Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
File: 55ba2d71-c4db-41f1-a648-b39b354abfa6.roa (raw, json)
Hash identifier: luQbAP+uxup5W+1KuJTvVgqM0Z6/UEV0gybbgYaQXxw=
Subject key identifier: 0A:E3:3F:4E:9C:DA:63:7B:85:DD:02:77:76:C1:F7:BC:F5:B3:C8:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E85EE91F75CD66AEC0C587A7D2A25D74057705B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
Signing time: Sat 28 Feb 2026 05:41:07 +0000
ROA not before: Sat 28 Feb 2026 05:41:07 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:85:ee:91:f7:5c:d6:6a:ec:0c:58:7a:7d:2a:25:d7:40:57:70:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:07 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=37bc484fb14c75c14e70abae33edbf4b4071635314b4f74a9d653738ad4e4177, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a3:e3:74:5d:b2:fa:80:af:41:2d:f4:4c:14:
a5:9d:fb:47:2d:7e:b5:82:76:b3:9a:fd:0f:2c:26:
78:1a:40:6e:0d:25:c8:b7:5c:43:9d:e7:35:7d:3b:
cc:06:c7:99:e6:b1:c5:0d:c7:dc:99:f4:7f:99:2f:
fe:89:00:f7:64:2d:f6:d5:50:dd:ed:8f:c1:64:d1:
70:7d:b3:f8:21:ba:bd:38:43:55:89:0a:81:a2:d8:
fc:da:3c:ac:52:db:99:e4:ef:60:17:27:7a:82:6e:
df:0c:0a:2d:6f:22:bf:55:22:e2:36:e3:4a:8e:70:
7e:6a:64:fe:6b:45:f9:18:0d:b5:8c:7a:2b:15:55:
cc:0c:77:b5:65:48:2b:9c:8b:47:24:54:66:6f:0c:
38:73:19:14:62:87:9e:3b:4f:27:3d:f3:ad:a8:5e:
93:36:2e:cb:a4:fc:dc:39:48:da:e3:9c:7b:80:37:
68:80:45:76:f0:d8:84:59:f6:98:d2:b9:6b:cf:c1:
79:82:a6:75:61:a1:97:c7:3a:99:60:e0:7e:94:26:
73:a7:24:45:53:4d:fb:b3:47:14:49:91:d8:e5:38:
4b:d2:77:7b:83:0c:82:a9:24:10:37:5a:3e:84:4e:
e6:c0:2d:31:17:db:ce:1f:0f:22:e1:17:dc:1c:6e:
b3:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E3:3F:4E:9C:DA:63:7B:85:DD:02:77:76:C1:F7:BC:F5:B3:C8:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:8000::/40
Signature Algorithm: sha256WithRSAEncryption
37:f8:14:cc:bf:7b:54:fa:a0:70:98:15:3d:3f:7d:91:f2:2b:
0d:91:96:b2:11:6c:6c:ad:cd:8b:11:d8:fe:5f:47:54:88:7c:
9c:ab:9a:9d:04:81:90:b3:01:10:72:1b:e4:93:f3:61:23:08:
7e:2f:e8:f4:c0:e8:29:de:be:4d:82:76:e0:03:a8:56:30:14:
f2:ed:bc:41:5e:fc:e5:23:94:4e:82:ac:2d:cd:a5:76:37:36:
25:63:9f:37:8a:3f:c9:61:6d:8c:8a:b0:cb:d0:68:06:5f:93:
4d:a1:ad:c2:75:a9:99:72:56:b3:5c:aa:ac:85:3e:f8:27:0a:
d9:4e:c2:97:89:f6:3e:1f:4d:ba:05:78:84:b1:64:c7:0d:ff:
21:6e:14:ea:ec:3c:f0:6b:48:94:68:bb:a7:dd:d1:2d:f6:dd:
d0:26:4b:97:58:5b:d0:fc:70:28:6a:b9:ea:96:26:5f:ac:26:
9a:2f:c5:65:b4:88:dd:ff:e4:95:ed:a4:16:03:f2:b6:38:f5:
7b:05:4b:26:51:c5:b2:b1:91:5b:be:8b:57:91:fc:49:2e:be:
b5:48:a8:f0:50:01:41:0d:2f:6d:46:d5:cf:03:6f:b5:25:ba:
a7:7d:45:ea:bb:bd:c0:84:1a:0e:fc:22:31:fd:fa:a9:78:c3:
7e:74:a2:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPoXukfdc1mrsDFh6fSol10BXcFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3YmM0ODRmYjE0Yzc1YzE0ZTcwYWJhZTMzZWRiZjRiNDA3MTYzNTMxNGI0
Zjc0YTlkNjUzNzM4YWQ0ZTQxNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGj43RdsvqAr0Et9EwUpZ37Ry1+tYJ2s5r9DywmeBpAbg0lyLdcQ53nNX07
zAbHmeaxxQ3H3Jn0f5kv/okA92Qt9tVQ3e2PwWTRcH2z+CG6vThDVYkKgaLY/No8
rFLbmeTvYBcneoJu3wwKLW8iv1Ui4jbjSo5wfmpk/mtF+RgNtYx6KxVVzAx3tWVI
K5yLRyRUZm8MOHMZFGKHnjtPJz3zrahekzYuy6T83DlI2uOce4A3aIBFdvDYhFn2
mNK5a8/BeYKmdWGhl8c6mWDgfpQmc6ckRVNN+7NHFEmR2OU4S9J3e4MMgqkkEDda
PoRO5sAtMRfbzh8PIuEX3Bxus7MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQK4z9O
nNpje4XdAnd2wfe89bPIZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTViYTJkNzEtYzRkYi00MWYxLWE2NDgtYjM5YjM1NGFiZmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiA
MA0GCSqGSIb3DQEBCwUAA4IBAQA3+BTMv3tU+qBwmBU9P32R8isNkZayEWxsrc2L
Edj+X0dUiHycq5qdBIGQswEQchvkk/NhIwh+L+j0wOgp3r5NgnbgA6hWMBTy7bxB
XvzlI5ROgqwtzaV2NzYlY583ij/JYW2MirDL0GgGX5NNoa3CdamZclazXKqshT74
JwrZTsKXifY+H026BXiEsWTHDf8hbhTq7Dzwa0iUaLun3dEt9t3QJkuXWFvQ/HAo
arnqliZfrCaaL8VltIjd/+SV7aQWA/K2OPV7BUsmUcWysZFbvotXkfxJLr61SKjw
UAFBDS9tRtXPA2+1JbqnfUXqu73AhBoO/CIx/fqpeMN+dKJZ
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:05 2026 by rpki-client