Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
File: 404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa (raw, json)
Hash identifier: W3P8PdBwXiwBcluKCk9tAzw1ekRNZvvgosfrrfSTiAA=
Subject key identifier: 7F:15:6C:74:84:52:DC:03:DA:31:44:E0:D5:E6:C2:3D:5B:A3:3A:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09EBD5CF95B29CF44CD95EB3A0AF1800C523BB03
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
Signing time: Sat 28 Feb 2026 06:00:55 +0000
ROA not before: Sat 28 Feb 2026 06:00:55 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d017::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:eb:d5:cf:95:b2:9c:f4:4c:d9:5e:b3:a0:af:18:00:c5:23:bb:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:55 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1d0e39e72b9cdf773f306c2baa6ea4613ea9a8e0214d02a676eb8693cc00ea97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:36:ef:27:5a:cb:db:7c:f6:66:0b:ec:df:57:
ce:c5:ba:49:91:ae:d6:0c:4b:0d:d2:bc:25:fd:7e:
95:29:78:51:da:ef:77:4a:11:dd:bb:34:58:77:da:
d0:25:85:18:df:e8:6f:c9:e2:de:ee:34:13:5b:c2:
34:88:2d:fe:e9:45:3f:81:58:33:14:c5:32:6d:e8:
94:8f:d4:fc:76:8d:fa:f4:af:af:d2:83:52:e7:4b:
41:bd:99:03:86:dc:58:78:f1:37:6b:8c:f5:c2:67:
61:06:a0:57:37:6c:80:2a:f4:a0:a8:0b:09:04:be:
2b:2f:e4:b9:f2:6f:f2:64:fd:2f:67:d5:15:4b:f3:
55:2c:78:a5:35:ba:bc:3a:90:7a:b2:ab:f1:4e:21:
ad:e1:3f:15:2b:52:0a:e6:d9:21:78:7f:c6:3e:24:
f6:4e:78:63:f4:de:52:d0:a2:0c:dd:64:cf:8c:74:
a8:65:29:be:aa:00:77:da:53:e0:78:78:56:76:a9:
3e:e0:d6:8a:b1:04:19:e4:40:f2:b9:65:39:03:6f:
1c:bc:1a:fa:8b:52:83:f8:4a:1e:a0:4b:6e:7b:03:
20:9e:5f:ec:8e:b0:f9:7c:95:d8:a2:00:c9:40:1b:
c9:f9:ff:ee:ef:33:89:41:f6:f7:c5:33:cd:bf:ba:
2c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:15:6C:74:84:52:DC:03:DA:31:44:E0:D5:E6:C2:3D:5B:A3:3A:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d017::/36
Signature Algorithm: sha256WithRSAEncryption
1f:47:db:72:dd:ca:b0:69:95:d3:ce:a7:0b:d7:bb:8a:fe:31:
b0:49:bf:14:9e:aa:c4:fc:1f:11:46:5f:3b:6a:6d:a1:6c:4a:
c1:d9:a5:c4:e1:18:b2:74:0d:d0:08:b3:fa:55:60:53:00:66:
97:84:df:6c:4b:56:9a:bf:88:96:11:87:8e:87:09:79:84:67:
3f:b2:bf:bf:db:75:a9:b0:44:73:44:25:bf:03:d0:eb:cb:9a:
aa:95:79:a8:6b:5a:b6:ff:6c:f2:ec:97:b6:fd:f8:97:54:3c:
86:49:22:56:1d:d8:7d:b1:a5:39:35:bd:1a:0a:6f:27:08:0b:
8c:c5:01:35:ad:fa:c4:59:01:ce:29:a1:4f:5a:ef:14:c9:2b:
54:ee:ec:9a:e9:4e:1c:bb:f7:24:b9:9a:03:e7:91:9b:65:33:
17:40:de:90:b5:48:a4:2a:96:40:9d:a6:3d:8f:d4:56:54:5c:
63:15:b9:77:02:c2:4e:43:80:71:70:a6:45:b5:40:c6:38:53:
7b:9a:27:d9:ed:f3:90:d0:96:37:19:7a:b1:38:42:ca:8f:4a:
90:9c:aa:77:02:b6:63:eb:33:fa:9d:36:d4:49:df:7b:9a:65:
a3:f4:8e:28:4a:6c:45:9b:91:7b:d7:3f:49:2c:b5:b7:17:05:
f5:68:30:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCevVz5WynPRM2V6zoK8YAMUjuwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNTVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkMGUzOWU3MmI5Y2RmNzczZjMwNmMyYmFhNmVhNDYxM2VhOWE4ZTAyMTRk
MDJhNjc2ZWI4NjkzY2MwMGVhOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQ27yday9t89mYL7N9XzsW6SZGu1gxLDdK8Jf1+lSl4Udrvd0oR3bs0WHfa
0CWFGN/ob8ni3u40E1vCNIgt/ulFP4FYMxTFMm3olI/U/HaN+vSvr9KDUudLQb2Z
A4bcWHjxN2uM9cJnYQagVzdsgCr0oKgLCQS+Ky/kufJv8mT9L2fVFUvzVSx4pTW6
vDqQerKr8U4hreE/FStSCubZIXh/xj4k9k54Y/TeUtCiDN1kz4x0qGUpvqoAd9pT
4Hh4VnapPuDWirEEGeRA8rllOQNvHLwa+otSg/hKHqBLbnsDIJ5f7I6w+XyV2KIA
yUAbyfn/7u8ziUH298Uzzb+6LGsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR/FWx0
hFLcA9oxRODV5sI9W6M6FzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA0ZWYxYWYtZTA1Mi00MWI4LWEwYmYtNzBlM2ZhMGFhMDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BcA
MA0GCSqGSIb3DQEBCwUAA4IBAQAfR9ty3cqwaZXTzqcL17uK/jGwSb8UnqrE/B8R
Rl87am2hbErB2aXE4RiydA3QCLP6VWBTAGaXhN9sS1aav4iWEYeOhwl5hGc/sr+/
23WpsERzRCW/A9Dry5qqlXmoa1q2/2zy7Je2/fiXVDyGSSJWHdh9saU5Nb0aCm8n
CAuMxQE1rfrEWQHOKaFPWu8UyStU7uya6U4cu/ckuZoD55GbZTMXQN6QtUikKpZA
naY9j9RWVFxjFbl3AsJOQ4BxcKZFtUDGOFN7mifZ7fOQ0JY3GXqxOELKj0qQnKp3
ArZj6zP6nTbUSd97mmWj9I4oSmxFm5F71z9JLLW3FwX1aDDD
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:07 2026 by rpki-client