Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52cdf958-64cb-496a-aeda-f4f9a07b440e.roa
File: 52cdf958-64cb-496a-aeda-f4f9a07b440e.roa (raw, json)
Hash identifier: 5x64dqR3tDg71HNJpuQuf+FOYXuGyFQnx0sRwgZTFIU=
Subject key identifier: 2D:F4:7E:31:28:7B:03:47:11:C5:57:2D:C3:B6:53:09:4D:7E:A1:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D031F599AE8B712D102B5F0B890733342BB2236
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52cdf958-64cb-496a-aeda-f4f9a07b440e.roa
Signing time: Tue 24 Feb 2026 04:10:38 +0000
ROA not before: Tue 24 Feb 2026 04:10:38 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:03:1f:59:9a:e8:b7:12:d1:02:b5:f0:b8:90:73:33:42:bb:22:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 04:10:38 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=62139f9b20d8aa4cacf518ac2791ca9a7326e58d13ffec8c973e133b5cce0d8d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:2c:0c:d6:37:9c:6b:4e:d5:55:99:0e:fa:
a1:ef:12:96:50:3c:65:ed:8f:81:05:f9:a3:f2:25:
64:34:28:15:7e:e9:7d:73:aa:d4:ed:15:20:db:6f:
aa:17:f4:b3:34:f0:38:02:2c:02:a5:16:15:4a:9b:
eb:59:6a:d5:7c:60:0f:22:3d:2c:3b:5d:f3:6f:17:
63:6d:15:ad:3a:f7:3e:34:f0:e3:bf:b0:dd:e6:ab:
c2:88:5d:6a:a3:7e:37:12:27:b3:03:9a:a3:41:bc:
45:38:0b:f0:e9:77:b2:cf:29:c0:2f:06:ca:be:e7:
67:9b:df:02:86:34:af:d5:45:5c:71:66:06:f5:85:
ac:67:e7:26:3f:db:8a:fd:17:06:a4:3a:f5:bc:90:
f2:6a:9b:d1:d4:bb:b0:7b:bd:54:0e:d6:90:87:9f:
08:15:13:0d:ce:d6:e2:de:35:b7:8a:be:bf:aa:8b:
ae:e0:a6:6c:65:3b:92:b3:bc:b5:a6:20:f7:76:e5:
df:e5:d1:bc:fa:14:20:fe:2a:a6:18:9b:a3:c5:03:
14:5f:0c:84:2e:0a:ef:f4:e2:fe:6c:4a:9b:fe:a8:
6a:68:87:2e:a1:06:10:9f:09:be:43:18:ea:b7:40:
c5:9f:4b:20:2d:85:8a:b1:2f:6a:07:4e:05:a3:8b:
ba:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F4:7E:31:28:7B:03:47:11:C5:57:2D:C3:B6:53:09:4D:7E:A1:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52cdf958-64cb-496a-aeda-f4f9a07b440e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:2000::/40
Signature Algorithm: sha256WithRSAEncryption
98:c4:65:ee:c4:1e:85:90:0b:ab:6e:0b:fe:9d:2f:68:9f:21:
1e:d2:9f:f6:d6:b6:e3:ce:ec:73:c4:75:3b:dc:5c:bf:51:bc:
15:5e:74:6a:62:ca:b9:8d:f2:65:4c:53:a3:c4:06:f4:7b:8b:
89:b6:81:47:a9:16:f0:eb:d1:25:ac:8f:80:86:f0:c8:c9:e7:
f5:28:c5:ab:96:4e:25:ef:1f:3c:d5:97:7e:97:47:09:e3:83:
d9:7d:11:c9:f7:79:6c:d6:4f:ca:fa:88:7c:52:68:0f:e2:5f:
ec:9d:f6:6c:22:a3:fb:7e:86:86:bc:33:62:58:48:c3:0f:dd:
7a:d4:58:d1:ce:d6:31:fe:65:48:88:be:38:cb:11:d1:39:e0:
7d:9b:49:26:0b:be:97:c4:c0:c2:f3:72:9c:c2:6c:23:fb:1b:
9a:cd:28:b5:00:c1:6a:d1:46:89:26:70:93:03:24:72:df:aa:
17:e3:54:4c:1a:c2:3a:fb:f8:dc:5d:69:73:b2:8d:6b:35:c8:
30:e4:e7:c1:8c:f2:88:fc:a6:2f:8f:b0:c2:29:25:64:91:7f:
19:e8:31:7a:9d:4b:8d:04:29:72:89:d3:1f:ed:b4:d6:cd:bc:
61:52:73:70:ab:34:c3:05:3e:6a:ff:3f:25:22:af:ad:69:1e:
ef:f4:86:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPQMfWZrotxLRArXwuJBzM0K7IjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwNDEwMzhaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMTM5ZjliMjBkOGFhNGNhY2Y1MThhYzI3OTFjYTlhNzMyNmU1OGQxM2Zm
ZWM4Yzk3M2UxMzNiNWNjZTBkOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL41LAzWN5xrTtVVmQ76oe8SllA8Ze2PgQX5o/IlZDQoFX7pfXOq1O0VINtv
qhf0szTwOAIsAqUWFUqb61lq1XxgDyI9LDtd828XY20VrTr3PjTw47+w3earwohd
aqN+NxInswOao0G8RTgL8Ol3ss8pwC8Gyr7nZ5vfAoY0r9VFXHFmBvWFrGfnJj/b
iv0XBqQ69byQ8mqb0dS7sHu9VA7WkIefCBUTDc7W4t41t4q+v6qLruCmbGU7krO8
taYg93bl3+XRvPoUIP4qphibo8UDFF8MhC4K7/Ti/mxKm/6oamiHLqEGEJ8JvkMY
6rdAxZ9LIC2FirEvagdOBaOLuh0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQt9H4x
KHsDRxHFVy3DtlMJTX6hcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTJjZGY5NTgtNjRjYi00OTZhLWFlZGEtZjRmOWEwN2I0NDBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUg
MA0GCSqGSIb3DQEBCwUAA4IBAQCYxGXuxB6FkAurbgv+nS9onyEe0p/21rbjzuxz
xHU73Fy/UbwVXnRqYsq5jfJlTFOjxAb0e4uJtoFHqRbw69ElrI+AhvDIyef1KMWr
lk4l7x881Zd+l0cJ44PZfRHJ93ls1k/K+oh8UmgP4l/snfZsIqP7foaGvDNiWEjD
D9161FjRztYx/mVIiL44yxHROeB9m0kmC76XxMDC83Kcwmwj+xuazSi1AMFq0UaJ
JnCTAyRy36oX41RMGsI6+/jcXWlzso1rNcgw5OfBjPKI/KYvj7DCKSVkkX8Z6DF6
nUuNBClyidMf7bTWzbxhUnNwqzTDBT5q/z8lIq+taR7v9IZb
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:02:11 2026 by rpki-client