Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
File: 3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa (raw, json)
Hash identifier: yq4KNzcTwTp0Kmi7dIL0TbVWJcSz4fJ1b7kOy38jM18=
Subject key identifier: A8:EE:11:5B:CE:59:CC:F0:8A:78:6A:16:62:27:44:C4:47:A4:73:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 211F0679D17479205A2A2AE05C18E3B72C59A101
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
Signing time: Sat 28 Feb 2026 05:50:06 +0000
ROA not before: Sat 28 Feb 2026 05:50:06 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:1f:06:79:d1:74:79:20:5a:2a:2a:e0:5c:18:e3:b7:2c:59:a1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:06 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2d76c927d2da66a32b485f15086c0e37230f8b9f7d015f4199f05bbc3754f32a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f3:51:f2:d6:58:80:a0:01:8c:a7:1a:60:cb:
d1:2f:c0:e1:d5:28:f8:8e:55:d9:31:09:f8:f6:80:
04:83:5e:20:66:62:80:85:1e:9b:5c:c9:7c:d9:6b:
a4:b9:c7:bc:68:e6:a8:7f:a8:b3:c2:62:05:f8:93:
e9:35:d9:ee:00:e5:cd:73:83:c5:55:fd:60:03:52:
66:4a:77:d5:1d:05:66:4c:13:e5:8f:e2:49:5b:88:
0b:4f:30:c7:77:a5:54:42:cb:64:38:6d:b5:42:83:
f5:c1:d9:1a:a4:c2:22:74:58:eb:d5:ad:9d:db:92:
b9:99:fe:05:0c:24:50:c9:0b:13:40:25:e8:11:0e:
90:24:02:4b:86:34:35:7a:d5:a3:33:18:e1:4b:36:
17:68:8d:97:bd:40:a4:a9:6a:44:e2:4c:b0:16:6f:
55:b8:62:fd:6a:c0:26:cf:32:50:d3:bf:5b:1f:9f:
52:80:a4:53:f6:c9:e5:6d:be:36:8b:eb:bc:06:98:
6a:89:c6:03:d8:15:ae:51:d8:64:7f:f8:95:e5:c6:
c0:05:57:32:81:98:e9:60:47:33:df:6e:e0:bf:d1:
e6:56:19:c2:08:53:31:80:ca:e4:1d:e8:48:66:af:
6b:5c:be:5c:9c:48:40:f6:91:ba:88:2f:23:36:45:
e7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EE:11:5B:CE:59:CC:F0:8A:78:6A:16:62:27:44:C4:47:A4:73:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b000::/40
Signature Algorithm: sha256WithRSAEncryption
c2:f9:5d:55:f7:f1:ce:be:d8:8d:5b:c8:8b:b3:96:30:40:b3:
fa:25:ab:b5:1a:5b:d2:12:ea:1f:ca:fb:ec:bb:f7:13:e8:78:
8d:a3:5a:70:bc:9b:a7:39:cd:a4:36:67:cf:ac:81:e8:c1:6c:
51:25:94:ab:af:c7:02:5b:6c:68:ee:4d:46:4a:56:a7:a8:cd:
dd:19:81:ac:ec:41:df:2e:b1:63:9e:92:ef:40:93:0d:57:0c:
30:03:af:a7:17:b2:67:53:75:ad:92:d8:c2:d4:73:df:f9:b4:
40:c6:12:00:a4:1a:07:38:6a:b6:60:49:a2:6f:7d:56:a3:fb:
5b:c7:e9:9f:1d:cd:89:e7:b3:b8:1c:01:aa:a7:2b:86:05:9e:
8c:2c:68:2b:c7:a2:fa:b0:89:8a:23:36:89:b5:5d:c8:e7:67:
16:9e:b0:fa:dc:12:41:ce:e4:64:55:a2:33:d4:a2:19:cb:20:
4c:52:3d:40:ba:6c:1d:fb:e1:5d:f8:d5:cf:0b:36:eb:65:39:
34:c6:2c:01:5a:58:a4:7d:4c:4a:58:d3:c8:cf:ab:b4:a2:a4:
40:b3:91:98:cf:90:c8:c6:77:74:f8:cc:97:62:49:fc:de:2c:
dc:14:13:aa:88:01:87:05:1f:9f:74:b1:14:60:e6:fc:1c:ef:
77:a4:5d:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIR8GedF0eSBaKirgXBjjtyxZoQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwMDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNzZjOTI3ZDJkYTY2YTMyYjQ4NWYxNTA4NmMwZTM3MjMwZjhiOWY3ZDAx
NWY0MTk5ZjA1YmJjMzc1NGYzMmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3zUfLWWICgAYynGmDL0S/A4dUo+I5V2TEJ+PaABINeIGZigIUem1zJfNlr
pLnHvGjmqH+os8JiBfiT6TXZ7gDlzXODxVX9YANSZkp31R0FZkwT5Y/iSVuIC08w
x3elVELLZDhttUKD9cHZGqTCInRY69WtnduSuZn+BQwkUMkLE0Al6BEOkCQCS4Y0
NXrVozMY4Us2F2iNl71ApKlqROJMsBZvVbhi/WrAJs8yUNO/Wx+fUoCkU/bJ5W2+
NovrvAaYaonGA9gVrlHYZH/4leXGwAVXMoGY6WBHM99u4L/R5lYZwghTMYDK5B3o
SGava1y+XJxIQPaRuogvIzZF59ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSo7hFb
zlnM8Ip4ahZiJ0TER6RztTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2YWJhMWYtNDQwZS00ODc0LTkxOTMtYTNhMWY2ZWEzZWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw
MA0GCSqGSIb3DQEBCwUAA4IBAQDC+V1V9/HOvtiNW8iLs5YwQLP6Jau1GlvSEuof
yvvsu/cT6HiNo1pwvJunOc2kNmfPrIHowWxRJZSrr8cCW2xo7k1GSlanqM3dGYGs
7EHfLrFjnpLvQJMNVwwwA6+nF7JnU3WtktjC1HPf+bRAxhIApBoHOGq2YEmib31W
o/tbx+mfHc2J57O4HAGqpyuGBZ6MLGgrx6L6sImKIzaJtV3I52cWnrD63BJBzuRk
VaIz1KIZyyBMUj1Aumwd++Fd+NXPCzbrZTk0xiwBWlikfUxKWNPIz6u0oqRAs5GY
z5DIxnd0+MyXYkn83izcFBOqiAGHBR+fdLEUYOb8HO93pF3Q
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:03 2026 by rpki-client