Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa
File: 3f8d2f8f-3d48-47ce-8524-66406f0de004.roa (raw, json)
Hash identifier: YxmRz+ETFl/3U7aHoF/Aqy7l2sZEb2HpwIk8PgNOHrk=
Subject key identifier: 85:B7:21:12:DA:88:C0:14:C2:F2:2E:6D:5F:69:EE:02:1B:84:AD:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E16D38B9D35704264EF191EB3FA80AB99DC0DDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa
Signing time: Sat 28 Feb 2026 05:51:03 +0000
ROA not before: Sat 28 Feb 2026 05:51:03 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:16:d3:8b:9d:35:70:42:64:ef:19:1e:b3:fa:80:ab:99:dc:0d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:03 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=27c62ac04b46952a4b696671d79ebbbe63aabbbc71f147e3de9c44fb786da38a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e5:ad:02:ee:7c:66:16:8e:22:0f:3c:af:74:
2b:72:d1:0b:69:ff:23:e0:d7:ea:37:9c:e8:4c:58:
59:e7:63:9a:df:4d:03:df:1a:7c:b9:fb:60:4f:2a:
94:91:f3:f3:fb:85:84:85:03:be:04:b4:e0:6d:bd:
d7:4b:3a:c7:5d:77:df:02:d1:d4:74:43:a2:a6:24:
b9:1e:6b:b7:a4:37:c3:79:28:69:fa:e4:3c:cf:f0:
3c:b2:fb:c1:52:ca:8b:8c:46:69:7d:27:02:1a:51:
f1:2f:2b:80:76:39:ed:42:e4:c8:49:4c:85:4d:aa:
1c:68:39:6a:ff:87:80:38:ed:19:33:bc:dc:d5:b1:
84:15:88:03:e8:d9:13:c3:ec:04:cd:fc:ae:20:66:
87:ea:62:f7:25:92:9b:be:ac:21:d0:bc:18:f7:35:
85:03:18:b0:9a:68:60:7b:b0:c5:e0:8a:a7:ab:92:
18:95:53:17:79:f1:03:66:8d:51:1a:b2:90:2f:4e:
96:c5:d8:01:7d:57:75:78:95:1f:5f:60:f8:02:72:
a5:c4:57:ee:19:10:d3:19:f1:7e:53:82:aa:86:cf:
95:29:19:10:96:07:70:da:dd:66:09:56:b8:b0:cf:
fe:f6:0b:f3:3f:33:39:07:12:eb:f5:40:cb:96:3e:
49:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B7:21:12:DA:88:C0:14:C2:F2:2E:6D:5F:69:EE:02:1B:84:AD:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:b000::/40
Signature Algorithm: sha256WithRSAEncryption
31:6c:1d:bd:01:c5:f1:64:e6:08:40:64:8c:6c:55:7b:9e:ba:
19:39:84:47:26:4a:72:44:18:08:7a:65:0f:49:ad:35:97:d4:
e2:f1:b6:e7:b7:36:0b:0a:1d:52:5d:f3:ba:cb:0d:d2:80:35:
4f:ed:5d:98:dc:f0:c9:c6:c3:b3:93:41:b0:f9:68:a8:a1:f4:
ff:c4:f3:d1:fa:5b:ac:2f:03:7c:22:b6:c0:91:22:9a:d6:05:
ec:a0:b6:53:ea:c9:22:ec:12:1b:ce:cc:ab:f1:07:6e:70:d1:
ec:a3:f2:a0:71:4d:53:a4:a9:84:39:24:54:95:f0:e3:4c:39:
2a:87:50:a7:17:b1:cf:f7:18:ea:f6:0c:61:f4:d3:53:90:11:
ea:37:b0:1f:60:df:20:09:9f:18:6a:3a:0a:45:2a:ce:98:7d:
d6:49:e6:9d:8a:8d:c4:08:b9:54:9f:85:79:ff:33:d2:15:e1:
68:5a:95:07:b7:9f:ea:10:e7:c5:4a:2f:38:35:b4:1d:d3:9e:
ed:94:27:ac:8a:5c:7a:cf:6b:79:e8:74:58:5c:13:94:8b:5a:
9e:68:3d:fc:96:a0:39:57:18:a5:e0:6d:18:08:f5:57:4c:e9:
47:35:93:31:dd:ff:16:fa:06:5c:33:a8:7b:d1:34:c5:33:91:
87:14:53:98
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDhbTi501cEJk7xkes/qAq5ncDd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3YzYyYWMwNGI0Njk1MmE0YjY5NjY3MWQ3OWViYmJlNjNhYWJiYmM3MWYx
NDdlM2RlOWM0NGZiNzg2ZGEzOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPHlrQLufGYWjiIPPK90K3LRC2n/I+DX6jec6ExYWedjmt9NA98afLn7YE8q
lJHz8/uFhIUDvgS04G2910s6x1133wLR1HRDoqYkuR5rt6Q3w3koafrkPM/wPLL7
wVLKi4xGaX0nAhpR8S8rgHY57ULkyElMhU2qHGg5av+HgDjtGTO83NWxhBWIA+jZ
E8PsBM38riBmh+pi9yWSm76sIdC8GPc1hQMYsJpoYHuwxeCKp6uSGJVTF3nxA2aN
URqykC9OlsXYAX1XdXiVH19g+AJypcRX7hkQ0xnxflOCqobPlSkZEJYHcNrdZglW
uLDP/vYL8z8zOQcS6/VAy5Y+SQsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSFtyES
2ojAFMLyLm1fae4CG4StBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y4ZDJmOGYtM2Q0OC00N2NlLTg1MjQtNjY0MDZmMGRlMDA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSw
MA0GCSqGSIb3DQEBCwUAA4IBAQAxbB29AcXxZOYIQGSMbFV7nroZOYRHJkpyRBgI
emUPSa01l9Ti8bbntzYLCh1SXfO6yw3SgDVP7V2Y3PDJxsOzk0Gw+WioofT/xPPR
+lusLwN8IrbAkSKa1gXsoLZT6ski7BIbzsyr8QducNHso/KgcU1TpKmEOSRUlfDj
TDkqh1CnF7HP9xjq9gxh9NNTkBHqN7AfYN8gCZ8YajoKRSrOmH3WSeadio3ECLlU
n4V5/zPSFeFoWpUHt5/qEOfFSi84NbQd057tlCesilx6z2t56HRYXBOUi1qeaD38
lqA5Vxil4G0YCPVXTOlHNZMx3f8W+gZcM6h70TTFM5GHFFOY
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:26:33 2026 by rpki-client