Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
File: 53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa (raw, json)
Hash identifier: k5bW0E4Z1+6Lt+AYyCdPmYUbaQAvdzRyG+TQM5ksTqg=
Subject key identifier: F6:53:20:65:D2:80:D7:BC:BF:59:65:4E:99:27:73:D1:C7:2A:86:11
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50897EF06022124957098AA4DB2BEE2DF0A35C17
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
Signing time: Fri 20 Feb 2026 01:40:06 +0000
ROA not before: Fri 20 Feb 2026 01:40:06 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:89:7e:f0:60:22:12:49:57:09:8a:a4:db:2b:ee:2d:f0:a3:5c:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:40:06 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=ad854cfc65a4589a3b3948640307e9ca69e62725b0c834e7c44297ac1fda6a92, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c5:07:fb:66:3e:eb:b2:55:73:b0:97:7a:8d:
f1:88:b4:0c:49:f5:a1:78:08:e2:81:95:c3:84:8f:
98:e3:f4:cb:66:27:fb:5f:88:d1:5d:b7:9e:b2:db:
bf:83:e5:0c:51:af:ab:34:ae:c4:f2:4b:cb:29:5e:
9f:00:4f:8f:46:2b:4e:86:6c:f5:43:2c:c5:ca:b8:
6c:12:c3:02:86:ca:4f:bd:70:54:d3:e1:93:b3:46:
67:8b:c9:c4:80:c5:ae:10:fe:c3:2d:a0:21:14:ad:
3c:32:d8:93:61:dc:cb:e2:96:26:4a:aa:fe:09:03:
2e:85:23:5c:80:7e:10:d7:b0:89:39:84:dc:ca:43:
c7:65:5d:60:f9:7f:43:b2:fd:cd:c6:92:df:b4:80:
02:ea:ef:2f:1e:c6:2b:36:c3:94:a0:1d:88:8b:90:
ac:c6:61:2b:2d:55:a9:b7:a5:4b:1d:76:fe:7f:04:
89:25:3a:ef:f8:15:6d:91:fb:f5:e4:13:cb:7b:ef:
65:ba:ce:2b:b4:fc:f0:f2:7f:35:e0:7f:f8:a5:8d:
6d:1e:c4:6c:b1:6c:e4:fe:8f:a8:00:4f:be:98:39:
dc:64:f4:28:cb:76:0f:7c:27:a7:e8:5b:c5:41:f2:
84:b4:33:56:fa:45:2e:b4:8c:aa:74:c7:f0:ba:d1:
24:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:53:20:65:D2:80:D7:BC:BF:59:65:4E:99:27:73:D1:C7:2A:86:11
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:3b:e9:43:ab:f7:9a:d7:3d:d4:10:3a:eb:1a:0b:d3:ea:38:
9d:cd:ae:f3:19:35:5e:2c:ea:a4:a0:db:e0:b8:9e:3f:e4:d4:
78:a2:8f:bb:3f:74:eb:0b:ae:61:c4:f4:e4:cb:77:73:79:ee:
99:e3:a5:21:7a:c2:97:d4:d0:44:7b:a3:a9:7d:f9:68:9d:41:
6d:e2:fa:5b:36:2d:dc:bb:76:39:a9:f8:e9:48:1f:e8:ac:9c:
31:e9:91:14:40:4c:ed:fe:3d:42:c3:d1:02:63:17:81:bf:1b:
bd:28:2b:74:8b:13:9c:75:02:f4:66:2b:6f:5f:b9:83:6d:da:
09:e5:73:2e:a3:71:5d:09:05:72:84:82:9d:94:16:f8:f7:a5:
31:d2:72:50:9a:57:7e:6f:4e:73:02:e7:20:f8:58:06:fa:b3:
de:9e:6c:c0:12:7d:49:02:36:25:26:09:29:20:a0:1c:47:9c:
32:da:68:36:65:97:fd:1d:fe:0c:df:57:58:78:8e:5c:76:e0:
8f:9a:28:03:49:ee:0b:67:3f:ae:a1:c2:f0:8d:e0:3b:6f:76:
6e:9c:29:9d:22:11:64:cf:dc:9b:5b:34:44:b7:11:e0:cf:c2:
2e:3c:8e:8e:51:fd:fa:f8:d5:aa:59:3a:bd:e4:e0:cc:df:09:
3e:05:2e:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUIl+8GAiEklXCYqk2yvuLfCjXBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTQwMDZaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkODU0Y2ZjNjVhNDU4OWEzYjM5NDg2NDAzMDdlOWNhNjllNjI3MjViMGM4
MzRlN2M0NDI5N2FjMWZkYTZhOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLFB/tmPuuyVXOwl3qN8Yi0DEn1oXgI4oGVw4SPmOP0y2Yn+1+I0V23nrLb
v4PlDFGvqzSuxPJLyylenwBPj0YrToZs9UMsxcq4bBLDAobKT71wVNPhk7NGZ4vJ
xIDFrhD+wy2gIRStPDLYk2Hcy+KWJkqq/gkDLoUjXIB+ENewiTmE3MpDx2VdYPl/
Q7L9zcaS37SAAurvLx7GKzbDlKAdiIuQrMZhKy1VqbelSx12/n8EiSU67/gVbZH7
9eQTy3vvZbrOK7T88PJ/NeB/+KWNbR7EbLFs5P6PqABPvpg53GT0KMt2D3wnp+hb
xUHyhLQzVvpFLrSMqnTH8LrRJDMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2UyBl
0oDXvL9ZZU6ZJ3PRxyqGETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTNmZGQzNTQtMGViOC00MDRiLTgyMDMtYjVlODIxMWIyYjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYg
MA0GCSqGSIb3DQEBCwUAA4IBAQAqO+lDq/ea1z3UEDrrGgvT6jidza7zGTVeLOqk
oNvguJ4/5NR4oo+7P3TrC65hxPTky3dzee6Z46UhesKX1NBEe6OpfflonUFt4vpb
Ni3cu3Y5qfjpSB/orJwx6ZEUQEzt/j1Cw9ECYxeBvxu9KCt0ixOcdQL0ZitvX7mD
bdoJ5XMuo3FdCQVyhIKdlBb496Ux0nJQmld+b05zAucg+FgG+rPenmzAEn1JAjYl
JgkpIKAcR5wy2mg2ZZf9Hf4M31dYeI5cduCPmigDSe4LZz+uocLwjeA7b3ZunCmd
IhFkz9ybWzREtxHgz8IuPI6OUf36+NWqWTq95ODM3wk+BS7Z
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:27:40 2026 by rpki-client