Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
File: 541034be-1844-4bf7-9c43-91bf5b83fa3d.roa (raw, json)
Hash identifier: lhg9QKAfpvIAlwi5Y4jsOLueq22iS+FcQbvnqo8BxNs=
Subject key identifier: 57:59:5B:51:1B:3B:36:9F:66:07:46:E2:63:67:BA:E1:0C:7E:F9:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 638D260235D4BE6714F95FFB5B2CD3FAEDEE0314
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
Signing time: Fri 20 Feb 2026 01:50:07 +0000
ROA not before: Fri 20 Feb 2026 01:50:07 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:8d:26:02:35:d4:be:67:14:f9:5f:fb:5b:2c:d3:fa:ed:ee:03:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:07 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=83d94be5cad09c44e286257685144e5c41d7f917c0282304065cb25863f4f7c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:41:34:74:02:de:e8:44:3e:75:af:46:3d:88:
c8:ee:5c:18:f3:66:10:af:2e:18:e2:db:9d:0a:dd:
08:da:ea:98:01:dc:0f:e7:2f:d2:de:45:aa:f7:41:
cc:ec:78:4d:f0:48:4a:fc:22:77:8a:e9:66:a3:5e:
c7:29:2a:d9:dc:48:d9:40:33:5f:dc:53:30:9c:b9:
6c:dc:d0:f8:ae:ef:12:2e:97:a0:ad:30:cf:4d:38:
6e:6f:72:13:f4:d7:38:50:dd:e5:38:7f:63:9a:ac:
d9:1a:01:8a:fd:ac:d2:50:f2:fb:34:e0:85:ed:b7:
e3:27:16:63:e8:4e:24:b8:a4:29:49:7b:78:f3:4d:
5a:96:3e:51:e5:e0:a7:29:01:95:cf:28:51:2e:4c:
74:0c:18:94:b7:cd:36:a8:0e:b2:9f:c9:6e:a8:f6:
10:7d:07:52:1e:35:90:6b:49:1a:61:f4:2e:ad:30:
79:ca:ab:d3:da:40:6f:a1:08:38:e2:81:c8:75:91:
59:91:58:21:10:e0:27:db:0d:74:4f:4f:a5:f8:0a:
3b:99:e4:df:1f:52:52:76:68:a8:79:b6:f9:13:88:
7e:ee:6f:6b:25:69:7f:a9:50:54:d3:0d:04:88:d0:
0b:b2:e4:12:6a:95:43:b5:02:13:ae:32:49:8b:e5:
ce:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:59:5B:51:1B:3B:36:9F:66:07:46:E2:63:67:BA:E1:0C:7E:F9:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/40
Signature Algorithm: sha256WithRSAEncryption
bd:c7:32:3a:c1:c4:39:e6:97:4e:bd:60:54:bd:3a:82:31:15:
74:b6:a6:de:22:ad:31:12:a4:0c:b2:03:45:51:dd:72:61:62:
26:cb:fc:ee:ba:8c:fa:2c:96:2e:95:9e:0f:88:ea:fd:2b:ce:
ef:7b:ce:15:92:ca:c6:9d:44:b8:4e:c0:28:11:c7:8a:0b:3b:
b7:66:0e:a8:5d:8e:2a:dd:9c:6f:7d:ff:fb:c1:ca:6d:6e:23:
e4:ef:13:17:08:f5:ce:df:09:e0:c0:b0:de:01:07:89:60:6f:
e9:de:2e:4c:15:06:51:f0:12:b8:56:b1:15:b3:50:c4:2f:9b:
c6:5b:d0:b5:09:16:ff:d8:8e:3a:8c:20:1e:0d:9e:39:45:c1:
d9:86:bf:52:bd:37:b2:b7:27:03:6f:ed:93:97:7e:87:f0:8c:
28:a3:5b:02:99:4a:8e:7c:40:87:44:e2:34:06:87:69:31:a9:
71:6f:95:96:ea:24:28:ba:00:6f:12:11:79:0c:b4:73:f7:aa:
4e:72:56:76:1a:fb:57:59:8e:f7:dc:97:84:2a:e5:28:cd:bb:
0b:95:80:f1:cd:43:ed:09:48:01:c8:f7:a8:38:7d:68:37:00:
94:a8:1c:3f:8e:0f:34:22:4e:13:0f:fd:4e:c9:4e:eb:65:ad:
0a:5d:02:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY40mAjXUvmcU+V/7WyzT+u3uAxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMDdaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzZDk0YmU1Y2FkMDljNDRlMjg2MjU3Njg1MTQ0ZTVjNDFkN2Y5MTdjMDI4
MjMwNDA2NWNiMjU4NjNmNGY3YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVBNHQC3uhEPnWvRj2IyO5cGPNmEK8uGOLbnQrdCNrqmAHcD+cv0t5FqvdB
zOx4TfBISvwid4rpZqNexykq2dxI2UAzX9xTMJy5bNzQ+K7vEi6XoK0wz004bm9y
E/TXOFDd5Th/Y5qs2RoBiv2s0lDy+zTghe234ycWY+hOJLikKUl7ePNNWpY+UeXg
pykBlc8oUS5MdAwYlLfNNqgOsp/Jbqj2EH0HUh41kGtJGmH0Lq0wecqr09pAb6EI
OOKByHWRWZFYIRDgJ9sNdE9PpfgKO5nk3x9SUnZoqHm2+ROIfu5vayVpf6lQVNMN
BIjQC7LkEmqVQ7UCE64ySYvlzkkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRXWVtR
Gzs2n2YHRuJjZ7rhDH75TzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQxMDM0YmUtMTg0NC00YmY3LTljNDMtOTFiZjViODNmYTNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaA
MA0GCSqGSIb3DQEBCwUAA4IBAQC9xzI6wcQ55pdOvWBUvTqCMRV0tqbeIq0xEqQM
sgNFUd1yYWImy/zuuoz6LJYulZ4PiOr9K87ve84VksrGnUS4TsAoEceKCzu3Zg6o
XY4q3Zxvff/7wcptbiPk7xMXCPXO3wngwLDeAQeJYG/p3i5MFQZR8BK4VrEVs1DE
L5vGW9C1CRb/2I46jCAeDZ45RcHZhr9SvTeytycDb+2Tl36H8Iwoo1sCmUqOfECH
ROI0BodpMalxb5WW6iQougBvEhF5DLRz96pOclZ2GvtXWY733JeEKuUozbsLlYDx
zUPtCUgByPeoOH1oNwCUqBw/jg80Ik4TD/1OyU7rZa0KXQKd
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:34 2026 by rpki-client