Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
File: 58699fff-50fe-46a7-8e85-38dbafe34c1b.roa (raw, json)
Hash identifier: m3PKffdG9g80hT5ItXYCn/QPQU4ZrUXvXQQeXH/vEGk=
Subject key identifier: B3:0E:67:0A:45:D5:3A:2A:C7:33:83:C6:43:BA:6C:EB:1D:4A:63:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 75F722D6EEAA8B275A85B96B40B8D916B572775B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
Signing time: Sat 28 Feb 2026 05:10:37 +0000
ROA not before: Sat 28 Feb 2026 05:10:37 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:f7:22:d6:ee:aa:8b:27:5a:85:b9:6b:40:b8:d9:16:b5:72:77:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:37 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=bf3a449607b572654148d5f1ff1baf5695ba3f56207d9ceb2874ecce7c59b3ac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b8:ed:0a:17:86:f2:2c:22:60:cc:44:cf:94:
c9:92:22:2e:0f:65:c1:a1:be:b5:34:72:0b:56:28:
47:88:d3:f5:29:14:6d:17:fc:c5:bf:9f:de:4d:51:
15:34:2f:c9:8f:e1:f9:24:29:63:12:1d:55:a0:02:
97:93:02:3c:5f:4e:28:88:f3:bd:4c:3b:22:b8:40:
b0:39:69:d1:20:ab:7a:7f:62:37:12:10:67:83:13:
be:40:00:e0:be:95:47:c4:19:5c:87:7e:29:28:48:
07:a9:fe:ef:31:56:40:fd:50:11:1f:b0:b4:0b:58:
f5:b9:1d:c7:37:66:0d:fd:f4:d5:cc:b0:42:18:c1:
83:65:7e:65:11:dc:d7:ff:43:90:74:cc:45:37:44:
83:ba:df:6f:d0:a6:fa:16:b1:eb:d7:b7:78:d9:f7:
fb:10:db:a0:46:33:dc:bf:fe:e3:c8:ec:a6:6f:9a:
ab:b0:aa:2c:05:6b:c7:3b:b0:7a:c5:9f:21:66:2f:
93:34:ea:fc:3a:af:34:5d:db:10:fa:e0:3e:52:2f:
10:de:6a:51:32:dc:ac:96:0b:83:58:ae:be:54:e8:
eb:39:1b:a4:28:c5:f9:98:c5:d8:19:8e:fa:7e:f3:
a4:e3:58:5e:a2:3f:25:c7:46:36:18:0e:f7:40:af:
eb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:0E:67:0A:45:D5:3A:2A:C7:33:83:C6:43:BA:6C:EB:1D:4A:63:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:bf:3a:1e:ce:3c:03:4c:32:31:16:86:c5:ad:3e:7d:a6:5a:
af:a8:5e:83:03:e1:00:3f:2a:bb:78:61:77:17:35:aa:d8:b9:
8d:12:ae:68:00:df:0d:cf:0c:12:0d:04:26:18:eb:7f:ee:70:
1f:86:78:c8:7b:c3:89:5f:97:0a:6f:a0:c8:71:e4:51:14:6e:
32:3e:8f:b3:09:44:93:57:4b:9f:4c:16:ef:b1:95:75:6f:a1:
96:c9:c6:95:0a:64:fb:bb:65:91:7c:d6:2f:b6:fd:69:66:49:
c7:4e:f4:92:6a:be:14:f4:4f:4a:91:49:0c:61:71:09:13:46:
8d:7f:13:cb:78:57:d1:83:31:2c:c8:63:04:ee:12:61:46:8f:
52:fd:32:12:8e:6f:d5:c3:8f:aa:fa:ed:92:9e:3d:06:73:58:
e7:bd:0d:fb:f8:e3:82:b7:12:22:c9:8e:ff:01:93:26:a8:19:
bc:97:4d:d5:09:1a:30:19:f0:c1:ae:5e:81:3d:d5:7c:c2:43:
cb:ca:e0:ca:0e:81:18:45:83:5a:59:54:bb:24:6a:e0:d0:ac:
4a:15:21:fd:1b:01:93:18:25:b6:03:95:da:d4:9c:d5:27:40:
65:b2:f7:e2:86:61:2c:2f:f3:30:17:6e:f1:83:a1:f8:77:63:
b0:16:b1:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdfci1u6qiydahblrQLjZFrVyd1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMzdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmM2E0NDk2MDdiNTcyNjU0MTQ4ZDVmMWZmMWJhZjU2OTViYTNmNTYyMDdk
OWNlYjI4NzRlY2NlN2M1OWIzYWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ647QoXhvIsImDMRM+UyZIiLg9lwaG+tTRyC1YoR4jT9SkUbRf8xb+f3k1R
FTQvyY/h+SQpYxIdVaACl5MCPF9OKIjzvUw7IrhAsDlp0SCren9iNxIQZ4MTvkAA
4L6VR8QZXId+KShIB6n+7zFWQP1QER+wtAtY9bkdxzdmDf301cywQhjBg2V+ZRHc
1/9DkHTMRTdEg7rfb9Cm+hax69e3eNn3+xDboEYz3L/+48jspm+aq7CqLAVrxzuw
esWfIWYvkzTq/DqvNF3bEPrgPlIvEN5qUTLcrJYLg1iuvlTo6zkbpCjF+ZjF2BmO
+n7zpONYXqI/JcdGNhgO90Cv628CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzDmcK
RdU6Ksczg8ZDumzrHUpjwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg2OTlmZmYtNTBmZS00NmE3LThlODUtMzhkYmFmZTM0YzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g
MA0GCSqGSIb3DQEBCwUAA4IBAQCuvzoezjwDTDIxFobFrT59plqvqF6DA+EAPyq7
eGF3FzWq2LmNEq5oAN8NzwwSDQQmGOt/7nAfhnjIe8OJX5cKb6DIceRRFG4yPo+z
CUSTV0ufTBbvsZV1b6GWycaVCmT7u2WRfNYvtv1pZknHTvSSar4U9E9KkUkMYXEJ
E0aNfxPLeFfRgzEsyGME7hJhRo9S/TISjm/Vw4+q+u2Snj0Gc1jnvQ37+OOCtxIi
yY7/AZMmqBm8l03VCRowGfDBrl6BPdV8wkPLyuDKDoEYRYNaWVS7JGrg0KxKFSH9
GwGTGCW2A5Xa1JzVJ0BlsvfihmEsL/MwF27xg6H4d2OwFrHu
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:04:14 2026 by rpki-client