Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53f71feb-77ff-438f-8d1f-e553194144d2.roa
File: 53f71feb-77ff-438f-8d1f-e553194144d2.roa (raw, json)
Hash identifier: viBw/EU+uGcxBb0x08GtqzFhcbp4O0GO7NV+aZyhmZw=
Subject key identifier: F8:7B:AF:72:BE:48:31:F7:BF:DD:C1:21:91:23:16:3A:CF:F3:CA:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48AEE3D6298AC437EB213A2BAE7FFBE66E388901
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53f71feb-77ff-438f-8d1f-e553194144d2.roa
Signing time: Fri 13 Feb 2026 15:30:11 +0000
ROA not before: Fri 13 Feb 2026 15:30:11 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:ae:e3:d6:29:8a:c4:37:eb:21:3a:2b:ae:7f:fb:e6:6e:38:89:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:30:11 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=88f08ec7e98388e11f2b2b037f40e3646777d5113c8efd9550196be1deb920ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7a:3d:30:b9:22:f4:ec:ed:87:c9:68:c3:a9:
00:be:21:a6:4f:bf:e7:aa:13:a6:12:b0:4a:97:16:
26:07:2d:0f:b9:1e:9e:5a:b1:27:f2:87:1a:03:b6:
6a:cd:e2:8d:b7:a8:ca:bb:69:40:18:94:2e:ac:c5:
d2:aa:08:71:fa:c4:2b:92:bf:25:58:23:b2:16:e8:
5c:e3:83:2c:b7:5c:68:dd:c3:a0:86:46:94:7a:0e:
f4:b2:cc:9a:ea:b7:b0:95:51:b8:b4:28:62:5f:83:
d9:87:ca:f4:f0:a1:b2:a6:bb:72:08:25:2b:e4:d2:
ce:16:89:40:ae:d1:81:ee:1d:1b:02:7b:32:85:c1:
cd:97:76:19:16:14:9f:df:65:bf:f2:c7:85:e8:40:
e2:db:b1:03:60:35:5c:fc:5d:af:66:65:70:73:75:
4a:0e:14:d0:a7:fa:d2:7e:74:e9:69:fc:cf:a8:90:
d0:6b:5d:6e:e3:ea:90:db:d2:6d:2f:59:ec:20:e3:
42:41:59:4c:fb:55:bc:95:1e:13:02:40:ae:4a:3d:
27:0c:c1:aa:64:aa:ba:5d:a6:c6:b6:8a:cb:c6:57:
b7:ad:ad:b7:e0:49:08:1c:8f:2d:68:5a:1d:14:80:
79:63:3b:e7:36:9f:87:7f:14:82:54:b6:d9:f3:22:
09:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7B:AF:72:BE:48:31:F7:BF:DD:C1:21:91:23:16:3A:CF:F3:CA:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53f71feb-77ff-438f-8d1f-e553194144d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4020::/48
Signature Algorithm: sha256WithRSAEncryption
43:99:89:fb:5e:12:d1:d2:a8:f7:74:49:41:e5:11:7c:f4:0d:
1b:f7:f0:9a:ed:f1:dc:3a:8e:78:da:72:09:d6:38:57:f9:2c:
b0:42:81:56:40:aa:58:15:6e:fb:9d:2c:c6:ab:64:5e:02:44:
7a:05:0d:f0:93:46:85:cb:8d:24:f5:76:f8:37:c7:aa:e4:12:
08:7b:e8:cf:64:0b:11:11:c8:58:1a:9b:94:d1:ff:f5:ef:6b:
12:f2:c8:45:1f:8f:04:2a:8c:c5:e4:17:70:99:68:8a:8a:0d:
1f:09:10:f9:94:db:c2:41:87:a4:e4:6d:67:c1:ba:b7:6e:63:
a3:5a:cc:a5:f2:da:e6:d7:02:ca:6d:6d:53:5e:ff:ee:f3:44:
7f:8c:0a:3d:0c:6b:cd:a1:9b:47:ca:08:af:81:d8:96:bc:ad:
e7:e7:02:73:9c:3f:8e:f4:c4:dd:02:bf:ae:49:f8:a4:8e:14:
53:54:21:86:8b:dd:7b:98:ac:a6:22:e9:c8:66:f4:c9:0a:c7:
94:27:6a:97:a4:90:40:20:12:8b:74:ee:55:93:9a:e6:0e:6e:
2c:8b:a8:ec:a5:95:fa:74:8e:d4:ea:7d:12:41:aa:6a:e2:be:
7a:26:a9:c1:33:3d:13:5c:11:63:80:f7:1f:f7:52:27:68:fd:
6f:44:08:15
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSK7j1imKxDfrITorrn/75m44iQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTMwMTFaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ZjA4ZWM3ZTk4Mzg4ZTExZjJiMmIwMzdmNDBlMzY0Njc3N2Q1MTEzYzhl
ZmQ5NTUwMTk2YmUxZGViOTIwYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANt6PTC5IvTs7YfJaMOpAL4hpk+/56oTphKwSpcWJgctD7kenlqxJ/KHGgO2
as3ijbeoyrtpQBiULqzF0qoIcfrEK5K/JVgjshboXOODLLdcaN3DoIZGlHoO9LLM
muq3sJVRuLQoYl+D2YfK9PChsqa7cgglK+TSzhaJQK7Rge4dGwJ7MoXBzZd2GRYU
n99lv/LHhehA4tuxA2A1XPxdr2ZlcHN1Sg4U0Kf60n506Wn8z6iQ0GtdbuPqkNvS
bS9Z7CDjQkFZTPtVvJUeEwJArko9JwzBqmSqul2mxraKy8ZXt62tt+BJCByPLWha
HRSAeWM75zafh38UglS22fMiCR8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT4e69y
vkgx97/dwSGRIxY6z/PKdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTNmNzFmZWItNzdmZi00MzhmLThkMWYtZTU1MzE5NDE0NGQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
IDANBgkqhkiG9w0BAQsFAAOCAQEAQ5mJ+14S0dKo93RJQeURfPQNG/fwmu3x3DqO
eNpyCdY4V/kssEKBVkCqWBVu+50sxqtkXgJEegUN8JNGhcuNJPV2+DfHquQSCHvo
z2QLERHIWBqblNH/9e9rEvLIRR+PBCqMxeQXcJloiooNHwkQ+ZTbwkGHpORtZ8G6
t25jo1rMpfLa5tcCym1tU17/7vNEf4wKPQxrzaGbR8oIr4HYlryt5+cCc5w/jvTE
3QK/rkn4pI4UU1Qhhovde5ispiLpyGb0yQrHlCdql6SQQCASi3TuVZOa5g5uLIuo
7KWV+nSO1Op9EkGqauK+eiapwTM9E1wRY4D3H/dSJ2j9b0QIFQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:38:20 2026 by rpki-client