Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json)
Hash identifier: 2ZiKKmPuDX9HwMuaEVZKGRx8CZAYqoAj3ck6MS1K0l8=
Subject key identifier: 67:13:D6:B0:81:46:48:4D:7C:D3:33:60:C0:63:78:05:3F:EF:B2:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79A3C788C57887AFF008FCB3A0D9738175DEE35D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
Signing time: Sat 28 Feb 2026 06:30:10 +0000
ROA not before: Sat 28 Feb 2026 06:30:10 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:a3:c7:88:c5:78:87:af:f0:08:fc:b3:a0:d9:73:81:75:de:e3:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:30:10 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=ef013615571adde13f30eb4073f48fb5fa4c8b7a990d0f98e4731708034ef458, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:72:07:8e:4c:6a:91:cb:ee:f6:e4:36:30:e2:
fe:f6:6a:1e:5f:10:93:eb:b9:96:e7:da:f3:97:66:
40:87:9e:72:fb:11:63:85:22:31:83:36:e0:e8:47:
fe:f2:a6:6a:62:e8:a6:3e:20:b3:a1:5d:01:a9:75:
ad:1f:45:08:69:c3:45:4f:0f:72:9d:20:c8:13:03:
e6:22:73:e3:ed:c0:68:f9:17:70:70:9a:41:d4:94:
8a:b9:b6:1f:3e:55:ed:79:9d:7c:23:38:07:e9:dc:
ae:fa:e8:2d:77:16:b7:3d:36:e2:eb:6b:6b:ed:ab:
77:41:e6:a2:e9:41:58:ce:24:39:64:a2:a8:aa:67:
20:e6:e5:d3:ae:d8:33:41:fe:20:d4:5f:79:94:1e:
ea:3c:80:f1:b1:06:ec:bd:53:bc:52:28:06:84:d6:
0d:24:6f:2a:66:89:25:66:58:ba:1a:ae:69:a3:12:
85:29:3c:62:be:12:0b:06:03:dc:23:c8:87:9c:a5:
28:83:84:a3:78:ed:fa:75:bb:91:4e:03:60:08:4d:
b0:1d:35:55:e9:d9:76:fa:81:17:0c:f5:a0:bf:b5:
73:0a:e5:09:9d:3a:0d:96:ad:ee:10:2b:21:78:71:
5f:e8:f1:06:19:bb:63:ae:64:47:28:91:b4:eb:13:
5a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:13:D6:B0:81:46:48:4D:7C:D3:33:60:C0:63:78:05:3F:EF:B2:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:c000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:89:dd:68:74:0d:f3:a0:07:3b:14:83:a2:2f:e9:29:e3:b5:
aa:58:73:22:79:d9:c2:78:e9:f6:64:e8:3d:1d:91:82:56:6d:
0e:dc:dc:b3:85:a3:a3:7b:c9:fa:6e:b9:e5:47:33:37:d9:94:
a6:54:ab:3d:33:ef:dd:c0:78:fb:e3:2e:eb:90:b5:d7:20:06:
13:ee:90:81:b6:75:ba:23:f8:20:34:32:ad:ad:b4:45:ff:a7:
4d:18:15:99:fa:c7:d2:49:13:fa:ee:bb:06:b1:5a:83:80:0f:
45:aa:4d:b7:6f:90:aa:fa:52:9c:e6:d7:2b:9f:45:11:d1:cb:
95:22:41:fe:2a:37:6b:27:ab:00:57:e7:1d:de:1a:22:1e:91:
96:41:85:e1:f4:0b:69:da:03:ec:5a:cf:ed:54:e5:24:ed:2c:
b5:1f:18:c3:19:4f:8a:ae:06:7b:73:3c:87:88:09:c7:f1:dc:
84:53:73:27:fe:61:30:40:84:f4:f4:1f:6f:95:86:59:c8:21:
a0:fe:15:96:04:3b:37:1a:c1:04:43:1d:30:68:5f:7e:f4:c4:
f2:b5:e0:12:9c:51:fa:f9:7a:13:5c:33:12:19:2a:d4:b6:59:
23:71:cd:9c:18:72:9a:53:ac:c3:32:f6:a8:23:22:78:ec:3f:
fd:5d:97:36
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeaPHiMV4h6/wCPyzoNlzgXXe410wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjMwMTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmMDEzNjE1NTcxYWRkZTEzZjMwZWI0MDczZjQ4ZmI1ZmE0YzhiN2E5OTBk
MGY5OGU0NzMxNzA4MDM0ZWY0NTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOByB45MapHL7vbkNjDi/vZqHl8Qk+u5lufa85dmQIeecvsRY4UiMYM24OhH
/vKmamLopj4gs6FdAal1rR9FCGnDRU8Pcp0gyBMD5iJz4+3AaPkXcHCaQdSUirm2
Hz5V7XmdfCM4B+ncrvroLXcWtz024utra+2rd0HmoulBWM4kOWSiqKpnIObl067Y
M0H+INRfeZQe6jyA8bEG7L1TvFIoBoTWDSRvKmaJJWZYuhquaaMShSk8Yr4SCwYD
3CPIh5ylKIOEo3jt+nW7kU4DYAhNsB01VenZdvqBFwz1oL+1cwrlCZ06DZat7hAr
IXhxX+jxBhm7Y65kRyiRtOsTWuMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRnE9aw
gUZITXzTM2DAY3gFP++yAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA
MA0GCSqGSIb3DQEBCwUAA4IBAQCwid1odA3zoAc7FIOiL+kp47WqWHMiednCeOn2
ZOg9HZGCVm0O3NyzhaOje8n6brnlRzM32ZSmVKs9M+/dwHj74y7rkLXXIAYT7pCB
tnW6I/ggNDKtrbRF/6dNGBWZ+sfSSRP67rsGsVqDgA9Fqk23b5Cq+lKc5tcrn0UR
0cuVIkH+KjdrJ6sAV+cd3hoiHpGWQYXh9Atp2gPsWs/tVOUk7Sy1HxjDGU+KrgZ7
czyHiAnH8dyEU3Mn/mEwQIT09B9vlYZZyCGg/hWWBDs3GsEEQx0waF9+9MTyteAS
nFH6+XoTXDMSGSrUtlkjcc2cGHKaU6zDMvaoIyJ47D/9XZc2
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:51 2026 by rpki-client