Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
File: 52b24640-f60c-42e4-9476-345e951e2387.roa (raw, json)
Hash identifier: gZiUwM/QTsyScMo3OJVx0ybP7/kOjYmSrUCQo4yVMIw=
Subject key identifier: EC:E6:A3:4A:20:2A:A1:0E:7F:03:44:E8:96:C1:0F:8D:BE:B1:3E:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FEA4633EDB8434C47C57C0356CB4397A827FB56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
Signing time: Sat 28 Feb 2026 05:40:54 +0000
ROA not before: Sat 28 Feb 2026 05:40:54 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:ea:46:33:ed:b8:43:4c:47:c5:7c:03:56:cb:43:97:a8:27:fb:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:54 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f4abe97d4a551ed8c5a01b649d28e9931dc2a6ff13d15d2d23da398c3dbbb677, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:31:78:4e:04:89:ff:64:32:fb:6d:43:9e:ff:
aa:32:1d:61:74:53:67:2e:94:25:30:e5:f5:30:30:
42:82:62:ae:93:42:b3:bf:e2:ba:9a:47:6a:41:5b:
c0:80:5e:49:38:ed:bd:ab:f4:44:e3:f7:f0:91:9c:
1d:4f:91:2c:39:5c:ad:94:3e:0a:92:5a:9b:98:4d:
bd:5b:cd:93:3b:98:75:ff:18:98:80:5b:a1:c6:ad:
19:f0:c8:59:a8:eb:3d:5e:c7:55:10:ae:6a:66:42:
df:e6:8d:0b:d6:a1:4b:bb:66:f0:40:70:1b:b8:20:
9d:1e:c2:a5:82:ac:70:2a:bb:ee:c7:92:5c:12:b3:
d7:95:0d:4a:97:d6:02:c4:a7:00:49:1c:d5:4e:c9:
62:cd:41:28:af:a1:59:cf:d4:e0:72:fa:cf:44:32:
f2:e8:fc:02:88:5a:41:06:a9:b5:63:c8:35:b6:05:
91:31:1f:db:ff:5b:2c:01:2c:6b:93:67:bc:de:45:
cd:85:05:9f:75:79:11:5d:a5:0d:4c:0a:55:da:88:
32:e9:29:f1:7d:b4:96:f2:9b:df:23:2d:d5:57:e5:
78:6d:4d:09:09:87:85:88:bc:15:f0:9c:f0:94:a0:
5d:c0:63:06:ce:c3:fe:d0:41:f9:7b:1f:49:44:be:
f3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E6:A3:4A:20:2A:A1:0E:7F:03:44:E8:96:C1:0F:8D:BE:B1:3E:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5040::/48
Signature Algorithm: sha256WithRSAEncryption
75:24:43:07:2a:c9:80:49:43:ea:1f:b0:f9:4e:c5:6c:2e:ed:
cb:ca:c1:2e:33:df:5d:53:1b:ef:a4:f0:d4:6d:04:bb:fd:9b:
b9:bc:9b:65:04:79:c5:7d:74:14:1d:4a:bd:47:66:5e:8f:97:
e3:bb:12:41:86:35:78:74:9a:0c:79:02:c4:e0:26:a9:8e:62:
95:8d:2d:dc:71:8f:75:90:ec:d7:33:be:b4:94:a7:ac:74:7a:
20:ca:95:0f:55:a7:6e:ff:e4:fe:8d:2c:61:8a:f6:e1:c6:90:
62:84:4b:dc:34:bf:b7:35:ed:b0:a2:a4:87:af:a8:2f:4f:8c:
54:02:bd:8e:7f:cb:4d:e7:ad:70:48:63:fc:3c:9a:cb:ee:33:
99:13:79:1a:76:3d:55:e7:96:ef:d8:24:04:9a:0d:a7:76:db:
1b:02:cc:78:4f:0f:a8:1c:81:e2:18:a7:8f:64:00:d5:46:c4:
a9:82:5b:17:36:84:94:5a:f4:6e:b5:d6:70:08:b4:0f:a7:5d:
23:2e:87:d4:1c:2f:67:36:17:48:7b:82:02:4a:47:26:5c:b8:
df:2c:84:86:09:9e:70:35:af:32:f4:76:0c:27:1d:8e:cd:de:
f7:4a:77:6f:b7:6e:2a:75:e2:51:92:eb:80:bd:2d:41:04:0c:
9c:4a:47:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP+pGM+24Q0xHxXwDVstDl6gn+1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwNTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YWJlOTdkNGE1NTFlZDhjNWEwMWI2NDlkMjhlOTkzMWRjMmE2ZmYxM2Qx
NWQyZDIzZGEzOThjM2RiYmI2NzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgxeE4Eif9kMvttQ57/qjIdYXRTZy6UJTDl9TAwQoJirpNCs7/iuppHakFb
wIBeSTjtvav0ROP38JGcHU+RLDlcrZQ+CpJam5hNvVvNkzuYdf8YmIBbocatGfDI
WajrPV7HVRCuamZC3+aNC9ahS7tm8EBwG7ggnR7CpYKscCq77seSXBKz15UNSpfW
AsSnAEkc1U7JYs1BKK+hWc/U4HL6z0Qy8uj8AohaQQaptWPINbYFkTEf2/9bLAEs
a5NnvN5FzYUFn3V5EV2lDUwKVdqIMukp8X20lvKb3yMt1VfleG1NCQmHhYi8FfCc
8JSgXcBjBs7D/tBB+XsfSUS+8yECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTs5qNK
ICqhDn8DROiWwQ+NvrE+OTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTJiMjQ2NDAtZjYwYy00MmU0LTk0NzYtMzQ1ZTk1MWUyMzg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAdSRDByrJgElD6h+w+U7FbC7ty8rBLjPfXVMb
76Tw1G0Eu/2bubybZQR5xX10FB1KvUdmXo+X47sSQYY1eHSaDHkCxOAmqY5ilY0t
3HGPdZDs1zO+tJSnrHR6IMqVD1Wnbv/k/o0sYYr24caQYoRL3DS/tzXtsKKkh6+o
L0+MVAK9jn/LTeetcEhj/Dyay+4zmRN5GnY9VeeW79gkBJoNp3bbGwLMeE8PqByB
4hinj2QA1UbEqYJbFzaElFr0brXWcAi0D6ddIy6H1BwvZzYXSHuCAkpHJly43yyE
hgmecDWvMvR2DCcdjs3e90p3b7duKnXiUZLrgL0tQQQMnEpHjw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:40:35 2026 by rpki-client