Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
File: 5387f3e7-ef20-46b2-8929-bf638dce97e1.roa (raw, json)
Hash identifier: anwa5/LHS9V51gnnQ7fuJqE0zFLetvDS/ay9ND+JF/k=
Subject key identifier: 89:5E:23:B9:A5:E7:85:40:26:26:59:59:37:D7:F2:56:C0:90:1B:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67C5D17ACA4A3F6C7D18D1FB25E06633563D4C20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
Signing time: Sat 28 Feb 2026 05:41:22 +0000
ROA not before: Sat 28 Feb 2026 05:41:22 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:c5:d1:7a:ca:4a:3f:6c:7d:18:d1:fb:25:e0:66:33:56:3d:4c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:22 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c4bf8267edb393fefe604b674480ed509a11968937f3567a2ca925861e960a2f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5d:dd:6e:bf:e8:6c:ac:e8:e1:2c:22:36:49:
6b:30:07:d6:c0:5b:5d:ce:db:2e:52:20:d7:b9:70:
a8:82:b3:59:c5:59:78:99:58:62:da:dc:98:bf:b9:
a5:73:82:d8:42:11:17:64:36:d4:8e:25:ed:b0:94:
5a:48:6b:c4:47:b1:fe:a1:d5:92:9c:1a:59:30:20:
11:be:4d:c8:cc:dc:48:f5:f1:70:c0:c4:05:9b:a5:
48:6b:9e:e0:1c:48:9e:5c:d4:d4:f4:9e:76:b6:f3:
d3:48:fb:cd:9c:97:62:bb:f3:ca:15:e4:79:42:90:
99:8f:6c:9e:6c:b3:71:0d:ad:75:06:7c:00:98:84:
2a:2c:42:62:7d:a4:c0:8c:c7:80:80:c6:13:f5:ef:
ab:48:ab:be:97:30:7e:e7:f6:0f:99:b9:6c:1c:6e:
3a:5e:83:d9:24:8b:8f:86:06:b0:14:ca:a7:d3:c4:
33:f6:8f:d0:a5:36:3b:2d:6e:a8:9f:78:35:13:d9:
20:23:dd:5a:f8:35:e7:7d:54:b5:08:76:78:b7:4d:
13:71:cb:86:c7:81:7e:61:8b:63:ec:4c:27:72:17:
8e:0d:e6:e6:ae:20:5e:68:66:e6:12:5d:04:50:98:
0c:6e:44:7a:33:65:f1:99:6c:0c:fa:16:f6:e3:f5:
04:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5E:23:B9:A5:E7:85:40:26:26:59:59:37:D7:F2:56:C0:90:1B:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:5d:48:ce:68:28:8b:bd:2f:f0:5e:6c:e5:25:d7:02:5d:33:
f6:f3:e0:dc:4c:1b:4d:87:86:f7:82:8b:56:63:ee:b6:b7:5f:
7d:b2:bf:07:36:89:85:a0:4c:39:05:61:8f:52:23:a3:7f:be:
5f:66:33:d7:9b:d3:87:45:64:31:9d:d5:41:54:07:cd:1d:11:
5c:eb:58:62:d5:cc:ef:89:5f:2a:8c:78:ce:b9:c8:64:e7:a9:
42:56:5b:f6:4b:65:71:e8:99:e5:1c:f6:21:fe:9c:1c:98:df:
8b:fb:24:c2:bf:18:72:cb:53:1c:65:55:e1:0f:d7:a5:f6:b1:
e7:c4:34:1d:9b:e9:58:94:bc:fb:41:91:97:cb:a7:8d:f6:75:
5f:9d:c9:cf:d9:a6:55:f5:a5:67:c0:9b:18:bb:81:9b:96:78:
ee:8a:0b:ba:51:ca:a2:5c:14:88:29:02:bd:aa:69:77:77:e6:
6e:47:a4:3f:d8:37:6c:91:d1:15:87:c3:4a:82:dc:c4:a5:90:
1f:81:62:de:47:ea:28:8d:a1:fa:4e:b9:1f:02:f2:58:5f:a8:
59:95:dd:03:a4:d9:d2:39:94:d5:dc:b0:85:43:db:60:12:a8:
cf:2f:38:50:19:67:e6:33:70:38:9f:99:8f:bd:a7:73:d7:38:
43:81:c1:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ8XRespKP2x9GNH7JeBmM1Y9TCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0YmY4MjY3ZWRiMzkzZmVmZTYwNGI2NzQ0ODBlZDUwOWExMTk2ODkzN2Yz
NTY3YTJjYTkyNTg2MWU5NjBhMmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1d3W6/6Gys6OEsIjZJazAH1sBbXc7bLlIg17lwqIKzWcVZeJlYYtrcmL+5
pXOC2EIRF2Q21I4l7bCUWkhrxEex/qHVkpwaWTAgEb5NyMzcSPXxcMDEBZulSGue
4BxInlzU1PSedrbz00j7zZyXYrvzyhXkeUKQmY9snmyzcQ2tdQZ8AJiEKixCYn2k
wIzHgIDGE/Xvq0irvpcwfuf2D5m5bBxuOl6D2SSLj4YGsBTKp9PEM/aP0KU2Oy1u
qJ94NRPZICPdWvg1531UtQh2eLdNE3HLhseBfmGLY+xMJ3IXjg3m5q4gXmhm5hJd
BFCYDG5EejNl8ZlsDPoW9uP1BF0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJXiO5
peeFQCYmWVk31/JWwJAbXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4N2YzZTctZWYyMC00NmIyLTg5MjktYmY2MzhkY2U5N2UxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAtXUjOaCiLvS/wXmzlJdcCXTP28+DcTBtNh4b3
gotWY+62t199sr8HNomFoEw5BWGPUiOjf75fZjPXm9OHRWQxndVBVAfNHRFc61hi
1czviV8qjHjOuchk56lCVlv2S2Vx6JnlHPYh/pwcmN+L+yTCvxhyy1McZVXhD9el
9rHnxDQdm+lYlLz7QZGXy6eN9nVfncnP2aZV9aVnwJsYu4Gblnjuigu6UcqiXBSI
KQK9qml3d+ZuR6Q/2DdskdEVh8NKgtzEpZAfgWLeR+oojaH6TrkfAvJYX6hZld0D
pNnSOZTV3LCFQ9tgEqjPLzhQGWfmM3A4n5mPvadz1zhDgcEG
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:55:46 2026 by rpki-client