Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
File: 48202432-610c-42b2-9763-e895c6cbe70d.roa (raw, json)
Hash identifier: CsG/EjUjS0oEIqMwmfLjj5zXpW7Gn5ZDEU4/ZgnNnxw=
Subject key identifier: 9F:F5:31:AD:9A:CD:F3:88:9D:82:4A:AB:10:82:6A:C0:A0:E1:51:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67F6D1249212338796AC7CB5064268B090813D20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
Signing time: Wed 25 Feb 2026 03:00:13 +0000
ROA not before: Wed 25 Feb 2026 03:00:13 +0000
ROA not after: Tue 26 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:f6:d1:24:92:12:33:87:96:ac:7c:b5:06:42:68:b0:90:81:3d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 25 03:00:13 2026 GMT
Not After : May 26 23:59:59 2026 GMT
Subject: serialNumber=d600330804f37e67a80575f1e6832427cd5af906ac35ce18df2b71c797509f05, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:52:ba:c8:87:e5:7c:b7:fe:a7:60:90:01:51:
0d:00:23:aa:98:f9:86:73:20:9f:93:da:a3:a6:54:
e3:01:79:74:14:55:33:4e:35:d1:25:38:81:80:73:
c7:6b:6d:ae:58:d3:96:70:f8:55:37:bf:e6:28:6a:
07:cc:41:fa:a5:3f:94:3b:8e:33:b6:b0:a9:22:b5:
2b:08:77:61:5f:53:3f:05:50:56:b8:87:75:8d:40:
00:d0:0e:89:b8:6e:b4:65:42:bd:b7:84:63:af:ef:
0c:9b:bb:cc:a9:2b:00:4e:3a:b5:ac:a5:13:27:f9:
e6:d7:6d:d2:55:c7:ba:df:20:85:76:c1:dc:10:88:
8f:df:8b:91:13:06:e8:75:92:39:ac:51:1b:d5:23:
a3:14:ac:74:b7:41:02:1f:30:41:ac:e2:f1:2f:1b:
d2:46:61:0b:85:1a:fb:e8:5b:94:89:06:7a:74:47:
44:52:33:d6:27:78:4c:4c:37:84:8e:1f:0c:47:55:
50:c1:67:21:f2:e0:de:f2:5e:f8:a0:7b:c1:5f:20:
ad:a1:65:d1:d6:88:f9:15:96:43:35:1f:8b:e3:57:
41:bf:5b:4f:05:70:82:73:7c:2c:b7:1c:f5:ec:37:
b1:82:25:68:f2:80:de:26:9c:e2:6e:2e:39:9c:0c:
83:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F5:31:AD:9A:CD:F3:88:9D:82:4A:AB:10:82:6A:C0:A0:E1:51:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/48
Signature Algorithm: sha256WithRSAEncryption
9e:a6:3f:09:eb:a1:91:3f:52:52:7a:3e:11:c6:b7:68:1d:ab:
b0:3d:b7:42:1f:0a:48:9a:d8:05:0e:15:9f:db:5c:d0:6a:20:
dd:4b:d8:a7:64:f1:9a:9b:7d:76:fa:af:09:af:55:0d:49:0b:
5a:a4:50:e3:02:e5:0e:93:5b:c3:97:ba:2b:57:b9:7d:23:4f:
d6:0a:bd:e5:31:69:97:18:de:3a:0b:b1:18:04:86:86:b5:9c:
fc:89:a3:3d:d9:7a:80:bb:8a:ad:3e:82:7b:47:4f:ca:fc:ab:
ad:1f:2e:12:5c:40:3e:0c:71:2a:14:a6:e0:ba:14:fe:c3:9a:
24:4e:c0:6c:d8:c7:50:1f:14:a3:94:c7:81:6d:76:a8:86:e5:
fe:18:b7:25:26:13:f6:45:05:ae:0b:5a:c1:66:3a:29:b1:69:
c9:f8:56:ff:11:e6:0c:99:50:f4:25:7c:1e:28:0a:78:84:8b:
0d:4d:1a:9b:e8:d4:ba:12:24:25:1e:47:37:a1:d2:c5:f3:53:
e7:28:a8:73:c6:53:ce:18:df:3a:fb:c7:26:5f:4c:a0:4c:50:
29:a6:79:eb:98:3b:f1:bf:3e:f2:c5:a9:da:72:53:d2:5c:1c:
55:73:1b:87:68:e6:25:76:c1:de:0a:8a:95:a0:01:e6:95:8b:
b7:ea:f6:e1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ/bRJJISM4eWrHy1BkJosJCBPSAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjUwMzAwMTNaFw0yNjA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2MDAzMzA4MDRmMzdlNjdhODA1NzVmMWU2ODMyNDI3Y2Q1YWY5MDZhYzM1
Y2UxOGRmMmI3MWM3OTc1MDlmMDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1SusiH5Xy3/qdgkAFRDQAjqpj5hnMgn5Pao6ZU4wF5dBRVM0410SU4gYBz
x2ttrljTlnD4VTe/5ihqB8xB+qU/lDuOM7awqSK1Kwh3YV9TPwVQVriHdY1AANAO
ibhutGVCvbeEY6/vDJu7zKkrAE46taylEyf55tdt0lXHut8ghXbB3BCIj9+LkRMG
6HWSOaxRG9UjoxSsdLdBAh8wQazi8S8b0kZhC4Ua++hblIkGenRHRFIz1id4TEw3
hI4fDEdVUMFnIfLg3vJe+KB7wV8graFl0daI+RWWQzUfi+NXQb9bTwVwgnN8LLcc
9ew3sYIlaPKA3iac4m4uOZwMgycCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSf9TGt
ms3ziJ2CSqsQgmrAoOFR/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDgyMDI0MzItNjEwYy00MmIyLTk3NjMtZTg5NWM2Y2JlNzBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAnqY/CeuhkT9SUno+Eca3aB2rsD23Qh8KSJrY
BQ4Vn9tc0Gog3UvYp2Txmpt9dvqvCa9VDUkLWqRQ4wLlDpNbw5e6K1e5fSNP1gq9
5TFplxjeOguxGASGhrWc/ImjPdl6gLuKrT6Ce0dPyvyrrR8uElxAPgxxKhSm4LoU
/sOaJE7AbNjHUB8Uo5THgW12qIbl/hi3JSYT9kUFrgtawWY6KbFpyfhW/xHmDJlQ
9CV8HigKeISLDU0am+jUuhIkJR5HN6HSxfNT5yioc8ZTzhjfOvvHJl9MoExQKaZ5
65g78b8+8sWp2nJT0lwcVXMbh2jmJXbB3gqKlaAB5pWLt+r24Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:28:16 2026 by rpki-client