Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
File: 470f3c02-20c3-480f-a788-60d7378cea9b.roa (raw, json)
Hash identifier: 8mcbomslWI0GJPV5a+nPQUnsiRaH2+lUDnjxs6HoAHE=
Subject key identifier: 27:1C:CD:D2:B6:F1:63:E7:C1:43:5D:32:22:A0:78:A6:21:07:67:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59A71C7FFD48C8D5FF4B61AE3F75C0378F76C241
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
Signing time: Thu 26 Feb 2026 02:00:09 +0000
ROA not before: Thu 26 Feb 2026 02:00:09 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:a7:1c:7f:fd:48:c8:d5:ff:4b:61:ae:3f:75:c0:37:8f:76:c2:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:00:09 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=bea2292aca970d7f8951caaa7aef6637f61822dc6e9ba3ce80aadd436f1614f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5d:e3:4e:61:56:b2:86:60:48:e8:1c:f0:73:
83:f1:df:74:f7:ff:fc:57:9c:d4:69:fc:8f:98:65:
af:e8:d5:61:91:d4:8a:e3:42:fb:cd:9c:bf:54:70:
fa:f8:c5:d4:a5:8a:97:3d:58:df:5b:3a:72:55:78:
f0:15:52:16:32:66:20:fd:2a:31:42:c2:a8:53:ff:
95:6c:0d:23:b7:73:3f:eb:5e:79:ec:ed:b1:6d:66:
a5:d5:97:c6:fc:44:8f:04:d7:ab:44:11:03:fc:d7:
3c:41:15:2b:d8:58:94:fc:57:02:ca:ba:7a:63:48:
87:dd:fc:44:61:8b:ed:fd:20:fd:c8:97:af:54:38:
3b:43:5d:91:9b:73:31:68:2c:7f:e0:db:fa:6a:a0:
b9:a3:4c:d5:40:f1:10:ed:4a:26:f4:ce:ba:18:49:
5d:53:31:89:79:56:c5:13:76:dd:dc:10:59:37:81:
bf:cf:40:1d:e9:47:31:76:83:8b:65:89:11:1c:08:
65:1b:03:66:54:8c:25:66:aa:1f:a2:80:9f:68:c7:
a7:00:1b:9b:ed:a0:8c:a4:45:3d:f5:76:7a:0b:b6:
f6:db:43:8a:8c:1a:6f:e9:eb:59:bb:a9:ee:1f:ca:
01:98:a5:c9:bb:d6:96:18:7c:a1:ba:25:8a:8e:1e:
72:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:1C:CD:D2:B6:F1:63:E7:C1:43:5D:32:22:A0:78:A6:21:07:67:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:880::/48
Signature Algorithm: sha256WithRSAEncryption
21:36:62:05:5e:97:34:76:1d:bb:09:93:c2:3c:69:57:59:a7:
5b:68:b9:26:c1:56:59:bc:c4:f8:7c:e0:a1:fb:bb:7d:c1:82:
51:02:c1:f9:af:b7:b5:f6:8e:8b:c1:6d:31:f5:4d:2b:c1:64:
40:43:80:76:b3:91:88:1d:c0:47:4a:ab:b6:9f:db:3d:32:e5:
c6:48:75:6a:9d:4a:9b:ea:39:43:a8:2f:bf:5e:a5:9d:bc:34:
9b:4d:b6:3d:b2:41:aa:d0:02:e0:a6:db:7c:e4:a3:8a:f0:22:
e9:7a:bc:81:15:90:77:65:57:f5:07:78:02:20:9f:44:36:0c:
13:7f:42:bf:92:72:55:c3:11:7b:75:d3:d3:20:f9:08:d7:00:
36:ab:89:85:34:26:64:65:0d:d8:60:9f:bd:f0:bc:73:37:9f:
8c:08:43:a0:2f:96:ba:52:85:2b:a6:fb:24:9a:4e:ed:2c:4a:
1f:f7:b2:84:ab:2f:39:fd:5a:14:4e:28:23:4d:d2:08:77:d8:
39:4e:67:5a:9d:dc:af:10:d6:e2:d7:62:99:aa:43:83:8b:1f:
ca:67:c2:89:01:19:f4:10:2f:1a:64:ed:ad:26:2c:ed:a0:0b:
2b:54:fa:a2:1f:dd:70:5d:1d:db:b8:a6:d6:89:07:42:22:11:
85:b4:f4:73
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWaccf/1IyNX/S2GuP3XAN492wkEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjAwMDlaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlYTIyOTJhY2E5NzBkN2Y4OTUxY2FhYTdhZWY2NjM3ZjYxODIyZGM2ZTli
YTNjZTgwYWFkZDQzNmYxNjE0ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZd405hVrKGYEjoHPBzg/HfdPf//Fec1Gn8j5hlr+jVYZHUiuNC+82cv1Rw
+vjF1KWKlz1Y31s6clV48BVSFjJmIP0qMULCqFP/lWwNI7dzP+teeeztsW1mpdWX
xvxEjwTXq0QRA/zXPEEVK9hYlPxXAsq6emNIh938RGGL7f0g/ciXr1Q4O0NdkZtz
MWgsf+Db+mqguaNM1UDxEO1KJvTOuhhJXVMxiXlWxRN23dwQWTeBv89AHelHMXaD
i2WJERwIZRsDZlSMJWaqH6KAn2jHpwAbm+2gjKRFPfV2egu29ttDiowab+nrWbup
7h/KAZilybvWlhh8obolio4ecuMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQnHM3S
tvFj58FDXTIioHimIQdnTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDcwZjNjMDItMjBjMy00ODBmLWE3ODgtNjBkNzM3OGNlYTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAITZiBV6XNHYduwmTwjxpV1mnW2i5JsFWWbzE
+Hzgofu7fcGCUQLB+a+3tfaOi8FtMfVNK8FkQEOAdrORiB3AR0qrtp/bPTLlxkh1
ap1Km+o5Q6gvv16lnbw0m022PbJBqtAC4KbbfOSjivAi6Xq8gRWQd2VX9Qd4AiCf
RDYME39Cv5JyVcMRe3XT0yD5CNcANquJhTQmZGUN2GCfvfC8czefjAhDoC+WulKF
K6b7JJpO7SxKH/eyhKsvOf1aFE4oI03SCHfYOU5nWp3crxDW4tdimapDg4sfymfC
iQEZ9BAvGmTtrSYs7aALK1T6oh/dcF0d27im1okHQiIRhbT0cw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:06 2026 by rpki-client