Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
File: 3c7c4703-2876-4e04-b857-8c0298bd0897.roa (raw, json)
Hash identifier: lT9E9YdtJiixHnoE5/ibCVmS5rsJ/Qn4MX7ZUpHzDb0=
Subject key identifier: A8:75:42:0A:A7:81:56:95:EE:31:9A:76:28:AF:A9:4A:48:7E:0A:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 333150A3BF9417E9968A6197406F267A258BD862
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
Signing time: Sat 28 Feb 2026 05:30:54 +0000
ROA not before: Sat 28 Feb 2026 05:30:54 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:31:50:a3:bf:94:17:e9:96:8a:61:97:40:6f:26:7a:25:8b:d8:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:54 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=54d15b665d068a7ed7dea211f58243084423c083d06e619fba301d7cc890903a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ca:cb:29:43:62:49:cc:fa:f3:ff:3b:50:ca:
e1:42:21:3b:d2:80:13:f3:7c:a0:6b:19:e9:31:37:
be:8f:5c:c6:b9:05:72:fc:90:fb:61:20:0d:97:d4:
c2:72:fd:db:d5:2f:03:de:40:b1:39:12:3a:d6:0a:
8e:16:a5:fb:59:5c:4d:be:7c:3d:b7:ca:b6:7f:ef:
84:d8:b0:20:8d:de:57:ea:85:95:aa:7f:38:72:cf:
e2:e2:f4:cc:5e:be:f5:b2:82:5f:0b:18:67:e7:43:
69:70:73:41:1f:f2:1f:12:a1:0f:a4:ae:36:1e:6e:
71:3d:28:75:2f:6e:dd:27:6d:e6:c4:5c:4a:09:0c:
6b:fd:12:05:6b:13:f0:f0:d6:35:3d:f0:d6:c1:14:
a5:a5:ce:c9:05:bd:7d:3d:4a:c0:53:cb:0a:ae:2d:
79:d7:df:03:7a:3c:17:d5:e4:e6:44:d3:29:e3:44:
ef:f1:40:d8:e3:e8:d5:27:d1:5e:99:8c:6d:bc:4a:
ed:40:38:2e:fd:1d:3a:3d:fa:47:27:7d:76:8d:58:
2d:41:0c:e6:0b:cb:90:6c:47:32:9e:fc:fb:83:26:
d2:54:24:64:b4:67:cd:bd:f6:ef:11:d8:8c:0e:c2:
b4:15:03:c6:de:62:65:f1:19:c0:4c:bb:b5:3f:ad:
9f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:75:42:0A:A7:81:56:95:EE:31:9A:76:28:AF:A9:4A:48:7E:0A:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:67:65:83:b0:a6:c7:f0:29:9b:f1:d8:ae:b7:a1:6b:25:66:
50:86:fe:86:59:e6:19:c2:d5:ad:cf:66:12:c9:9a:bc:b5:97:
93:f0:ff:1a:aa:a4:6c:0c:a6:ed:c2:66:c5:c7:b0:02:f7:80:
cb:86:71:50:32:8d:23:6b:83:45:f0:fc:32:e5:af:8b:6f:d3:
11:ca:44:f0:b6:4d:87:ed:8f:35:b8:5d:96:ae:49:7a:8d:70:
9e:5a:3a:b6:5f:80:3b:06:e9:aa:9f:e1:da:ff:2e:b9:42:31:
54:73:ec:24:e7:9a:b2:37:07:21:d5:89:4a:6d:03:50:f5:cb:
88:33:19:91:da:19:79:d7:de:f1:3f:87:56:f5:21:02:27:28:
e6:a1:1b:a4:9a:12:6b:ef:0f:72:99:05:49:38:b0:b2:7c:29:
16:a1:e9:ed:82:b0:ec:99:ef:a7:98:b4:c8:e5:0d:0d:1e:c4:
ec:50:6d:27:78:4a:2e:e4:5a:8f:31:d1:c6:10:de:98:ed:69:
48:38:42:7b:a7:c8:9e:a7:ec:a6:3b:8f:36:29:1c:db:8d:fd:
ab:f3:f6:86:36:46:11:b7:b7:f7:5e:fb:59:63:60:d2:77:2c:
31:13:99:de:0b:80:cf:4f:a4:b2:06:fe:10:49:f0:dd:25:3b:
a1:af:a9:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMzFQo7+UF+mWimGXQG8meiWL2GIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwNTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0ZDE1YjY2NWQwNjhhN2VkN2RlYTIxMWY1ODI0MzA4NDQyM2MwODNkMDZl
NjE5ZmJhMzAxZDdjYzg5MDkwM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTKyylDYknM+vP/O1DK4UIhO9KAE/N8oGsZ6TE3vo9cxrkFcvyQ+2EgDZfU
wnL929UvA95AsTkSOtYKjhal+1lcTb58PbfKtn/vhNiwII3eV+qFlap/OHLP4uL0
zF6+9bKCXwsYZ+dDaXBzQR/yHxKhD6SuNh5ucT0odS9u3Sdt5sRcSgkMa/0SBWsT
8PDWNT3w1sEUpaXOyQW9fT1KwFPLCq4tedffA3o8F9Xk5kTTKeNE7/FA2OPo1SfR
XpmMbbxK7UA4Lv0dOj36Ryd9do1YLUEM5gvLkGxHMp78+4Mm0lQkZLRnzb327xHY
jA7CtBUDxt5iZfEZwEy7tT+tn/MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSodUIK
p4FWle4xmnYor6lKSH4KhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M3YzQ3MDMtMjg3Ni00ZTA0LWI4NTctOGMwMjk4YmQwODk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+w
MA0GCSqGSIb3DQEBCwUAA4IBAQA9Z2WDsKbH8Cmb8diut6FrJWZQhv6GWeYZwtWt
z2YSyZq8tZeT8P8aqqRsDKbtwmbFx7AC94DLhnFQMo0ja4NF8Pwy5a+Lb9MRykTw
tk2H7Y81uF2Wrkl6jXCeWjq2X4A7Bumqn+Ha/y65QjFUc+wk55qyNwch1YlKbQNQ
9cuIMxmR2hl5197xP4dW9SECJyjmoRukmhJr7w9ymQVJOLCyfCkWoentgrDsme+n
mLTI5Q0NHsTsUG0neEou5FqPMdHGEN6Y7WlIOEJ7p8iep+ymO482KRzbjf2r8/aG
NkYRt7f3XvtZY2DSdywxE5neC4DPT6SyBv4QSfDdJTuhr6lT
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:27 2026 by rpki-client