Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
File: 3af05485-fd97-4026-a50e-0227f46bd107.roa (raw, json)
Hash identifier: 2+qvrXjC0zvR+iZiJKrCsi6ypwTRo1zzYys59NMWMvc=
Subject key identifier: 44:06:BC:02:98:D9:03:A2:DC:F4:1B:EB:F1:DD:FA:69:7E:29:35:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FE9A50056ABB99AB417B47035ED3D506EF7F167
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
Signing time: Sat 28 Feb 2026 05:20:28 +0000
ROA not before: Sat 28 Feb 2026 05:20:28 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:e9:a5:00:56:ab:b9:9a:b4:17:b4:70:35:ed:3d:50:6e:f7:f1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:28 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7e8994d10c572f11ddec18736f45ba8746a51b813782a114d8f1ccaba68ed84b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c1:3c:09:2b:42:3e:3c:6e:66:0a:d4:7a:41:
0a:a5:5f:c8:53:6e:fb:e1:83:b2:11:35:1a:f0:0b:
d2:b2:67:00:5b:ce:be:61:33:7f:70:33:37:6f:b8:
4b:c4:74:70:78:9a:42:52:9d:d1:a3:56:6f:51:b5:
e2:49:49:29:cd:b2:5d:ba:c3:8a:f0:38:3d:24:53:
08:19:3d:37:f6:e8:cd:69:fc:d6:a9:f7:6c:08:f3:
04:8b:2a:1e:67:17:09:46:e0:01:2f:04:24:39:a4:
a8:ac:4f:c0:6d:3a:6b:f3:01:11:d1:98:4a:f6:91:
a1:10:48:e0:ef:5d:28:3e:f0:36:ee:5a:d1:06:0f:
c4:1b:f0:ff:dc:19:4e:b8:6d:61:43:b2:dd:35:58:
3e:b4:67:8a:f9:ec:7d:72:af:20:04:e1:d1:b1:bf:
c0:1a:28:a9:ba:55:1f:cc:6e:a6:55:bf:f2:d3:48:
a8:c6:f8:cb:4c:5f:f0:8a:a9:7a:54:56:35:38:e5:
69:9f:1a:d4:59:19:2e:45:78:c4:b2:a7:52:90:b3:
6b:0c:6d:84:3f:6b:a7:be:05:a1:c0:c8:46:34:7c:
ac:a2:d1:28:fb:55:21:b4:23:85:00:9f:0a:2e:17:
0f:69:66:07:31:c3:05:b8:a7:59:ce:ac:03:ba:2b:
a4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:06:BC:02:98:D9:03:A2:DC:F4:1B:EB:F1:DD:FA:69:7E:29:35:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:64:a5:3e:d1:94:30:95:00:42:6f:2c:26:ac:3c:a4:40:af:
4d:e8:a0:d6:07:90:68:25:7d:f0:94:51:cc:95:83:10:8e:f4:
76:97:be:55:33:65:2c:34:8c:24:58:4b:91:86:ba:3c:c1:67:
1b:04:a1:da:94:dd:66:c4:38:ab:cc:10:c6:71:32:f6:f0:0b:
2e:ce:17:cf:c0:a9:cb:88:61:c8:90:5d:ab:c3:04:ad:26:c8:
77:73:b8:aa:cc:00:32:b3:89:08:ee:17:a6:a0:fb:3b:a4:8e:
de:87:46:0a:a3:94:e5:e6:7a:55:a7:dd:da:56:9a:68:a8:8a:
b1:32:85:df:7e:bb:bf:8a:24:bc:86:e2:fd:3b:d2:fb:25:03:
e6:18:d9:4f:fa:30:a0:01:0a:cc:a2:b6:6a:9c:61:5e:b7:10:
a2:6c:61:ef:82:44:b5:9a:e7:a4:54:5b:f1:d9:ca:e9:bc:84:
a4:4d:2a:c1:fe:fe:02:22:42:45:4a:45:d6:55:b0:a0:3c:f7:
f4:06:d6:32:ff:ae:99:b5:66:06:bd:43:cf:a6:ed:fa:79:bd:
e6:23:3e:75:05:9d:1a:10:67:ae:91:ba:ce:ea:b1:f5:a3:29:
ce:71:29:f8:4b:7f:96:3b:9a:89:0d:7b:39:00:3f:82:c1:3a:
ae:02:b9:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf+mlAFaruZq0F7RwNe09UG738WcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMjhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlODk5NGQxMGM1NzJmMTFkZGVjMTg3MzZmNDViYTg3NDZhNTFiODEzNzgy
YTExNGQ4ZjFjY2FiYTY4ZWQ4NGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXBPAkrQj48bmYK1HpBCqVfyFNu++GDshE1GvAL0rJnAFvOvmEzf3AzN2+4
S8R0cHiaQlKd0aNWb1G14klJKc2yXbrDivA4PSRTCBk9N/bozWn81qn3bAjzBIsq
HmcXCUbgAS8EJDmkqKxPwG06a/MBEdGYSvaRoRBI4O9dKD7wNu5a0QYPxBvw/9wZ
TrhtYUOy3TVYPrRnivnsfXKvIATh0bG/wBooqbpVH8xuplW/8tNIqMb4y0xf8Iqp
elRWNTjlaZ8a1FkZLkV4xLKnUpCzawxthD9rp74FocDIRjR8rKLRKPtVIbQjhQCf
Ci4XD2lmBzHDBbinWc6sA7orpEECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBREBrwC
mNkDotz0G+vx3fppfik1nTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2FmMDU0ODUtZmQ5Ny00MDI2LWE1MGUtMDIyN2Y0NmJkMTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9g
MA0GCSqGSIb3DQEBCwUAA4IBAQDEZKU+0ZQwlQBCbywmrDykQK9N6KDWB5BoJX3w
lFHMlYMQjvR2l75VM2UsNIwkWEuRhro8wWcbBKHalN1mxDirzBDGcTL28AsuzhfP
wKnLiGHIkF2rwwStJsh3c7iqzAAys4kI7hemoPs7pI7eh0YKo5Tl5npVp93aVppo
qIqxMoXffru/iiS8huL9O9L7JQPmGNlP+jCgAQrMorZqnGFetxCibGHvgkS1muek
VFvx2crpvISkTSrB/v4CIkJFSkXWVbCgPPf0BtYy/66ZtWYGvUPPpu36eb3mIz51
BZ0aEGeukbrO6rH1oynOcSn4S3+WO5qJDXs5AD+CwTquArno
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:45 2026 by rpki-client