Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
File: 455182aa-6d74-4447-81a6-6be09732e55d.roa (raw, json)
Hash identifier: sRUgyzwwm0bIt/jdTkIb8QyqietnD0CWQO6FXe/LMrA=
Subject key identifier: 3E:61:2E:E6:E8:87:0F:D9:29:49:12:66:BD:D6:05:E0:E1:6F:48:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38A7D9EF6ADC2947DF753957FC822F9EC0B4BE5C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
Signing time: Sat 28 Feb 2026 05:40:48 +0000
ROA not before: Sat 28 Feb 2026 05:40:48 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:a7:d9:ef:6a:dc:29:47:df:75:39:57:fc:82:2f:9e:c0:b4:be:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:48 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=081cb2ced2a785a71de3bd6fa91da86c803ee52959c9c93a5f1078e95dd29518, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:1a:0c:fa:da:de:bb:fe:da:90:9c:4a:e4:ef:
a2:60:6b:f4:9c:ff:3f:bd:49:2e:80:41:de:4e:e6:
9b:fa:e5:e2:89:83:ba:ee:00:96:ca:bf:eb:5e:c7:
a1:e8:b6:f5:86:4e:04:8c:3d:ee:8f:7e:98:b2:0d:
ed:13:af:72:b6:00:ef:ac:38:5a:98:86:7d:67:78:
54:58:c3:e9:c8:24:0b:8c:9f:17:06:12:8d:88:36:
c3:55:38:92:0e:76:6b:d1:48:5c:39:c4:8d:ae:d0:
c1:d5:f8:1a:d4:7b:c6:3c:df:65:b1:7f:72:2f:91:
19:71:fe:ab:c3:08:2c:66:e1:5f:7c:0b:6c:89:33:
79:99:99:1c:4c:4f:6b:65:7e:53:33:f0:02:56:b0:
62:37:ea:28:5e:59:db:4c:b4:2c:15:ff:b9:0e:e2:
77:d2:83:2a:92:fc:66:04:20:16:16:73:4e:28:94:
12:6e:68:dc:85:2c:9a:22:c4:25:0d:38:92:81:9f:
56:2a:af:9f:7d:b9:e7:22:9c:80:89:2e:9b:21:d0:
2e:95:f5:4b:61:ac:67:92:aa:8e:6c:7e:ff:4f:de:
e7:5d:24:f7:8e:01:73:47:cf:ea:48:6f:3f:1a:cf:
c7:bd:68:11:0a:b7:84:ba:2a:e8:e9:7a:00:a9:3c:
ff:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:61:2E:E6:E8:87:0F:D9:29:49:12:66:BD:D6:05:E0:E1:6F:48:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:c00::/38
Signature Algorithm: sha256WithRSAEncryption
9a:8c:26:81:af:5d:e8:50:23:f8:1f:6c:90:96:d9:46:f7:4f:
ab:45:e5:f3:6c:d5:8a:64:53:a3:7e:41:0e:c5:d6:78:4e:de:
f2:76:b7:27:f1:c0:c8:ee:eb:e7:54:ac:4c:56:a3:16:f5:99:
b8:39:5c:0b:50:a3:09:93:f3:61:6a:36:02:0a:da:80:a2:61:
84:99:e7:bd:da:b0:e5:f2:b0:b2:85:10:b6:6c:f6:f8:be:26:
25:96:c9:e4:bd:fc:48:4c:b0:b8:10:f3:60:2d:ee:82:e5:81:
5e:1e:c8:85:8d:35:82:da:b3:61:4e:15:d8:de:0d:c1:ac:15:
fd:ed:1b:37:9a:2f:0d:f1:ad:70:80:63:17:f3:66:0b:aa:ef:
00:ac:5b:32:52:8a:f5:53:41:6e:4f:b5:3e:6b:0d:b2:0d:b3:
b4:7f:38:e3:90:25:73:b2:d9:0a:a3:bf:51:3e:87:d8:b5:cc:
fa:10:f6:ee:e2:bb:ff:eb:52:96:8d:fe:ae:bf:0c:c4:92:58:
7c:78:6f:fa:61:77:92:89:d8:ed:33:52:85:c6:08:1e:3c:f4:
0a:1f:bb:4d:f2:c8:32:08:36:a4:7c:72:c6:33:f3:35:85:73:
00:3a:6a:ee:aa:15:b1:1a:2d:1a:f1:e8:f3:1b:3d:8c:39:15:
dc:3f:90:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOKfZ72rcKUffdTlX/IIvnsC0vlwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwNDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4MWNiMmNlZDJhNzg1YTcxZGUzYmQ2ZmE5MWRhODZjODAzZWU1Mjk1OWM5
YzkzYTVmMTA3OGU5NWRkMjk1MTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJcaDPra3rv+2pCcSuTvomBr9Jz/P71JLoBB3k7mm/rl4omDuu4Alsq/617H
oei29YZOBIw97o9+mLIN7ROvcrYA76w4WpiGfWd4VFjD6cgkC4yfFwYSjYg2w1U4
kg52a9FIXDnEja7QwdX4GtR7xjzfZbF/ci+RGXH+q8MILGbhX3wLbIkzeZmZHExP
a2V+UzPwAlawYjfqKF5Z20y0LBX/uQ7id9KDKpL8ZgQgFhZzTiiUEm5o3IUsmiLE
JQ04koGfViqvn3255yKcgIkumyHQLpX1S2GsZ5Kqjmx+/0/e510k944Bc0fP6khv
PxrPx71oEQq3hLoq6Ol6AKk8/yMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+YS7m
6IcP2SlJEma91gXg4W9IsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1MTgyYWEtNmQ3NC00NDQ3LTgxYTYtNmJlMDk3MzJlNTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4M
MA0GCSqGSIb3DQEBCwUAA4IBAQCajCaBr13oUCP4H2yQltlG90+rReXzbNWKZFOj
fkEOxdZ4Tt7ydrcn8cDI7uvnVKxMVqMW9Zm4OVwLUKMJk/NhajYCCtqAomGEmee9
2rDl8rCyhRC2bPb4viYllsnkvfxITLC4EPNgLe6C5YFeHsiFjTWC2rNhThXY3g3B
rBX97Rs3mi8N8a1wgGMX82YLqu8ArFsyUor1U0FuT7U+aw2yDbO0fzjjkCVzstkK
o79RPofYtcz6EPbu4rv/61KWjf6uvwzEklh8eG/6YXeSidjtM1KFxggePPQKH7tN
8sgyCDakfHLGM/M1hXMAOmruqhWxGi0a8ejzGz2MORXcP5Bl
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:47 2026 by rpki-client