Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
File: 50253a85-74b2-4a74-ab18-15a98f3496b2.roa (raw, json)
Hash identifier: UQH8//FmFsqsc9B7rlWifaEH2AvdHGjvPWDZUdczLpM=
Subject key identifier: 00:AE:72:E4:7F:59:9C:7E:F1:4C:35:F2:E8:95:33:D8:3C:29:5D:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25AFA22F97DD7F16EC2F3EF2605D470C06219298
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
Signing time: Sat 28 Feb 2026 05:50:08 +0000
ROA not before: Sat 28 Feb 2026 05:50:08 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:af:a2:2f:97:dd:7f:16:ec:2f:3e:f2:60:5d:47:0c:06:21:92:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:08 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=43ccbd4d0ab44cfe139c6f29b394e161a65c353fc3859b0604f997413dd1aa4d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9a:14:fa:ce:04:5f:ee:39:3b:fe:8c:a6:26:
0f:a8:87:36:83:db:fb:93:ce:73:13:34:c8:fa:44:
52:f7:14:ae:52:e1:d1:a2:d8:21:cb:aa:4d:49:86:
e7:d3:b8:d9:5b:fd:04:b8:10:2b:06:a3:42:c3:1f:
8a:40:57:37:a4:23:41:57:80:fa:8f:13:ec:c8:2c:
d9:e7:37:36:41:d2:8b:34:35:f0:3d:2d:c7:0c:96:
f5:e5:a1:90:91:8f:d7:5d:bd:b2:34:56:51:53:26:
c6:b7:e1:aa:32:6d:7c:35:e6:a3:73:8b:64:7a:77:
97:10:b4:0b:17:45:ce:e2:ce:59:fd:52:00:63:9e:
3c:14:65:0f:4e:d3:8b:06:84:60:c9:38:ad:9d:ae:
81:74:e9:20:39:3e:15:17:11:70:ff:76:ee:b0:e6:
0a:d1:eb:37:eb:d6:e8:8f:bc:c8:1e:04:ce:d6:7c:
1a:33:57:64:24:27:80:01:d9:6d:fe:6e:ce:bf:8c:
f0:07:f6:76:dd:6e:25:24:6d:31:19:3e:f6:ca:36:
dc:82:54:c5:40:da:35:cf:38:73:78:46:81:a9:c9:
11:20:60:3a:27:4a:e2:63:a9:eb:70:f6:0e:60:bd:
81:c9:64:48:9f:c4:3b:45:b9:19:7c:0f:b9:a3:90:
32:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AE:72:E4:7F:59:9C:7E:F1:4C:35:F2:E8:95:33:D8:3C:29:5D:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:8000::/40
Signature Algorithm: sha256WithRSAEncryption
38:9f:c9:d4:57:15:41:f1:31:cc:74:a5:0c:6a:22:88:db:52:
d9:01:78:d9:30:78:b0:60:1a:6e:93:00:15:d7:4a:c5:75:a6:
c0:73:23:bf:d7:01:d9:9f:07:cf:13:d2:d5:80:41:62:ce:90:
58:16:49:4e:e8:c7:22:25:b6:1e:ef:3e:ef:9d:d8:4f:c9:17:
26:06:e2:45:ee:18:b3:db:a7:53:e4:3d:a2:40:f5:5b:f6:6e:
11:f8:b3:16:eb:94:75:3c:8e:46:ac:7c:a5:e3:30:a4:bc:49:
d2:0c:8a:d7:75:a7:cb:d4:c0:9a:73:1e:ce:dd:5a:62:0b:04:
6d:e6:3e:7e:8a:c7:ae:c4:19:70:76:08:57:c9:20:b0:95:2e:
64:64:82:59:a1:97:70:f8:6a:6f:7d:4d:d4:43:25:22:d4:33:
aa:66:e9:60:9c:f3:78:69:87:15:2e:b9:0f:89:68:62:0d:16:
fe:50:cb:29:5c:75:bb:7f:ff:60:cd:83:2e:8a:b0:0d:14:84:
94:19:a6:a3:c6:cc:00:4c:bf:42:87:29:f7:78:09:86:36:66:
67:7b:c2:f8:81:69:19:f2:29:7d:db:29:0c:55:f5:55:cb:a3:
99:ea:4d:80:34:b2:3f:3e:14:6d:70:ca:eb:5d:c6:6e:fd:6f:
6d:2c:52:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJa+iL5fdfxbsLz7yYF1HDAYhkpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwMDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzY2NiZDRkMGFiNDRjZmUxMzljNmYyOWIzOTRlMTYxYTY1YzM1M2ZjMzg1
OWIwNjA0Zjk5NzQxM2RkMWFhNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGaFPrOBF/uOTv+jKYmD6iHNoPb+5POcxM0yPpEUvcUrlLh0aLYIcuqTUmG
59O42Vv9BLgQKwajQsMfikBXN6QjQVeA+o8T7Mgs2ec3NkHSizQ18D0txwyW9eWh
kJGP1129sjRWUVMmxrfhqjJtfDXmo3OLZHp3lxC0CxdFzuLOWf1SAGOePBRlD07T
iwaEYMk4rZ2ugXTpIDk+FRcRcP927rDmCtHrN+vW6I+8yB4EztZ8GjNXZCQngAHZ
bf5uzr+M8Af2dt1uJSRtMRk+9so23IJUxUDaNc84c3hGganJESBgOidK4mOp63D2
DmC9gclkSJ/EO0W5GXwPuaOQMlsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQArnLk
f1mcfvFMNfLolTPYPCldDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTAyNTNhODUtNzRiMi00YTc0LWFiMTgtMTVhOThmMzQ5NmIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4n8nUVxVB8THMdKUMaiKI21LZAXjZMHiwYBpu
kwAV10rFdabAcyO/1wHZnwfPE9LVgEFizpBYFklO6MciJbYe7z7vndhPyRcmBuJF
7hiz26dT5D2iQPVb9m4R+LMW65R1PI5GrHyl4zCkvEnSDIrXdafL1MCacx7O3Vpi
CwRt5j5+iseuxBlwdghXySCwlS5kZIJZoZdw+GpvfU3UQyUi1DOqZulgnPN4aYcV
LrkPiWhiDRb+UMspXHW7f/9gzYMuirANFISUGaajxswATL9Chyn3eAmGNmZne8L4
gWkZ8il92ykMVfVVy6OZ6k2ANLI/PhRtcMrrXcZu/W9tLFKa
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:57:04 2026 by rpki-client