Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa
File: 51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa (raw, json)
Hash identifier: X6FtzpRcTkqkUf700XpMVhH61RheLWwdWM5OzR5t768=
Subject key identifier: AC:89:55:B9:DE:ED:42:63:D9:C9:BA:FE:8D:2C:A1:A2:3F:80:30:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BF4DB351B501002B8708CFBEDD1928E3727B290
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa
Signing time: Tue 24 Feb 2026 04:10:41 +0000
ROA not before: Tue 24 Feb 2026 04:10:41 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:f4:db:35:1b:50:10:02:b8:70:8c:fb:ed:d1:92:8e:37:27:b2:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 04:10:41 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=c6ee84d8f56fe2a87fa7eac24acf354be381d33654ae34e7737efe57275ab437, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:37:04:f6:5a:36:30:6d:f3:78:c5:eb:57:af:
0f:e9:c2:65:1e:74:8a:e0:21:55:fc:93:ec:c2:df:
4c:35:4a:8b:e5:60:ad:9b:29:25:c5:aa:b7:b4:0f:
0e:ed:cb:41:6a:b1:70:8a:56:13:35:e6:35:23:74:
a3:80:26:c8:69:f4:70:0f:a8:a4:a8:28:6e:1f:0b:
12:8d:85:81:6f:e6:00:11:3c:cc:65:cc:66:66:64:
72:e4:56:6f:2e:30:8c:bc:be:c3:e0:8f:10:30:fa:
50:32:db:1a:44:4c:7b:08:b0:56:79:cb:13:c0:54:
58:22:ba:41:5d:5a:7c:43:dc:96:03:7a:6a:61:5c:
d8:b6:8f:72:84:77:ec:11:1d:7b:07:6d:24:9d:8d:
76:7f:7f:a9:a4:af:47:1b:79:a6:6e:23:7a:4c:a7:
71:1f:e6:72:d4:e9:84:79:ae:97:f0:d9:db:0f:ef:
dc:92:b7:5f:5e:22:34:9c:30:20:55:e8:f6:40:0f:
d0:b0:81:c4:5b:a7:ca:7a:d3:6a:ce:a5:a5:0b:17:
bd:37:9d:08:61:5c:29:b7:d6:4c:79:28:6c:93:d4:
c0:80:ce:6b:9d:81:c5:2f:c1:d8:5c:3f:96:c2:5a:
2f:92:11:ec:ef:0a:8c:78:0a:b0:57:e5:93:a2:a1:
2e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:89:55:B9:DE:ED:42:63:D9:C9:BA:FE:8D:2C:A1:A2:3F:80:30:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:84:2c:4a:83:3c:bc:c4:91:a7:22:b1:40:e7:28:03:27:a3:
e4:21:3e:59:4c:98:35:25:cc:be:6a:37:9c:1b:da:b9:98:fe:
f9:38:e0:54:d1:73:84:f4:92:95:71:ec:ea:2c:37:e1:1b:c3:
dc:2e:a7:0d:66:65:40:ed:9c:9f:b7:b6:6a:3c:35:4e:90:67:
97:d2:29:16:5a:40:e2:ae:0b:4e:69:cc:43:05:30:aa:50:1d:
f4:6c:82:7f:38:a7:0e:48:20:2f:9e:79:8c:00:10:e1:dc:a9:
69:ed:36:c2:6f:8b:26:e8:00:92:51:e6:a6:ba:aa:e7:23:86:
cb:54:bc:b6:58:dd:e7:8b:c0:61:bb:59:db:4d:c9:78:0a:e3:
f6:74:6c:c0:54:8f:13:2a:58:7f:54:ca:61:7f:da:0c:dd:14:
5f:b6:84:59:12:b9:25:38:b1:63:47:c6:b8:2b:91:9c:aa:db:
29:c7:30:1d:15:f9:15:c3:c5:2d:98:d4:3b:7e:04:76:fc:5d:
cf:9b:e7:4e:0e:91:e8:21:e7:5f:e5:2b:cf:1d:c6:ce:9f:79:
68:9b:4b:8f:be:87:10:a6:a4:ed:c4:b4:6a:18:0c:aa:b5:dc:
94:60:8e:93:36:b5:3d:7e:7f:1e:ca:ae:90:f4:de:24:cc:88:
bb:88:cd:09
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW/TbNRtQEAK4cIz77dGSjjcnspAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwNDEwNDFaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2ZWU4NGQ4ZjU2ZmUyYTg3ZmE3ZWFjMjRhY2YzNTRiZTM4MWQzMzY1NGFl
MzRlNzczN2VmZTU3Mjc1YWI0MzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALY3BPZaNjBt83jF61evD+nCZR50iuAhVfyT7MLfTDVKi+VgrZspJcWqt7QP
Du3LQWqxcIpWEzXmNSN0o4AmyGn0cA+opKgobh8LEo2FgW/mABE8zGXMZmZkcuRW
by4wjLy+w+CPEDD6UDLbGkRMewiwVnnLE8BUWCK6QV1afEPclgN6amFc2LaPcoR3
7BEdewdtJJ2Ndn9/qaSvRxt5pm4jekyncR/mctTphHmul/DZ2w/v3JK3X14iNJww
IFXo9kAP0LCBxFunynrTas6lpQsXvTedCGFcKbfWTHkobJPUwIDOa52BxS/B2Fw/
lsJaL5IR7O8KjHgKsFflk6KhLrkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsiVW5
3u1CY9nJuv6NLKGiP4Aw3zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTFiM2Q0ZWMtMmFkZS00YWFhLWIzY2UtZTFlYjcwMjhmZGI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hsg
MA0GCSqGSIb3DQEBCwUAA4IBAQCehCxKgzy8xJGnIrFA5ygDJ6PkIT5ZTJg1Jcy+
ajecG9q5mP75OOBU0XOE9JKVcezqLDfhG8PcLqcNZmVA7Zyft7ZqPDVOkGeX0ikW
WkDirgtOacxDBTCqUB30bIJ/OKcOSCAvnnmMABDh3Klp7TbCb4sm6ACSUeamuqrn
I4bLVLy2WN3ni8Bhu1nbTcl4CuP2dGzAVI8TKlh/VMphf9oM3RRftoRZErklOLFj
R8a4K5GcqtspxzAdFfkVw8UtmNQ7fgR2/F3Pm+dODpHoIedf5SvPHcbOn3lom0uP
vocQpqTtxLRqGAyqtdyUYI6TNrU9fn8eyq6Q9N4kzIi7iM0J
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:41:28 2026 by rpki-client