Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
File: 3bde61a2-7506-48c2-8365-3447411d858e.roa (raw, json)
Hash identifier: 66sKR/e7sF9NFVEajm5WCzCcIYpcmUFG9KtrlLd2kyM=
Subject key identifier: 6B:1D:09:6B:47:15:23:46:7E:C0:BA:6B:5D:9E:93:11:36:65:81:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BE07245E10DF285E1C4735DB2161FCE25C2BD40
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
Signing time: Sat 28 Feb 2026 06:10:46 +0000
ROA not before: Sat 28 Feb 2026 06:10:46 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:e0:72:45:e1:0d:f2:85:e1:c4:73:5d:b2:16:1f:ce:25:c2:bd:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:46 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=677c8fd2b03199cde9a45aa5399fefaebc6e4624cc450334e560e1c9344c374d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a6:32:d6:16:9c:4d:8b:51:08:8e:ad:fb:37:
45:2d:f8:0a:6a:b6:76:0c:ab:45:d3:c4:ec:ad:24:
54:66:64:cb:60:a2:d9:40:b7:66:a1:d8:5c:d2:78:
00:de:aa:3a:3a:48:4b:cf:f4:60:25:2a:5d:de:fb:
e0:8e:c0:93:be:73:65:cc:bd:7c:c6:d0:d5:cf:77:
68:fc:70:c8:be:1c:97:07:b7:cf:8b:db:56:00:09:
ba:8b:7b:ab:52:e3:3d:f0:8f:54:eb:0a:c7:9e:63:
4e:5b:d3:88:c3:34:41:84:df:27:70:66:6f:38:34:
bc:b3:f2:09:07:7d:d9:fd:e8:9a:4b:3e:57:1b:53:
7b:ee:8d:d2:49:61:bf:4c:51:e9:c8:31:71:ab:cf:
2b:4e:4a:b4:61:bd:ae:33:22:e3:35:08:96:d0:ce:
6b:1c:d9:69:e0:6b:f3:5c:2c:81:be:ec:d9:97:b6:
51:1d:7b:00:55:e9:42:79:98:cc:6b:a0:84:f5:17:
83:f6:51:d2:29:17:78:60:0a:19:20:91:d6:a1:72:
c6:5a:8d:31:03:74:ad:34:82:e1:56:b5:56:7c:12:
f6:78:5f:4c:8b:1f:92:ef:33:1b:59:a0:95:37:d7:
c3:33:71:31:da:e6:3c:5b:c6:b1:cf:88:3d:4e:5a:
a1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1D:09:6B:47:15:23:46:7E:C0:BA:6B:5D:9E:93:11:36:65:81:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:5000::/40
Signature Algorithm: sha256WithRSAEncryption
65:f6:73:ad:10:5a:f1:a8:1c:8b:3d:e2:11:f5:d6:dd:cd:5b:
24:3d:25:d9:0e:cc:eb:e0:27:c5:aa:9c:64:fc:12:ea:da:82:
be:3f:99:dc:e8:f9:4f:d1:4a:4c:0d:cf:cc:7d:d4:48:1b:dc:
58:fd:df:97:2d:0b:b8:7e:13:6b:cb:db:d6:d4:2f:93:ea:7d:
40:fe:a4:81:a4:8b:51:a1:5d:8e:eb:52:64:0e:e5:67:88:88:
f6:76:c5:50:46:a2:b6:d9:10:e2:ce:d2:f2:e0:31:ca:42:88:
da:d7:75:23:b4:75:78:cd:58:fc:a8:99:83:80:df:1c:2e:8e:
3d:44:d7:07:a7:0d:18:09:ca:f7:1a:c5:93:07:bb:0d:93:97:
15:f3:cb:f5:81:80:43:a9:f8:28:54:8e:ba:21:98:e2:57:e4:
b4:09:63:31:e2:99:9e:e9:83:29:c1:b8:e1:03:43:70:3e:bd:
ec:04:f3:a3:08:83:0a:92:6d:ec:44:d5:dd:3f:5c:99:32:9a:
14:a2:37:03:97:a1:09:ca:e0:b0:96:39:e3:ca:5b:6e:f9:76:
17:f2:5e:83:14:b2:7f:9d:5e:69:98:63:8d:07:d8:ca:fe:fb:
11:45:13:e1:2e:ac:26:24:54:03:31:96:20:42:89:8b:e6:28:
67:a5:77:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW+ByReEN8oXhxHNdshYfziXCvUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3N2M4ZmQyYjAzMTk5Y2RlOWE0NWFhNTM5OWZlZmFlYmM2ZTQ2MjRjYzQ1
MDMzNGU1NjBlMWM5MzQ0YzM3NGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2mMtYWnE2LUQiOrfs3RS34Cmq2dgyrRdPE7K0kVGZky2Ci2UC3ZqHYXNJ4
AN6qOjpIS8/0YCUqXd774I7Ak75zZcy9fMbQ1c93aPxwyL4clwe3z4vbVgAJuot7
q1LjPfCPVOsKx55jTlvTiMM0QYTfJ3Bmbzg0vLPyCQd92f3omks+VxtTe+6N0klh
v0xR6cgxcavPK05KtGG9rjMi4zUIltDOaxzZaeBr81wsgb7s2Ze2UR17AFXpQnmY
zGughPUXg/ZR0ikXeGAKGSCR1qFyxlqNMQN0rTSC4Va1VnwS9nhfTIsfku8zG1mg
lTfXwzNxMdrmPFvGsc+IPU5aof0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrHQlr
RxUjRn7AumtdnpMRNmWBHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JkZTYxYTItNzUwNi00OGMyLTgzNjUtMzQ0NzQxMWQ4NThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBl9nOtEFrxqByLPeIR9dbdzVskPSXZDszr4CfF
qpxk/BLq2oK+P5nc6PlP0UpMDc/MfdRIG9xY/d+XLQu4fhNry9vW1C+T6n1A/qSB
pItRoV2O61JkDuVniIj2dsVQRqK22RDiztLy4DHKQoja13UjtHV4zVj8qJmDgN8c
Lo49RNcHpw0YCcr3GsWTB7sNk5cV88v1gYBDqfgoVI66IZjiV+S0CWMx4pme6YMp
wbjhA0NwPr3sBPOjCIMKkm3sRNXdP1yZMpoUojcDl6EJyuCwljnjyltu+XYX8l6D
FLJ/nV5pmGONB9jK/vsRRRPhLqwmJFQDMZYgQomL5ihnpXdY
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:18 2026 by rpki-client