e9:
6b:23:ef:18:c7:ce:5e:cb:02:15:c3:f8:4e:ea:9f:
9c:dd:3b:84:4b:94:2a:79:74:03:19:29:e8:14:11:
f7:c7:bf:55:d6:17:92:e4:a8:40:b7:2d:64:19:81:
13:ac:37:55:c5:5a:d3:ae:ef:e2:c7:74:fb:c2:3b:
4b:c6:1b:e5:ba:2f:d9:d6:d7:01:df:3d:ee:28:0d:
0d:df:9e:0c:f3:ae:0e:fa:40:f2:d8:5f:ac:ea:22:
76:7e:99:d1:fa:37:f7:0c:f3:e5:15:10:79:55:9a:
d3:2f:e7:7b:b2:03:49:c3:3e:bb:da:1c:76:10:6d:
1a:93:94:6d:6d:77:dc:1b:7e:6c:f9:b9:35:88:9d:
16:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:64:78:23:0F:BF:8C:95:3D:A7:85:39:38:DE:93:F9:C9:7B:E0:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:4000::/40
Signature Algorithm: sha256WithRSAEncryption
ab:c6:58:5a:92:5d:c1:d9:9d:da:1a:6e:b6:f9:4d:06:ca:23:
2f:58:fe:0d:0a:39:66:cf:62:22:66:7b:46:09:91:bb:6c:4d:
2b:d1:91:3b:b5:15:9f:28:83:7c:38:7f:86:b1:4c:01:e2:1c:
01:20:05:65:a5:42:79:f3:ce:f0:1c:e0:a9:c3:88:ee:ad:86:
54:38:83:cd:be:f2:33:85:3b:d4:c9:ba:e7:52:98:b2:47:1a:
96:e3:e7:f0:e7:29:d3:cd:80:43:a9:04:34:77:20:f5:bd:52:
ab:ce:2b:5b:93:6c:b4:56:ae:4a:f5:2f:95:c2:96:06:42:d6:
85:00:aa:7b:33:a4:ee:ef:8e:28:ac:f2:df:6a:ac:25:04:fb:
70:82:ca:3c:98:7d:83:7a:7d:75:ac:7a:f4:8d:f7:2c:cf:ad:
74:f5:f1:42:8f:cf:96:b7:ac:19:8f:f4:b8:6b:0c:05:a4:bf:
82:39:14:9a:50:de:9e:ba:61:fb:d7:92:7c:a7:2f:1c:47:35:
58:dc:3e:f9:96:08:19:b5:4e:7c:db:61:d2:cf:3b:ea:86:97:
00:4e:b9:55:c1:bf:28:fe:f5:f6:76:66:c2:b4:66:fd:b0:f6:
bb:8f:3e:86:49:f2:30:54:65:1d:b4:f2:d4:00:65:5f:82:07:
40:69:13:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ4PdZC/+/eWMuMmUnGT+9FUGKUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwMDRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlOTI3ZGY0NjgyZWY4NTM2YTQyMTk3NjQ1YzAzMDEzOGVhNTJiODMzMGQy
ZmUxZmU1ZGMwODgwYjZjYTgwNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI7j3qdutUbQv5ulsoyZw8OeLS24JYG84NPlBI6vvd7+wULFTXUK2TqiME3/
dewsTbYyo53x1Nz1zz0MuAYLPT7apGDVJFLARyHqTbjfxqiUe3hWbB3gcgL5isp+
MXxFX5oqEYFZBXK0CS3mAXNoG6ID1aGCsQPpayPvGMfOXssCFcP4TuqfnN07hEuU
Knl0Axkp6BQR98e/VdYXkuSoQLctZBmBE6w3VcVa067v4sd0+8I7S8Yb5bov2dbX
Ad897igNDd+eDPOuDvpA8thfrOoidn6Z0fo39wzz5RUQeVWa0y/ne7IDScM+u9oc
dhBtGpOUbW133Bt+bPm5NYidFs8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqZHgj
D7+MlT2nhTk43pP5yXvgyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzkwMWQ0ZTctZDEyMC00ODFhLWExOTktNDc2Mjc4M2NmZjViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA
MA0GCSqGSIb3DQEBCwUAA4IBAQCrxlhakl3B2Z3aGm62+U0GyiMvWP4NCjlmz2Ii
ZntGCZG7bE0r0ZE7tRWfKIN8OH+GsUwB4hwBIAVlpUJ5887wHOCpw4jurYZUOIPN
vvIzhTvUybrnUpiyRxqW4+fw5ynTzYBDqQQ0dyD1vVKrzitbk2y0Vq5K9S+VwpYG
QtaFAKp7M6Tu744orPLfaqwlBPtwgso8mH2Den11rHr0jfcsz6109fFCj8+Wt6wZ
j/S4awwFpL+CORSaUN6eumH715J8py8cRzVY3D75lggZtU5822HSzzvqhpcATrlV
wb8o/vX2dmbCtGb9sPa7jz6GSfIwVGUdtPLUAGVfggdAaRPK
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:43 2026 by rpki-client