Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
File: 455a2efe-3411-42cf-a196-73c25845d48c.roa (raw, json)
Hash identifier: jQnFPJGCq4Sa9pduh6Lkqzn+d0Dzv1aVG60KYvDCsw4=
Subject key identifier: 93:4E:11:06:D2:42:12:0B:03:88:6D:EF:61:0A:AF:7B:12:09:94:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DFCC72F9DCF6AA48767B13657219E8DF22B490C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
Signing time: Sat 28 Feb 2026 06:01:15 +0000
ROA not before: Sat 28 Feb 2026 06:01:15 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:fc:c7:2f:9d:cf:6a:a4:87:67:b1:36:57:21:9e:8d:f2:2b:49:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:15 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4458be532ecf4cbf909eaf20d169fb559200cf50fd2897830467030324ee3a5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f9:b2:3b:a1:bf:61:1d:11:c8:d9:d0:09:96:
37:b8:59:c6:51:ec:17:db:bc:79:8d:69:4d:8e:3d:
03:33:e9:6b:8c:62:22:40:a3:aa:35:1a:57:5a:8f:
eb:18:c8:c0:1d:29:c2:f1:02:e5:58:8e:78:e6:70:
fd:e6:27:be:53:b2:76:a9:26:5c:35:63:a0:1b:44:
cb:14:6e:dd:d3:d8:de:44:af:b8:fa:d5:e0:3b:e7:
fc:8a:80:99:0b:d7:c5:93:bf:13:31:62:8b:f4:8e:
83:b8:f7:cb:2c:e4:82:8a:18:f9:1c:a8:ba:99:ff:
c3:1c:1e:27:0a:b4:87:07:e3:01:e9:1a:27:36:4b:
c8:3a:62:ab:35:33:8d:0f:7a:d7:e6:67:8d:14:02:
70:03:c6:38:d8:cf:a5:a9:6f:e1:4b:fd:07:89:a2:
a2:66:77:af:f0:b7:3f:8c:8e:79:06:f7:50:b2:a6:
a7:ba:2a:a3:5b:fb:43:54:78:85:4e:87:a8:a1:a3:
37:ee:75:06:3a:7e:03:b2:85:5a:51:76:a5:11:74:
1e:a2:7f:9e:95:8c:9d:80:c3:07:56:5f:b1:b6:ad:
b9:2e:1c:32:ba:07:7e:82:e7:96:6b:dd:72:62:f7:
14:66:9d:28:19:bf:26:dc:13:60:8f:6a:ee:36:20:
e8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4E:11:06:D2:42:12:0B:03:88:6D:EF:61:0A:AF:7B:12:09:94:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:1f:4c:94:2e:4a:4f:a9:72:5a:3d:96:d6:c3:0e:0e:2c:80:
cb:b1:68:52:05:03:3f:56:75:7c:14:19:57:bf:f2:1f:32:ce:
3b:b2:fc:47:01:51:f7:f1:bb:64:ef:4c:d6:5a:25:7f:81:90:
f7:3e:90:a3:06:5d:0d:f4:f4:65:90:97:c7:15:47:84:31:10:
16:f1:32:2c:50:4f:f1:60:64:05:9a:f4:5d:9d:65:aa:30:15:
44:d2:e1:40:b5:47:8d:06:4a:77:b6:0b:a2:e8:f2:3c:25:db:
a3:8d:e2:53:47:a5:18:f3:11:73:9d:f4:6e:16:4c:24:35:b9:
35:5a:d7:36:6e:42:b0:57:0b:a1:08:2a:0f:65:2f:19:dd:8f:
ee:cb:35:17:e8:53:f0:37:c5:bf:69:69:3b:3c:2f:f7:44:ff:
c9:1f:5a:09:73:eb:e0:26:56:df:96:e3:1c:1b:a2:16:f6:38:
d3:b9:77:14:d2:43:cf:a7:46:ef:bd:f6:1f:95:06:af:11:7c:
bd:45:8a:ef:60:97:e3:7f:a3:7e:42:43:62:c7:db:65:b7:63:
bb:d4:0a:a1:42:f0:49:8b:1a:d4:ad:d2:37:de:96:36:03:28:
32:2c:3a:22:8d:3c:56:c5:e7:ec:f9:8a:d7:72:53:51:5d:72:
db:18:a9:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULfzHL53PaqSHZ7E2VyGejfIrSQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMTVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0NThiZTUzMmVjZjRjYmY5MDllYWYyMGQxNjlmYjU1OTIwMGNmNTBmZDI4
OTc4MzA0NjcwMzAzMjRlZTNhNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPT5sjuhv2EdEcjZ0AmWN7hZxlHsF9u8eY1pTY49AzPpa4xiIkCjqjUaV1qP
6xjIwB0pwvEC5ViOeOZw/eYnvlOydqkmXDVjoBtEyxRu3dPY3kSvuPrV4Dvn/IqA
mQvXxZO/EzFii/SOg7j3yyzkgooY+Ryoupn/wxweJwq0hwfjAekaJzZLyDpiqzUz
jQ961+ZnjRQCcAPGONjPpalv4Uv9B4miomZ3r/C3P4yOeQb3ULKmp7oqo1v7Q1R4
hU6HqKGjN+51Bjp+A7KFWlF2pRF0HqJ/npWMnYDDB1ZfsbatuS4cMroHfoLnlmvd
cmL3FGadKBm/JtwTYI9q7jYg6MMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSTThEG
0kISCwOIbe9hCq97EgmUjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1YTJlZmUtMzQxMS00MmNmLWExOTYtNzNjMjU4NDVkNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fgg
MA0GCSqGSIb3DQEBCwUAA4IBAQB8H0yULkpPqXJaPZbWww4OLIDLsWhSBQM/VnV8
FBlXv/IfMs47svxHAVH38btk70zWWiV/gZD3PpCjBl0N9PRlkJfHFUeEMRAW8TIs
UE/xYGQFmvRdnWWqMBVE0uFAtUeNBkp3tgui6PI8JdujjeJTR6UY8xFznfRuFkwk
Nbk1Wtc2bkKwVwuhCCoPZS8Z3Y/uyzUX6FPwN8W/aWk7PC/3RP/JH1oJc+vgJlbf
luMcG6IW9jjTuXcU0kPPp0bvvfYflQavEXy9RYrvYJfjf6N+QkNix9tlt2O71Aqh
QvBJixrUrdI33pY2AygyLDoijTxWxefs+YrXclNRXXLbGKlW
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:32 2026 by rpki-client