Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: V2IbrQl07r5QdXIFWSqCBuKyzsNSX9X8pJdwGb2yfFw=
Subject key identifier: 81:A7:90:90:09:24:FF:47:05:31:24:7E:F4:A3:EB:20:52:BC:4A:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5951DC487D6B8B61A9A321B4307A760486F885E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Sat 28 Feb 2026 05:20:06 +0000
ROA not before: Sat 28 Feb 2026 05:20:06 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:51:dc:48:7d:6b:8b:61:a9:a3:21:b4:30:7a:76:04:86:f8:85:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:06 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=99b4bbc82b6762a9b048bd4bdd47c4636297bc6c98ff7b8b1559c37e237d5965, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:33:03:7a:81:48:13:a7:68:38:d8:a5:26:fd:
4e:83:ec:e4:9c:fd:5c:94:f0:64:78:3a:d5:d8:99:
74:2f:5b:cf:cb:49:26:70:d2:df:fa:03:52:4d:95:
3f:89:96:2d:75:01:1b:3d:a1:f2:10:c2:3b:02:5b:
44:9a:43:13:44:87:b1:e1:8f:14:9f:0f:15:b7:a2:
56:bf:c4:a0:63:e6:8f:e2:ce:f8:aa:7e:53:5c:44:
95:88:73:57:d1:10:ed:6d:59:90:f7:65:eb:a6:d6:
6f:e7:cc:49:a1:44:29:4f:2f:6d:8e:12:65:93:0f:
3c:cb:34:7c:82:dc:ba:0d:90:45:ad:48:b1:f3:db:
55:a6:fb:c9:51:78:bc:14:96:cd:2d:b4:2c:46:c6:
4d:7c:82:38:75:0a:6c:96:32:bc:21:d1:fb:08:ec:
99:f1:af:43:ac:bb:ea:2a:fc:10:18:43:53:4f:92:
55:8a:4d:d5:fc:51:9f:b7:16:47:6a:a8:2c:1a:d8:
ae:f7:37:38:1b:be:43:f7:b5:b0:fe:bd:9c:57:d4:
db:26:74:bb:e1:30:f9:23:28:77:25:3a:29:37:26:
e3:9a:13:2f:76:9b:fc:34:cc:5b:fc:fc:87:80:43:
6a:f0:74:d5:f5:e0:07:21:60:76:50:74:2b:9a:bf:
cf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A7:90:90:09:24:FF:47:05:31:24:7E:F4:A3:EB:20:52:BC:4A:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
33:fb:39:db:c6:c3:17:ae:e9:04:cc:a7:ad:13:06:ba:ca:0b:
3d:c7:b3:69:a1:74:02:90:9a:65:b6:3c:70:e6:af:eb:e2:41:
5d:59:58:7d:3a:91:37:48:20:35:75:b7:4d:c2:4e:5d:e4:43:
ac:63:6e:5e:99:e8:2c:33:fc:b4:ce:24:12:35:e9:90:00:fc:
32:1f:9d:30:76:87:ce:dc:9c:60:ba:0e:0e:f6:77:f4:68:5e:
db:46:fb:ad:e1:b7:79:93:34:34:ce:2c:81:71:f8:04:4d:08:
2f:37:9c:65:43:02:34:69:e1:45:e9:b9:c4:cf:7b:52:95:56:
07:2f:38:5a:32:4c:69:6d:2a:ef:b3:07:78:93:ed:05:ff:3e:
54:37:ed:b7:94:7f:49:d8:a1:d6:59:1e:86:0f:5b:22:9c:f4:
0f:49:0b:6a:dd:5f:75:58:ff:8d:15:34:77:c7:b9:34:2c:ad:
60:37:e5:c0:45:ad:57:ec:1b:98:57:55:c4:03:1b:8a:2a:f5:
09:56:36:66:67:a5:97:ef:43:f0:9f:06:89:fb:b2:3b:ce:85:
c9:fe:2c:a0:c2:14:70:f6:bd:b3:90:e7:36:ea:b6:4f:24:b7:
c8:e3:ce:2f:be:33:b5:86:4a:04:7d:e1:90:17:9a:8a:a7:4a:
84:66:d9:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWVHcSH1ri2GpoyG0MHp2BIb4heYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5YjRiYmM4MmI2NzYyYTliMDQ4YmQ0YmRkNDdjNDYzNjI5N2JjNmM5OGZm
N2I4YjE1NTljMzdlMjM3ZDU5NjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIzA3qBSBOnaDjYpSb9ToPs5Jz9XJTwZHg61diZdC9bz8tJJnDS3/oDUk2V
P4mWLXUBGz2h8hDCOwJbRJpDE0SHseGPFJ8PFbeiVr/EoGPmj+LO+Kp+U1xElYhz
V9EQ7W1ZkPdl66bWb+fMSaFEKU8vbY4SZZMPPMs0fILcug2QRa1IsfPbVab7yVF4
vBSWzS20LEbGTXyCOHUKbJYyvCHR+wjsmfGvQ6y76ir8EBhDU0+SVYpN1fxRn7cW
R2qoLBrYrvc3OBu+Q/e1sP69nFfU2yZ0u+Ew+SModyU6KTcm45oTL3ab/DTMW/z8
h4BDavB01fXgByFgdlB0K5q/zx8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBp5CQ
CST/RwUxJH70o+sgUrxKlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA
MA0GCSqGSIb3DQEBCwUAA4IBAQAz+znbxsMXrukEzKetEwa6ygs9x7NpoXQCkJpl
tjxw5q/r4kFdWVh9OpE3SCA1dbdNwk5d5EOsY25emegsM/y0ziQSNemQAPwyH50w
dofO3Jxgug4O9nf0aF7bRvut4bd5kzQ0ziyBcfgETQgvN5xlQwI0aeFF6bnEz3tS
lVYHLzhaMkxpbSrvswd4k+0F/z5UN+23lH9J2KHWWR6GD1sinPQPSQtq3V91WP+N
FTR3x7k0LK1gN+XARa1X7BuYV1XEAxuKKvUJVjZmZ6WX70PwnwaJ+7I7zoXJ/iyg
whRw9r2zkOc26rZPJLfI484vvjO1hkoEfeGQF5qKp0qEZtkv
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:58:37 2026 by rpki-client