Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
File: 492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa (raw, json)
Hash identifier: nsSIR6jQcXLPjD0aV4yS3rsqCx11Pmdw7eAN8RSgKVk=
Subject key identifier: 5F:C3:C5:23:E0:05:B5:92:4E:F0:79:09:B6:2E:E5:2B:84:EF:A2:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 424F471783F36E56C6DB38D5A41D989E58575788
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
Signing time: Sat 28 Feb 2026 06:00:51 +0000
ROA not before: Sat 28 Feb 2026 06:00:51 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:4f:47:17:83:f3:6e:56:c6:db:38:d5:a4:1d:98:9e:58:57:57:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:51 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1060a0f1bb1ea79bcffda9dbca24099a06f7530957b3975e707e11ab4deb80c6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:72:96:70:ab:49:d1:be:6d:46:88:5b:f6:39:
e4:f9:fc:44:e7:be:07:da:55:58:28:54:ba:13:e9:
91:db:1a:09:b7:c2:d2:5c:6b:44:d5:27:15:2f:39:
e3:69:41:c4:7b:64:7b:96:90:7b:d8:08:b1:93:af:
2b:0d:b0:93:4b:d8:17:32:e5:aa:8d:a9:b7:08:24:
86:4f:26:2a:dd:3c:5f:d1:e8:f6:28:8e:f4:07:47:
08:de:05:be:b2:ab:bf:2d:4c:f2:b3:8a:17:a7:29:
19:aa:42:fa:3f:bc:28:d0:55:bf:af:62:b7:59:97:
6a:2b:50:7e:24:a9:71:4f:4a:af:ca:d8:2e:9a:54:
ea:16:66:b0:68:35:f6:82:93:c9:bf:a5:87:d5:42:
32:4d:44:df:75:2d:ff:93:67:47:5d:59:78:40:63:
96:5c:27:b6:ec:c4:6f:67:44:ff:17:71:d7:6b:7d:
7e:df:b9:6b:cd:16:51:bc:12:41:ca:69:5d:64:ac:
28:14:36:24:4d:7a:20:33:69:51:e5:47:3b:2c:cb:
ca:33:35:26:cb:d5:bc:8f:57:d4:87:bd:61:f1:21:
99:6d:dc:bc:83:b7:ca:e6:9e:3f:fa:4b:38:7b:ab:
e2:86:26:56:c0:9a:9d:34:c0:1b:c0:9c:a6:cd:b1:
2d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C3:C5:23:E0:05:B5:92:4E:F0:79:09:B6:2E:E5:2B:84:EF:A2:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:4000::/40
Signature Algorithm: sha256WithRSAEncryption
16:c5:28:c2:2c:5c:2c:f6:57:87:ff:e9:ac:1e:3e:91:59:2f:
b3:f8:ef:b1:fc:92:42:6e:a0:75:f2:90:dd:7e:4d:dc:7f:70:
4c:98:44:4d:fc:85:2e:27:9c:22:53:09:60:07:39:69:f9:7b:
23:9c:f9:61:fe:1b:b3:78:e0:24:b2:c8:06:dc:98:ee:56:04:
41:d9:9e:24:b1:b3:6c:60:95:c4:dc:23:0d:5b:3a:c0:49:b2:
d2:15:a3:63:30:70:96:c5:05:90:88:1a:8d:7d:af:19:21:d3:
e8:7b:b7:75:65:b0:58:51:32:0f:d9:87:05:e2:3c:33:0e:85:
8a:2c:f9:83:b2:d6:83:14:fd:73:8d:2d:24:58:a2:aa:03:7f:
a4:e0:0b:0d:d4:26:eb:a5:09:8d:24:48:4a:fc:bf:28:3b:cc:
fb:e1:58:48:3d:14:87:bc:31:33:c5:95:b9:45:5f:74:62:b5:
03:af:4f:6a:9a:0f:53:6d:e5:f6:cf:e6:63:c3:4e:fa:84:0e:
ed:4a:a6:51:7e:ea:6b:8f:34:9f:db:84:4c:58:1a:06:db:16:
1b:9a:a1:ac:36:34:d9:bd:5c:71:14:4a:40:d4:ed:74:69:b9:
96:0f:7c:58:16:2a:3d:be:25:4e:9c:6f:3e:51:3c:0f:24:3a:
62:ad:89:78
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQk9HF4PzblbG2zjVpB2YnlhXV4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwNjBhMGYxYmIxZWE3OWJjZmZkYTlkYmNhMjQwOTlhMDZmNzUzMDk1N2Iz
OTc1ZTcwN2UxMWFiNGRlYjgwYzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZylnCrSdG+bUaIW/Y55Pn8ROe+B9pVWChUuhPpkdsaCbfC0lxrRNUnFS85
42lBxHtke5aQe9gIsZOvKw2wk0vYFzLlqo2ptwgkhk8mKt08X9Ho9iiO9AdHCN4F
vrKrvy1M8rOKF6cpGapC+j+8KNBVv69it1mXaitQfiSpcU9Kr8rYLppU6hZmsGg1
9oKTyb+lh9VCMk1E33Ut/5NnR11ZeEBjllwntuzEb2dE/xdx12t9ft+5a80WUbwS
QcppXWSsKBQ2JE16IDNpUeVHOyzLyjM1JsvVvI9X1Ie9YfEhmW3cvIO3yuaeP/pL
OHur4oYmVsCanTTAG8Ccps2xLW0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfw8Uj
4AW1kk7weQm2LuUrhO+iQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkyZWQ4Y2EtZWZhNC00MDQxLWFjOGQtYjBhNzhlZjA1MzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1A
MA0GCSqGSIb3DQEBCwUAA4IBAQAWxSjCLFws9leH/+msHj6RWS+z+O+x/JJCbqB1
8pDdfk3cf3BMmERN/IUuJ5wiUwlgBzlp+XsjnPlh/huzeOAkssgG3JjuVgRB2Z4k
sbNsYJXE3CMNWzrASbLSFaNjMHCWxQWQiBqNfa8ZIdPoe7d1ZbBYUTIP2YcF4jwz
DoWKLPmDstaDFP1zjS0kWKKqA3+k4AsN1CbrpQmNJEhK/L8oO8z74VhIPRSHvDEz
xZW5RV90YrUDr09qmg9TbeX2z+Zjw076hA7tSqZRfuprjzSf24RMWBoG2xYbmqGs
NjTZvVxxFEpA1O10abmWD3xYFio9viVOnG8+UTwPJDpirYl4
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:12 2026 by rpki-client