Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
File: 52630693-0f5d-4126-ba07-ad0c0c999660.roa (raw, json)
Hash identifier: 1qZIM4O3b6XGTuDaPlMX0mIgrLCwZas7b9lVr7UjJHk=
Subject key identifier: 09:18:97:77:D3:95:3D:C3:29:A9:49:82:70:B5:EF:D4:71:F9:D6:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40807F7874F7EE1BE6AC04DB67D12D751856C547
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
Signing time: Sat 28 Feb 2026 05:51:05 +0000
ROA not before: Sat 28 Feb 2026 05:51:05 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:80:7f:78:74:f7:ee:1b:e6:ac:04:db:67:d1:2d:75:18:56:c5:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:05 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=ce50ca74b0dc3ca9cd675b62ec93650352ed178c42d0356a5ed20a21508bae4c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7f:09:5b:df:2f:1b:b9:1b:09:71:10:6b:3a:
0c:f8:1a:7e:a0:65:d7:f7:02:fd:bc:ba:f6:90:2e:
69:64:75:08:cc:4c:54:f5:e3:fa:7f:c3:22:97:70:
f9:d8:69:00:76:2f:4a:df:d3:c9:81:ad:b0:9e:68:
ff:0e:39:a6:19:5b:ac:1c:84:77:f5:61:9d:66:30:
81:3c:7a:54:93:c0:04:1b:a0:48:56:92:57:44:4e:
7f:90:e2:82:d3:9a:52:b6:56:14:60:f1:93:3b:9b:
f2:cf:bc:0d:bf:7c:67:c8:cb:d4:b2:df:b6:de:75:
d5:7e:c0:78:22:c5:78:ce:b3:77:aa:4e:8d:f8:c8:
20:65:87:31:e0:13:a0:9e:01:09:d2:af:20:6b:af:
c2:3e:ed:ef:a6:e0:8c:85:84:1d:e5:1b:94:01:92:
b1:e9:60:89:13:0a:94:15:ce:5b:f0:af:41:1c:bf:
af:48:b3:97:9e:31:ec:fe:9b:55:3d:b9:c6:fb:f8:
e7:59:e9:0a:76:cf:fc:6f:01:cf:d3:b2:62:cc:79:
13:b3:95:14:76:e3:bb:50:1d:2f:d1:d2:f7:28:25:
42:9f:9b:f8:f1:07:00:e4:56:ac:d2:9f:5e:07:75:
7e:bf:1d:7e:1c:98:71:c2:a7:ac:dc:d5:e1:ab:4c:
87:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:18:97:77:D3:95:3D:C3:29:A9:49:82:70:B5:EF:D4:71:F9:D6:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:28:b3:83:31:31:4f:af:0b:ed:f9:c7:0e:ac:df:36:ab:8e:
1a:59:2e:4b:06:a2:23:88:b9:87:84:84:02:79:8d:72:ea:da:
39:fe:b1:30:77:60:b2:65:bf:90:38:a1:e4:53:b1:1c:aa:f7:
e7:9c:28:59:b8:8a:33:59:62:1d:43:94:5d:0b:ac:39:d8:1e:
c6:5a:b1:84:f6:c0:7e:dc:cc:c5:25:5c:c6:e5:e7:05:52:72:
1a:50:ae:99:4e:d1:db:25:dc:e2:d6:6e:fe:87:a2:67:00:31:
2b:17:46:6b:7b:6f:42:6a:a7:59:eb:db:0e:83:e4:8d:51:db:
b2:ce:ce:83:a2:cf:2a:38:33:39:ad:60:98:35:14:f7:82:77:
9c:9b:0f:1c:2b:df:5a:17:8a:88:35:43:3a:46:df:43:aa:6c:
fa:b4:02:dc:a9:55:59:a1:52:4a:ef:b7:7e:fb:75:dd:12:a8:
30:82:0b:f3:ea:a6:5a:81:75:bd:42:cf:2b:52:ff:79:30:a5:
ba:be:90:d7:57:d7:e6:da:58:2f:dd:1b:82:69:c4:f4:3f:67:
8d:39:dc:1c:bb:2c:7a:29:ab:36:5f:da:87:ca:f0:d5:9d:4f:
41:c8:0e:c8:d0:d0:80:61:9c:22:01:68:ab:9c:7a:92:a0:6c:
d8:f8:c2:08
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQIB/eHT37hvmrATbZ9EtdRhWxUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlNTBjYTc0YjBkYzNjYTljZDY3NWI2MmVjOTM2NTAzNTJlZDE3OGM0MmQw
MzU2YTVlZDIwYTIxNTA4YmFlNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALN/CVvfLxu5GwlxEGs6DPgafqBl1/cC/by69pAuaWR1CMxMVPXj+n/DIpdw
+dhpAHYvSt/TyYGtsJ5o/w45phlbrByEd/VhnWYwgTx6VJPABBugSFaSV0ROf5Di
gtOaUrZWFGDxkzub8s+8Db98Z8jL1LLftt511X7AeCLFeM6zd6pOjfjIIGWHMeAT
oJ4BCdKvIGuvwj7t76bgjIWEHeUblAGSselgiRMKlBXOW/CvQRy/r0izl54x7P6b
VT25xvv451npCnbP/G8Bz9OyYsx5E7OVFHbju1AdL9HS9yglQp+b+PEHAORWrNKf
Xgd1fr8dfhyYccKnrNzV4atMh+sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQJGJd3
05U9wympSYJwte/UcfnWwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI2MzA2OTMtMGY1ZC00MTI2LWJhMDctYWQwYzBjOTk5NjYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHg
MA0GCSqGSIb3DQEBCwUAA4IBAQCwKLODMTFPrwvt+ccOrN82q44aWS5LBqIjiLmH
hIQCeY1y6to5/rEwd2CyZb+QOKHkU7EcqvfnnChZuIozWWIdQ5RdC6w52B7GWrGE
9sB+3MzFJVzG5ecFUnIaUK6ZTtHbJdzi1m7+h6JnADErF0Zre29CaqdZ69sOg+SN
Uduyzs6Dos8qODM5rWCYNRT3gnecmw8cK99aF4qINUM6Rt9Dqmz6tALcqVVZoVJK
77d++3XdEqgwggvz6qZagXW9Qs8rUv95MKW6vpDXV9fm2lgv3RuCacT0P2eNOdwc
uyx6Kas2X9qHyvDVnU9ByA7I0NCAYZwiAWirnHqSoGzY+MII
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:47:38 2026 by rpki-client