Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
File: 57b964c4-07ca-4501-bd01-5cb8936846cc.roa (raw, json)
Hash identifier: 80gPrWZVBCc+GIhQ46GO4HanhOUk/Ugtq9w66btQI/Y=
Subject key identifier: 52:19:D1:4B:74:D7:1B:B8:4C:D8:9E:4A:74:4E:14:FA:66:0E:A6:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5406B315B8DCD26439DAF268F61271FEB1B1ECF4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
Signing time: Sat 28 Feb 2026 06:10:27 +0000
ROA not before: Sat 28 Feb 2026 06:10:27 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:06:b3:15:b8:dc:d2:64:39:da:f2:68:f6:12:71:fe:b1:b1:ec:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:27 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=86cd239dfca0f3309839d7e435a4551731181a2cfb589e15f87886861e755ae7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:3a:73:0b:04:b7:6d:30:5a:ef:4f:36:55:cf:
8b:f7:54:f4:fb:1e:77:3b:52:68:80:b8:51:0d:29:
b5:43:9e:d4:4a:8f:2a:fb:8e:fc:0b:4e:7e:2c:1b:
41:9c:66:23:27:11:fa:a2:e8:19:f6:98:22:00:eb:
84:2c:6c:fb:b0:26:3a:3f:63:4e:ab:fd:bd:15:8f:
92:85:43:01:21:04:40:9a:88:7f:5a:19:35:29:2b:
4e:48:1d:d2:f9:66:a3:c2:9c:46:94:76:8a:b2:95:
5f:3a:0f:72:c3:3a:c7:b3:6b:ec:8a:ea:5e:da:39:
93:49:e0:9d:e3:85:0f:cf:3c:ee:20:3d:c6:b0:35:
ca:2d:cb:42:ba:2e:83:dc:f1:51:65:e0:9c:e3:a3:
4d:40:db:f8:55:23:f2:1f:cf:0b:01:9a:ce:4d:04:
3d:55:16:30:cf:0d:6b:43:c6:0c:8e:ca:d0:b5:6f:
2a:c0:4f:2f:eb:6d:58:08:09:fb:10:ba:45:b8:cd:
51:f4:3f:6d:70:36:3c:83:f5:48:bf:f9:a4:74:2d:
0c:f8:d0:cf:9b:fa:6b:a0:d2:ee:4a:27:87:e8:f8:
ae:9e:a6:c8:79:bc:0c:28:84:df:d4:42:18:3e:8c:
02:6a:a2:42:b5:20:7f:3b:23:b0:cf:54:09:ac:e7:
26:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:19:D1:4B:74:D7:1B:B8:4C:D8:9E:4A:74:4E:14:FA:66:0E:A6:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
6b:88:a0:5e:a6:aa:49:3d:03:bf:8a:f7:ab:35:7a:9b:6d:7f:
13:25:14:f8:39:68:88:7a:66:5f:93:29:fd:1f:2a:df:2e:ec:
75:19:bd:57:7f:de:64:be:5d:f0:a5:23:61:95:f9:10:38:23:
0a:e8:e4:86:96:d8:55:97:9c:95:1d:4a:5e:b6:4a:ed:b8:77:
f5:29:33:8c:a1:f0:f9:e1:d7:5e:db:25:2f:51:de:a8:0d:5a:
30:db:a9:4e:d6:89:85:1c:0d:5e:e0:86:ba:bc:13:8b:98:68:
6d:b2:40:ec:88:f9:23:bb:f3:8e:59:b9:17:b0:33:4a:01:69:
86:9a:ba:36:fd:12:92:81:14:59:86:e1:c4:2e:cd:b0:d1:20:
16:10:4a:f1:16:af:90:16:70:ac:64:45:79:89:03:ef:50:aa:
79:b0:ca:8e:ef:3d:16:ea:06:67:d1:3e:2f:e7:04:23:bb:2e:
96:a9:11:7b:1e:a5:2d:42:4a:27:25:8b:c6:a2:dc:9c:85:e1:
a5:d8:11:1d:bf:99:88:17:4c:a0:35:5e:d3:9f:d4:36:3d:22:
19:e4:ac:53:4f:39:83:98:4f:e1:b2:58:44:a5:ec:7b:5c:8c:
2d:43:6c:82:e9:11:5b:e3:96:46:c3:b8:c8:c0:5d:4a:e3:d8:
6c:4d:69:89
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVAazFbjc0mQ52vJo9hJx/rGx7PQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMjdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2Y2QyMzlkZmNhMGYzMzA5ODM5ZDdlNDM1YTQ1NTE3MzExODFhMmNmYjU4
OWUxNWY4Nzg4Njg2MWU3NTVhZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPc6cwsEt20wWu9PNlXPi/dU9PsedztSaIC4UQ0ptUOe1EqPKvuO/AtOfiwb
QZxmIycR+qLoGfaYIgDrhCxs+7AmOj9jTqv9vRWPkoVDASEEQJqIf1oZNSkrTkgd
0vlmo8KcRpR2irKVXzoPcsM6x7Nr7IrqXto5k0ngneOFD8887iA9xrA1yi3LQrou
g9zxUWXgnOOjTUDb+FUj8h/PCwGazk0EPVUWMM8Na0PGDI7K0LVvKsBPL+ttWAgJ
+xC6RbjNUfQ/bXA2PIP1SL/5pHQtDPjQz5v6a6DS7konh+j4rp6myHm8DCiE39RC
GD6MAmqiQrUgfzsjsM9UCaznJncCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSGdFL
dNcbuEzYnkp0ThT6Zg6mezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdiOTY0YzQtMDdjYS00NTAxLWJkMDEtNWNiODkzNjg0NmNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQBriKBepqpJPQO/iverNXqbbX8TJRT4OWiIemZf
kyn9HyrfLux1Gb1Xf95kvl3wpSNhlfkQOCMK6OSGlthVl5yVHUpetkrtuHf1KTOM
ofD54dde2yUvUd6oDVow26lO1omFHA1e4Ia6vBOLmGhtskDsiPkju/OOWbkXsDNK
AWmGmro2/RKSgRRZhuHELs2w0SAWEErxFq+QFnCsZEV5iQPvUKp5sMqO7z0W6gZn
0T4v5wQjuy6WqRF7HqUtQkonJYvGotycheGl2BEdv5mIF0ygNV7Tn9Q2PSIZ5KxT
TzmDmE/hslhEpex7XIwtQ2yC6RFb45ZGw7jIwF1K49hsTWmJ
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:09 2026 by rpki-client