Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
File: 48b510e0-0d59-48d3-96c5-ddb87c118e43.roa (raw, json)
Hash identifier: PhJ95HFy+mbzEg/V2ZBPFWv8t1LeipxBQxekhPwq4m0=
Subject key identifier: 1F:99:9A:E1:C0:6F:5A:31:F1:E9:C3:6B:93:A0:1F:F0:E0:B2:6F:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F9A8B0E2DB543DFF4425186E5CA468BED817ADA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
Signing time: Sat 28 Feb 2026 05:20:59 +0000
ROA not before: Sat 28 Feb 2026 05:20:59 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:9a:8b:0e:2d:b5:43:df:f4:42:51:86:e5:ca:46:8b:ed:81:7a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:59 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=353a7e74ae13e114df79862a14222c6969981541e231a3dd251463d6695860ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:4b:6c:d9:5e:2f:de:53:49:70:83:fd:4c:af:
65:b7:74:93:85:93:cd:fd:e2:8d:1c:a1:2b:4d:8c:
12:53:c9:cf:24:e9:06:c9:5c:4d:f3:bf:7a:c7:76:
53:8c:88:62:18:e6:43:b2:d4:5e:0d:e9:78:65:34:
f1:f3:b5:b4:5a:8e:ce:17:5a:85:57:46:eb:d5:72:
d0:44:bb:93:f8:af:e1:43:be:c5:ee:5b:ec:f5:b3:
2b:ba:79:c1:7f:e0:63:0f:f0:24:e6:49:f3:06:96:
06:a4:f8:c6:4d:8a:0f:49:cc:1d:bc:ce:eb:51:f2:
9f:b4:fc:33:f3:27:35:e9:be:f3:c6:32:ec:de:b4:
17:39:34:e5:7b:fb:ba:8d:b9:52:85:6b:b4:bc:21:
96:2e:f1:69:63:0b:b7:d8:13:94:40:a3:bf:43:be:
db:2f:0b:5e:26:1e:36:f9:47:7a:09:6e:f5:53:0e:
7e:50:54:76:f5:59:33:2b:15:0b:81:98:9e:57:72:
7a:ea:ba:18:e4:71:48:a0:50:8d:b8:9a:08:71:d6:
a9:e5:30:fe:c9:23:4a:5b:cc:80:d6:85:37:49:de:
7d:1d:8a:d3:7b:79:ae:f0:95:80:47:2f:da:91:55:
91:28:50:ee:53:c3:a1:34:8b:f2:25:ed:bf:ee:8a:
a4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:99:9A:E1:C0:6F:5A:31:F1:E9:C3:6B:93:A0:1F:F0:E0:B2:6F:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4020::/48
Signature Algorithm: sha256WithRSAEncryption
54:94:1c:26:3b:5e:44:a5:87:4d:ab:98:ba:f2:62:ed:7e:f9:
00:4a:95:9f:93:b6:d9:14:52:a1:63:b6:31:17:f3:a5:88:d8:
ac:25:26:b1:e8:5f:3f:9c:a7:1c:fd:30:55:28:f9:bb:e5:7c:
7b:d1:22:b0:94:ab:41:9d:1c:53:8d:ff:ae:71:45:7e:fd:62:
1a:ab:ab:b5:13:5d:ea:4c:8e:18:df:dc:e0:e3:3e:1c:08:79:
52:5b:53:4b:ac:89:c2:1d:24:e2:79:03:29:93:5e:bd:33:b9:
a8:6f:fa:49:30:06:d6:c7:0a:ea:99:7b:d2:0b:e3:01:11:0f:
08:57:a9:50:6f:c7:15:4e:a3:9b:06:83:da:00:e7:1a:e5:07:
27:a8:07:c6:e9:63:3d:57:cd:bb:1c:fe:02:d3:ac:3c:a7:b9:
88:e2:f5:94:ae:12:f1:f4:66:d9:db:4e:5e:cf:a8:0a:f8:17:
8c:63:c1:d3:a9:ae:9c:24:98:e9:94:6a:b1:65:cd:bc:8b:ee:
84:da:4a:b3:02:b6:95:79:13:24:87:fc:22:bb:50:92:a6:ba:
06:95:fe:74:68:5e:80:4a:f5:dc:f2:cd:19:42:b9:3b:48:1b:
d0:b2:fa:da:80:ae:a0:54:ab:1d:e4:25:08:26:4a:bf:a1:6a:
1d:37:68:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD5qLDi21Q9/0QlGG5cpGi+2BetowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNTlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1M2E3ZTc0YWUxM2UxMTRkZjc5ODYyYTE0MjIyYzY5Njk5ODE1NDFlMjMx
YTNkZDI1MTQ2M2Q2Njk1ODYwYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO9LbNleL95TSXCD/UyvZbd0k4WTzf3ijRyhK02MElPJzyTpBslcTfO/esd2
U4yIYhjmQ7LUXg3peGU08fO1tFqOzhdahVdG69Vy0ES7k/iv4UO+xe5b7PWzK7p5
wX/gYw/wJOZJ8waWBqT4xk2KD0nMHbzO61Hyn7T8M/MnNem+88Yy7N60Fzk05Xv7
uo25UoVrtLwhli7xaWMLt9gTlECjv0O+2y8LXiYeNvlHeglu9VMOflBUdvVZMysV
C4GYnldyeuq6GORxSKBQjbiaCHHWqeUw/skjSlvMgNaFN0nefR2K03t5rvCVgEcv
2pFVkShQ7lPDoTSL8iXtv+6KpFcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQfmZrh
wG9aMfHpw2uToB/w4LJvKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhiNTEwZTAtMGQ1OS00OGQzLTk2YzUtZGRiODdjMTE4ZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
IDANBgkqhkiG9w0BAQsFAAOCAQEAVJQcJjteRKWHTauYuvJi7X75AEqVn5O22RRS
oWO2MRfzpYjYrCUmsehfP5ynHP0wVSj5u+V8e9EisJSrQZ0cU43/rnFFfv1iGqur
tRNd6kyOGN/c4OM+HAh5UltTS6yJwh0k4nkDKZNevTO5qG/6STAG1scK6pl70gvj
AREPCFepUG/HFU6jmwaD2gDnGuUHJ6gHxuljPVfNuxz+AtOsPKe5iOL1lK4S8fRm
2dtOXs+oCvgXjGPB06munCSY6ZRqsWXNvIvuhNpKswK2lXkTJIf8IrtQkqa6BpX+
dGhegEr13PLNGUK5O0gb0LL62oCuoFSrHeQlCCZKv6FqHTdoLg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:39 2026 by rpki-client