Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
File: 3f1caa71-8276-42c2-bf3a-470ac560fb89.roa (raw, json)
Hash identifier: RjtFkY5eKUTC9eaXeOz+DvG8tHoO0b3j+W4RuUxQUBI=
Subject key identifier: 11:24:50:9E:45:BE:9E:DD:32:0F:40:19:82:58:1E:0A:B8:42:4D:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32D24CD5A6155DD1557E8E06A4E3BE519FB0BAA3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
Signing time: Sat 28 Feb 2026 05:20:11 +0000
ROA not before: Sat 28 Feb 2026 05:20:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:d2:4c:d5:a6:15:5d:d1:55:7e:8e:06:a4:e3:be:51:9f:b0:ba:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=d72d1c99945a366cab1eb317d76224f5793afbb3736ad3c93ce14fb81f133c8d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:15:52:64:76:37:b6:95:93:bd:af:d1:4b:
8a:32:66:3f:ef:a6:f3:8e:9a:f0:55:9f:c5:8b:5e:
a7:ef:4d:8c:03:8a:f3:55:f1:d6:69:18:95:8d:6e:
d2:4f:86:71:56:eb:9d:42:41:35:11:49:fd:85:a0:
fa:40:ed:ab:96:4d:c9:f5:aa:f6:2d:fd:05:0a:12:
51:3c:87:2e:d5:ad:cf:f4:18:d3:53:6c:61:d9:e0:
f0:2f:d8:95:e7:6a:d0:f9:a0:74:2d:4b:46:36:97:
eb:84:af:9d:85:29:54:64:f0:eb:cc:53:07:2c:f1:
80:da:3c:72:0c:75:db:c9:8e:5b:7c:2d:28:9b:25:
ca:3d:06:c2:e7:05:a6:d9:32:1a:f8:71:51:ff:95:
d4:be:ee:0e:7a:fa:20:2f:27:ec:5e:01:29:9f:c7:
d5:44:c7:f5:66:94:d1:37:fb:11:3e:37:bd:09:4a:
29:bb:95:f8:89:83:f9:70:57:e2:27:f6:11:a7:93:
f7:df:0e:33:a8:c5:bd:dc:b4:fa:83:82:d9:dc:71:
89:63:15:ae:06:be:8f:36:f5:66:19:b8:38:2b:b4:
a5:d5:15:30:29:42:90:90:65:0a:ff:cf:fb:4d:4a:
4e:38:03:e8:02:60:fb:ad:fc:a8:fc:79:8d:24:ab:
25:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:24:50:9E:45:BE:9E:DD:32:0F:40:19:82:58:1E:0A:B8:42:4D:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/37
Signature Algorithm: sha256WithRSAEncryption
50:31:ec:91:cc:37:88:e6:94:5f:22:3f:39:85:0a:66:af:e3:
24:41:b7:3a:ee:9a:39:4c:59:d8:cb:76:d6:a3:6a:0a:78:d0:
e5:df:0c:97:a0:f5:9e:07:c5:c8:1c:0d:9f:ab:67:c6:33:18:
44:53:fa:39:16:3d:e4:20:d1:e6:e2:b9:da:ff:55:7f:4b:8f:
18:59:54:29:47:6c:28:05:bb:16:ca:eb:05:57:be:3a:21:ab:
88:2b:69:f5:bd:c6:9b:6e:c4:8b:94:2c:b9:4b:a2:09:f3:c0:
3d:b3:ed:b9:5b:94:8c:ca:82:11:d5:34:b6:35:40:27:71:ba:
70:d7:31:9d:b2:3f:7c:cd:6e:ab:fb:71:ab:98:f3:a8:c4:2b:
45:2c:df:c0:46:ba:d0:a8:7c:76:91:4b:b6:e2:b9:76:f3:c9:
3f:cc:18:65:86:23:04:a2:ca:ab:42:e9:7b:d3:12:be:e1:30:
5d:69:67:e9:46:7c:4d:0b:e3:23:88:c0:31:6b:ea:a4:40:95:
2d:de:87:1c:0e:91:3d:ef:de:3d:dd:c7:92:52:cb:1c:0d:7d:
8b:77:f6:54:af:35:f2:11:55:c5:58:a0:68:74:89:be:16:88:
b4:03:3f:98:19:49:a7:63:69:ee:d9:b9:7d:76:5b:42:31:ca:
c9:a3:95:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMtJM1aYVXdFVfo4GpOO+UZ+wuqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3MmQxYzk5OTQ1YTM2NmNhYjFlYjMxN2Q3NjIyNGY1NzkzYWZiYjM3MzZh
ZDNjOTNjZTE0ZmI4MWYxMzNjOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdPFVJkdje2lZO9r9FLijJmP++m846a8FWfxYtep+9NjAOK81Xx1mkYlY1u
0k+GcVbrnUJBNRFJ/YWg+kDtq5ZNyfWq9i39BQoSUTyHLtWtz/QY01NsYdng8C/Y
ledq0PmgdC1LRjaX64SvnYUpVGTw68xTByzxgNo8cgx128mOW3wtKJslyj0GwucF
ptkyGvhxUf+V1L7uDnr6IC8n7F4BKZ/H1UTH9WaU0Tf7ET43vQlKKbuV+ImD+XBX
4if2EaeT998OM6jFvdy0+oOC2dxxiWMVrga+jzb1Zhm4OCu0pdUVMClCkJBlCv/P
+01KTjgD6AJg+638qPx5jSSrJbkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQRJFCe
Rb6e3TIPQBmCWB4KuEJNMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YxY2FhNzEtODI3Ni00MmMyLWJmM2EtNDcwYWM1NjBmYjg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQBQMeyRzDeI5pRfIj85hQpmr+MkQbc67po5TFnY
y3bWo2oKeNDl3wyXoPWeB8XIHA2fq2fGMxhEU/o5Fj3kINHm4rna/1V/S48YWVQp
R2woBbsWyusFV746IauIK2n1vcabbsSLlCy5S6IJ88A9s+25W5SMyoIR1TS2NUAn
cbpw1zGdsj98zW6r+3GrmPOoxCtFLN/ARrrQqHx2kUu24rl288k/zBhlhiMEosqr
Qul70xK+4TBdaWfpRnxNC+MjiMAxa+qkQJUt3occDpE979493ceSUsscDX2Ld/ZU
rzXyEVXFWKBodIm+Foi0Az+YGUmnY2nu2bl9dltCMcrJo5X8
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:20 2026 by rpki-client