Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
File: 515f7e85-9223-47e5-be2b-42ec6a12a88b.roa (raw, json)
Hash identifier: tp1BSPT6tNmJiMVn0qrDW9ZO8r19qaR6VxDyPpwxD90=
Subject key identifier: 0A:B1:EA:7B:18:9C:C8:FC:6F:DC:43:10:2C:A0:54:07:02:08:E8:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B17464A675DCA773C836774B92EA032FC9D5A20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
Signing time: Sat 28 Feb 2026 05:50:11 +0000
ROA not before: Sat 28 Feb 2026 05:50:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:17:46:4a:67:5d:ca:77:3c:83:67:74:b9:2e:a0:32:fc:9d:5a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b4455dca97576b5c719ba59d4c4b94d822d168730cbabc7928292fd54fa2447c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:70:99:06:ed:b4:00:54:a5:cf:88:06:fa:
0e:a8:30:3c:4b:13:21:63:88:60:6d:cf:7f:80:a2:
a6:97:5f:4f:9d:44:40:ee:7c:17:b9:e5:ca:4b:31:
55:32:9f:77:36:56:27:0b:ca:3b:a6:0f:81:ae:ef:
ec:30:e3:51:4b:1f:d8:22:2f:db:64:6c:a7:04:5d:
75:5b:f4:cc:fc:8e:23:b6:0c:ac:66:03:3d:58:6b:
8f:2e:04:67:b0:9c:48:76:cf:76:e1:bf:83:83:5c:
78:aa:1f:6f:fa:6d:dc:0a:20:65:29:c8:af:6f:ba:
57:c6:d0:b6:e8:d7:6d:1c:fc:fd:2f:7a:59:b3:91:
b3:8c:61:ca:b3:ad:b7:5f:4d:4a:aa:13:7d:73:79:
3d:8c:f8:63:41:13:b4:15:c3:5c:3a:bf:ec:00:be:
ce:f1:75:8f:b9:d4:76:21:0a:d8:c1:98:a3:67:7a:
5f:a3:5e:44:70:34:ab:1d:17:26:02:cc:50:05:e6:
5f:aa:11:4e:a7:a7:74:a9:e0:93:7a:79:00:f1:46:
7e:fa:71:8b:11:9a:d4:04:7f:ba:40:45:94:85:ca:
0d:be:64:c2:9a:52:fc:23:13:f7:49:e4:b3:1c:6a:
cc:85:97:50:22:11:08:40:51:de:c7:61:28:8a:b9:
1b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B1:EA:7B:18:9C:C8:FC:6F:DC:43:10:2C:A0:54:07:02:08:E8:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:9000::/40
Signature Algorithm: sha256WithRSAEncryption
56:3b:7f:90:63:35:c8:d9:b9:4e:62:4d:e8:9f:7b:6b:c3:5a:
5e:01:4d:f2:5d:99:bd:e5:cc:a0:52:f5:3d:88:c9:c8:8f:46:
d0:f0:38:c2:2b:bd:06:63:57:c1:20:43:7c:d9:bd:e5:8e:9d:
b5:52:e2:18:b8:0c:ff:d0:c3:4e:7c:08:d8:ac:00:07:6f:35:
b3:4d:a3:d8:e5:d7:ab:0c:d6:e1:ca:ea:52:65:44:57:4d:0f:
c1:1e:46:4e:f8:4a:3b:e5:5c:60:9c:7b:0d:4e:72:ce:cc:e5:
27:95:70:c0:71:60:4a:a3:ad:0d:0d:2a:73:ec:78:8a:8a:08:
54:af:d0:34:84:8f:be:1f:dd:d1:0e:b9:a3:2c:ae:7f:cb:4b:
9b:94:f2:cc:40:fc:a0:ae:be:5c:a1:77:f3:ee:59:48:a5:31:
e9:bd:28:42:e8:aa:c4:06:51:03:2d:7f:50:30:62:b1:1c:a0:
18:59:ea:42:02:dd:93:36:c2:e2:1c:da:53:a0:6a:71:03:c5:
32:15:48:e0:dc:02:a7:37:0e:88:5e:9f:46:4e:9a:4b:c5:df:
7c:01:19:ca:22:1b:36:1e:91:28:e0:50:38:d3:69:9f:7f:58:
9f:1e:80:80:95:ab:d8:8b:95:dc:0d:df:14:68:95:76:92:05:
45:cf:28:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKxdGSmddync8g2d0uS6gMvydWiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NDU1ZGNhOTc1NzZiNWM3MTliYTU5ZDRjNGI5NGQ4MjJkMTY4NzMwY2Jh
YmM3OTI4MjkyZmQ1NGZhMjQ0N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7jcJkG7bQAVKXPiAb6DqgwPEsTIWOIYG3Pf4CippdfT51EQO58F7nlyksx
VTKfdzZWJwvKO6YPga7v7DDjUUsf2CIv22RspwRddVv0zPyOI7YMrGYDPVhrjy4E
Z7CcSHbPduG/g4NceKofb/pt3AogZSnIr2+6V8bQtujXbRz8/S96WbORs4xhyrOt
t19NSqoTfXN5PYz4Y0ETtBXDXDq/7AC+zvF1j7nUdiEK2MGYo2d6X6NeRHA0qx0X
JgLMUAXmX6oRTqendKngk3p5APFGfvpxixGa1AR/ukBFlIXKDb5kwppS/CMT90nk
sxxqzIWXUCIRCEBR3sdhKIq5G4sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQKsep7
GJzI/G/cQxAsoFQHAgjoADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTE1ZjdlODUtOTIyMy00N2U1LWJlMmItNDJlYzZhMTJhODhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBWO3+QYzXI2blOYk3on3trw1peAU3yXZm95cyg
UvU9iMnIj0bQ8DjCK70GY1fBIEN82b3ljp21UuIYuAz/0MNOfAjYrAAHbzWzTaPY
5derDNbhyupSZURXTQ/BHkZO+Eo75VxgnHsNTnLOzOUnlXDAcWBKo60NDSpz7HiK
ighUr9A0hI++H93RDrmjLK5/y0ublPLMQPygrr5coXfz7llIpTHpvShC6KrEBlED
LX9QMGKxHKAYWepCAt2TNsLiHNpToGpxA8UyFUjg3AKnNw6IXp9GTppLxd98ARnK
Ihs2HpEo4FA402mff1ifHoCAlavYi5XcDd8UaJV2kgVFzyht
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:45 2026 by rpki-client