Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json)
Hash identifier: z8yMcuF7AU5tDyTf1n6I42rJxzEeENhSTTnJgMaxPF8=
Subject key identifier: FB:77:91:04:E9:45:8F:D3:65:18:9F:25:DA:91:11:EC:57:BA:AB:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15C520479776BB9EE1E015D53725C2DFA5BBB9A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
Signing time: Sat 28 Feb 2026 06:21:07 +0000
ROA not before: Sat 28 Feb 2026 06:21:07 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:c5:20:47:97:76:bb:9e:e1:e0:15:d5:37:25:c2:df:a5:bb:b9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:07 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5aa5c8ecd1fb8ca676911917be447902175ce2a9f9b1396b7555a445d0f32b2d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ba:68:c7:61:bc:42:1d:d4:f4:52:c1:92:f1:
7c:33:8b:9d:f0:ba:7a:20:4c:dc:fd:63:94:c5:78:
b7:a2:f3:bf:55:87:ca:68:ec:78:74:dc:5f:95:f1:
58:8c:b3:b5:54:54:93:a1:5a:8e:ec:af:94:fc:7c:
f6:47:16:cc:0c:79:b8:ca:57:ec:4f:b9:ab:5e:b0:
51:1a:7c:3f:5d:27:83:3c:da:e9:dc:38:e8:ac:bb:
ad:a6:82:a3:1b:15:2d:46:91:5e:17:fd:56:1e:9a:
a2:8f:eb:59:09:53:9f:38:ee:98:9b:67:2c:8a:0c:
bc:42:ed:5e:0a:ab:9b:a3:e4:93:91:5a:c9:b2:61:
8c:11:4e:8c:b9:56:6b:22:a9:7e:9c:9b:a3:08:c2:
23:3a:64:ca:b8:68:29:6b:42:03:e4:70:ac:cf:90:
2f:87:95:c2:80:30:12:7f:fd:f8:35:93:93:0b:80:
ee:af:4b:2c:f2:4e:fa:bd:21:3e:f5:58:a5:00:2d:
4e:c2:9e:7e:19:01:3a:79:5e:52:3e:36:6d:82:ec:
6a:86:55:1d:3e:0c:29:4f:a1:b7:69:1b:a6:4b:97:
86:85:93:ba:0d:0f:fa:42:14:3f:37:c1:a3:d1:f2:
5b:16:e5:47:bc:ce:49:14:7d:d5:cd:b5:ca:75:87:
f7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:77:91:04:E9:45:8F:D3:65:18:9F:25:DA:91:11:EC:57:BA:AB:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8040::/48
Signature Algorithm: sha256WithRSAEncryption
57:f3:bb:4e:86:88:eb:dd:0f:b1:61:8b:cf:cc:53:26:5d:11:
07:ec:36:1a:c1:5d:5d:22:d6:d2:b8:a8:e6:a2:57:cf:34:a2:
e4:d2:f4:bd:cd:e4:96:f8:90:7a:f9:03:d7:f0:10:f2:e0:ea:
11:83:27:60:c6:ea:61:b4:12:b1:87:99:bd:01:30:ca:6d:58:
2f:9f:49:2a:ba:32:58:e0:e2:33:e5:d1:cc:bb:d6:28:78:9c:
25:29:70:02:f1:e8:4f:2c:45:82:8c:aa:e7:e6:17:03:e6:e4:
bf:2d:c8:db:67:a7:cf:aa:13:07:4b:b0:f7:61:e7:19:cc:84:
32:1f:01:e7:92:a2:cf:7a:31:ff:61:31:72:ea:91:b6:df:2a:
ae:bd:b1:5b:77:df:bb:a0:ad:41:50:dd:9f:43:75:7b:eb:5b:
9e:36:77:e4:f0:26:3c:31:65:8a:cf:5f:75:8d:d2:8c:d4:ad:
5d:54:e0:4a:63:bd:2f:4c:1e:c4:ab:9d:8c:cc:85:7e:81:06:
08:ab:73:f8:fa:b7:96:64:a7:f1:58:9b:c2:55:65:c5:e2:9a:
78:f6:3e:f1:d0:75:04:a6:68:5a:d1:fb:21:e9:9d:4d:ed:8a:
d3:cc:85:c5:8b:60:1e:38:4c:0e:ff:ec:5f:94:72:31:1d:b9:
2b:c6:31:f3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFcUgR5d2u57h4BXVNyXC36W7uaYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhYTVjOGVjZDFmYjhjYTY3NjkxMTkxN2JlNDQ3OTAyMTc1Y2UyYTlmOWIx
Mzk2Yjc1NTVhNDQ1ZDBmMzJiMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI26aMdhvEId1PRSwZLxfDOLnfC6eiBM3P1jlMV4t6Lzv1WHymjseHTcX5Xx
WIyztVRUk6FajuyvlPx89kcWzAx5uMpX7E+5q16wURp8P10ngzza6dw46Ky7raaC
oxsVLUaRXhf9Vh6aoo/rWQlTnzjumJtnLIoMvELtXgqrm6Pkk5FaybJhjBFOjLlW
ayKpfpybowjCIzpkyrhoKWtCA+RwrM+QL4eVwoAwEn/9+DWTkwuA7q9LLPJO+r0h
PvVYpQAtTsKefhkBOnleUj42bYLsaoZVHT4MKU+ht2kbpkuXhoWTug0P+kIUPzfB
o9HyWxblR7zOSRR91c21ynWH948CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT7d5EE
6UWP02UYnyXakRHsV7qrIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
QDANBgkqhkiG9w0BAQsFAAOCAQEAV/O7ToaI690PsWGLz8xTJl0RB+w2GsFdXSLW
0rio5qJXzzSi5NL0vc3klviQevkD1/AQ8uDqEYMnYMbqYbQSsYeZvQEwym1YL59J
KroyWODiM+XRzLvWKHicJSlwAvHoTyxFgoyq5+YXA+bkvy3I22enz6oTB0uw92Hn
GcyEMh8B55Kiz3ox/2ExcuqRtt8qrr2xW3ffu6CtQVDdn0N1e+tbnjZ35PAmPDFl
is9fdY3SjNStXVTgSmO9L0wexKudjMyFfoEGCKtz+Pq3lmSn8VibwlVlxeKaePY+
8dB1BKZoWtH7IemdTe2K08yFxYtgHjhMDv/sX5RyMR25K8Yx8w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:49 2026 by rpki-client