Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
File: 50b60672-d484-48a0-9016-474bafea8912.roa (raw, json)
Hash identifier: KuBXNpeV/UGLh+q9jBnnjiXY/kPI8/fblcIROgPsj48=
Subject key identifier: 8C:EB:AB:B9:15:63:59:B6:09:FE:C3:09:9E:E8:59:5D:E5:EC:5E:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C72CBDA2FFA918C10FB42884EA77937B8A7371C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
Signing time: Sat 28 Feb 2026 05:40:09 +0000
ROA not before: Sat 28 Feb 2026 05:40:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:72:cb:da:2f:fa:91:8c:10:fb:42:88:4e:a7:79:37:b8:a7:37:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=793e65181a9781abba73646aee7c611fd3c39036ead1e6926ce106158a2bea4d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:89:af:21:dd:ea:34:74:b1:35:48:80:3d:8b:
cb:b5:7e:b5:5e:89:f1:a2:2d:b5:35:c4:db:60:d7:
92:5c:2b:29:60:87:fb:34:c9:b0:57:a5:3f:20:65:
34:89:57:90:75:51:88:69:92:ef:67:28:5c:58:a9:
b0:9b:5b:51:3a:7c:6c:0d:bd:b0:d4:1d:dd:fa:1a:
ef:30:f9:48:13:06:5f:09:fd:44:81:32:c3:75:8b:
b4:13:a3:a8:3f:03:23:be:3e:e0:0f:bb:5a:d3:2b:
78:0b:f4:4a:bc:ce:8b:df:9f:c0:a5:0e:e5:46:5f:
99:e8:9f:47:60:a8:cb:af:0c:3f:76:83:7a:2d:ef:
2c:c5:5d:07:3a:c2:94:4e:31:2a:36:cd:86:96:10:
f6:a0:b2:8a:25:78:76:84:6b:0f:da:81:b1:5b:5c:
fb:23:b7:76:89:96:ee:c2:58:8d:b8:3d:f4:2c:01:
6b:d7:36:21:5c:9b:72:16:0c:38:7b:6f:e2:7e:7d:
b3:b7:c5:dc:8c:6d:e6:e1:82:cc:62:d6:8b:01:d9:
75:03:03:cd:57:4a:6c:06:2a:91:d8:21:91:e0:b2:
f5:f2:1a:5b:80:27:f7:ea:82:94:de:fe:0a:87:a6:
ad:d5:b2:1a:bd:3c:8b:64:a2:43:f0:76:51:c9:6c:
33:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:EB:AB:B9:15:63:59:B6:09:FE:C3:09:9E:E8:59:5D:E5:EC:5E:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
0a:2f:d0:20:d1:8b:e2:a4:52:a7:95:91:28:68:ec:9f:3f:88:
f0:1e:6a:ee:ee:1e:bc:26:26:ef:a1:25:74:9e:b9:ae:d1:78:
4b:76:72:84:7c:d8:d2:0b:d5:5b:cc:26:e0:02:aa:04:bc:14:
5f:31:5a:9a:60:62:8d:3a:a6:e8:2c:1a:8f:53:76:da:5c:dd:
c1:66:cf:17:35:6d:91:72:fa:9b:da:09:14:a1:24:66:e3:51:
35:7f:0b:42:48:dd:3d:19:51:e6:40:6b:5f:81:07:98:37:1f:
48:76:2f:a8:cb:fb:c2:51:cd:83:be:b0:3a:7a:18:95:1a:f4:
db:c1:6b:38:57:f6:08:dd:80:88:c5:2d:2d:c9:a6:a8:cb:93:
d5:2f:a2:89:7e:85:bd:85:b5:64:d7:11:43:3e:c5:ee:f1:95:
f2:44:e4:f3:8c:8d:47:77:68:49:52:b5:c3:2a:05:28:5a:4e:
a6:d2:be:13:e7:20:84:02:a7:ed:ed:0d:c6:da:6f:0a:ca:66:
9c:3f:3d:a1:1d:13:4a:92:ce:74:66:c1:d7:5c:21:63:82:17:
cd:70:64:e0:9b:21:82:84:bf:67:b8:5f:f8:72:f5:67:dc:4f:
db:35:28:8f:ce:26:3d:3d:a5:4e:cd:81:1c:87:81:e7:f6:8d:
e7:97:a8:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTHLL2i/6kYwQ+0KITqd5N7inNxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5M2U2NTE4MWE5NzgxYWJiYTczNjQ2YWVlN2M2MTFmZDNjMzkwMzZlYWQx
ZTY5MjZjZTEwNjE1OGEyYmVhNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOJryHd6jR0sTVIgD2Ly7V+tV6J8aIttTXE22DXklwrKWCH+zTJsFelPyBl
NIlXkHVRiGmS72coXFipsJtbUTp8bA29sNQd3foa7zD5SBMGXwn9RIEyw3WLtBOj
qD8DI74+4A+7WtMreAv0SrzOi9+fwKUO5UZfmeifR2Coy68MP3aDei3vLMVdBzrC
lE4xKjbNhpYQ9qCyiiV4doRrD9qBsVtc+yO3domW7sJYjbg99CwBa9c2IVybchYM
OHtv4n59s7fF3Ixt5uGCzGLWiwHZdQMDzVdKbAYqkdghkeCy9fIaW4An9+qClN7+
CoemrdWyGr08i2SiQ/B2UclsM8sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSM66u5
FWNZtgn+wwme6Fld5exeyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTBiNjA2NzItZDQ4NC00OGEwLTkwMTYtNDc0YmFmZWE4OTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQAKL9Ag0YvipFKnlZEoaOyfP4jwHmru7h68Jibv
oSV0nrmu0XhLdnKEfNjSC9VbzCbgAqoEvBRfMVqaYGKNOqboLBqPU3baXN3BZs8X
NW2Rcvqb2gkUoSRm41E1fwtCSN09GVHmQGtfgQeYNx9Idi+oy/vCUc2DvrA6ehiV
GvTbwWs4V/YI3YCIxS0tyaaoy5PVL6KJfoW9hbVk1xFDPsXu8ZXyROTzjI1Hd2hJ
UrXDKgUoWk6m0r4T5yCEAqft7Q3G2m8KymacPz2hHRNKks50ZsHXXCFjghfNcGTg
myGChL9nuF/4cvVn3E/bNSiPziY9PaVOzYEch4Hn9o3nl6iG
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:10 2026 by rpki-client