Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
File: 3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa (raw, json)
Hash identifier: 5AbK9w2yAah+RAjfJpLr3FxC7NjN5usZQMFx0S8H904=
Subject key identifier: 8D:D7:1A:40:8C:12:CF:20:9A:66:11:07:CB:84:5F:37:CE:FC:BA:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69EE8D90E4F8033B4C6130C53ABC9AB97468713E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
Signing time: Sat 28 Feb 2026 05:50:40 +0000
ROA not before: Sat 28 Feb 2026 05:50:40 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:ee:8d:90:e4:f8:03:3b:4c:61:30:c5:3a:bc:9a:b9:74:68:71:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:40 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=d442d1518f130bcfa6b962c32d714c25362d8397e5445e9af0060aae13ac018e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0f:95:58:aa:45:96:e1:6c:6b:88:3b:0a:c6:
15:b3:7f:dd:66:27:07:a2:d1:43:6a:9a:63:97:dc:
17:be:85:01:85:67:57:c2:b8:5d:c6:b6:36:53:e2:
70:17:76:43:88:20:66:e1:b0:ab:56:f8:b3:43:83:
5f:4c:c0:68:ab:a8:e3:76:7a:c3:f1:86:19:08:18:
7c:6f:05:7e:4e:1a:7d:a6:ae:01:09:4d:9d:55:9b:
c3:9e:2b:14:e1:15:f4:8a:ad:e4:87:b7:f9:f9:9b:
bd:99:84:96:07:28:4f:ca:de:08:4c:db:27:d5:a4:
ea:d5:98:cd:ff:43:fc:d5:a5:74:5e:bb:20:7b:73:
e0:cf:c7:a2:66:9e:fd:d0:ab:ff:03:37:24:2f:89:
37:4b:bb:da:18:10:c3:c5:d9:9e:bd:cb:14:ae:43:
fe:4e:43:d8:65:31:33:81:31:87:fb:ac:36:42:5f:
e3:3a:47:f8:3c:8d:ea:87:3a:f3:62:aa:83:77:ad:
7d:ab:68:51:c0:9d:e6:75:13:65:b3:54:76:57:31:
f9:d2:61:36:97:2b:e4:ab:d7:ea:25:44:c3:58:ba:
8c:cf:44:e3:93:e0:74:93:37:5d:8b:20:8a:8b:40:
5b:26:85:51:b2:3c:57:1c:eb:04:e1:46:1a:56:2e:
08:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D7:1A:40:8C:12:CF:20:9A:66:11:07:CB:84:5F:37:CE:FC:BA:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
2b:eb:eb:07:9f:4e:7a:97:c7:08:a2:d7:69:75:99:d7:a9:3a:
fa:1d:2d:44:e7:50:fa:01:5f:6e:8c:74:e5:c6:28:66:39:ad:
f6:e4:d5:e9:11:f5:04:e2:66:b8:3e:61:c5:f3:c1:7a:4b:3f:
0d:91:c4:99:f3:b3:1f:76:f8:1b:22:1d:86:b1:c6:a3:4a:fc:
d1:ce:74:10:ef:b9:da:b6:c1:a5:6b:22:07:de:a9:e1:69:36:
96:6f:cd:ca:74:57:49:43:df:ab:7a:de:71:a8:02:8d:20:a6:
82:f2:4a:af:d4:a5:11:7f:95:8d:f2:01:3c:a6:90:47:bb:68:
9c:58:36:4e:91:e1:f2:16:d1:60:60:1c:ca:49:db:23:c1:12:
9e:c5:d9:9c:99:f2:d7:99:57:c0:76:7f:91:6b:f5:a0:b8:60:
88:d1:5d:cc:e2:9d:4b:04:b0:f8:30:0f:cc:55:4e:73:0d:32:
f6:fe:93:62:6d:d8:53:7f:f6:09:a7:99:dc:b7:ea:11:70:4a:
e1:72:48:ed:9b:42:7d:f0:fc:23:e3:c2:ca:1f:5b:64:61:b0:
6c:64:cb:ff:57:a6:ef:29:19:bc:1c:71:d6:9a:d9:d4:f8:37:
f9:6a:f3:79:18:2e:27:92:d1:da:54:a1:78:13:af:ec:51:ff:
e4:88:50:a6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUae6NkOT4AztMYTDFOryauXRocT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwNDBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0NDJkMTUxOGYxMzBiY2ZhNmI5NjJjMzJkNzE0YzI1MzYyZDgzOTdlNTQ0
NWU5YWYwMDYwYWFlMTNhYzAxOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAPlViqRZbhbGuIOwrGFbN/3WYnB6LRQ2qaY5fcF76FAYVnV8K4Xca2NlPi
cBd2Q4ggZuGwq1b4s0ODX0zAaKuo43Z6w/GGGQgYfG8Ffk4afaauAQlNnVWbw54r
FOEV9Iqt5Ie3+fmbvZmElgcoT8reCEzbJ9Wk6tWYzf9D/NWldF67IHtz4M/Homae
/dCr/wM3JC+JN0u72hgQw8XZnr3LFK5D/k5D2GUxM4Exh/usNkJf4zpH+DyN6oc6
82Kqg3etfatoUcCd5nUTZbNUdlcx+dJhNpcr5KvX6iVEw1i6jM9E45PgdJM3XYsg
iotAWyaFUbI8VxzrBOFGGlYuCPkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSN1xpA
jBLPIJpmEQfLhF83zvy6ujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2RiNjZjODgtMGJiMC00NGQ2LWI2YTAtYWQ3ZGQwODczYzU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
oDANBgkqhkiG9w0BAQsFAAOCAQEAK+vrB59OepfHCKLXaXWZ16k6+h0tROdQ+gFf
box05cYoZjmt9uTV6RH1BOJmuD5hxfPBeks/DZHEmfOzH3b4GyIdhrHGo0r80c50
EO+52rbBpWsiB96p4Wk2lm/NynRXSUPfq3recagCjSCmgvJKr9SlEX+VjfIBPKaQ
R7tonFg2TpHh8hbRYGAcyknbI8ESnsXZnJny15lXwHZ/kWv1oLhgiNFdzOKdSwSw
+DAPzFVOcw0y9v6TYm3YU3/2CaeZ3LfqEXBK4XJI7ZtCffD8I+PCyh9bZGGwbGTL
/1em7ykZvBxx1prZ1Pg3+WrzeRguJ5LR2lSheBOv7FH/5IhQpg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:45:41 2026 by rpki-client