Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa
File: 599e0695-4b67-4a37-994a-8c71d61260b3.roa (raw, json)
Hash identifier: xVDcDNym1tvA2bg8AH3piEWviBEfUK1RCTp40e1i2E8=
Subject key identifier: BC:32:8C:5E:CE:1B:51:5B:38:A3:F6:97:2A:1F:BC:91:82:83:61:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 519D0D85A43187BB02E01BE929F1109545965047
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa
Signing time: Sat 28 Feb 2026 06:00:50 +0000
ROA not before: Sat 28 Feb 2026 06:00:50 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:9d:0d:85:a4:31:87:bb:02:e0:1b:e9:29:f1:10:95:45:96:50:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:50 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b7696b4f519601e9fb3a99ab71833ff24a7fc6ce458ce1eb72261a813e3a4902, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2c:f2:f4:4a:90:e0:a4:e8:29:ce:14:ca:2e:
0e:2b:47:bd:3b:3b:42:5b:e6:16:7b:ff:c5:63:56:
22:92:ab:a2:6a:4f:93:73:32:c1:ee:31:4a:e4:bc:
69:6f:a4:af:7c:cb:ca:aa:a7:b1:97:a7:20:db:9e:
d1:01:d7:be:9e:51:af:7d:6e:5e:24:66:cc:86:41:
12:ee:48:ae:90:b7:d9:84:49:1f:be:ef:43:08:70:
cf:c5:83:24:bd:b0:fb:ac:e0:d9:26:eb:fa:4f:e2:
fc:05:16:9f:ad:c4:65:6c:c4:04:0e:39:89:03:22:
30:9e:73:0e:4d:82:c1:61:a8:3f:2b:03:c6:d2:fc:
0d:49:35:f7:a1:af:84:22:df:af:47:36:c1:ef:10:
22:3f:ff:37:35:9c:4a:67:06:45:60:16:a5:85:d8:
e2:ed:34:f1:ef:a5:72:b7:62:6a:a7:03:f0:5a:15:
47:3f:01:10:e2:5e:85:e1:6f:5f:5e:6a:37:4d:94:
5a:45:10:68:14:d2:d9:4f:7f:b8:4c:8c:17:a9:6a:
44:9b:c8:84:46:c8:c3:70:02:34:9b:bf:db:5e:fd:
25:6c:06:b2:3d:ed:d9:c4:40:36:e7:b2:40:e7:36:
5e:c8:c0:f4:7f:dc:4f:81:fd:a0:e4:95:cc:ca:4f:
a9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:32:8C:5E:CE:1B:51:5B:38:A3:F6:97:2A:1F:BC:91:82:83:61:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
37:b7:7d:3e:5a:86:50:40:6d:9a:b1:61:58:d1:2b:e3:d9:d4:
35:74:5a:f1:80:86:38:af:20:35:a4:9d:5a:2a:35:00:b7:79:
ac:4f:88:5a:d5:07:64:55:ff:98:62:45:23:b8:47:84:2d:23:
d9:68:8a:07:99:8b:09:6d:48:ae:6f:a4:48:04:31:77:bb:4e:
b2:98:da:19:f6:70:32:cd:5f:d5:25:c3:2c:5b:6e:83:69:aa:
e8:a6:f4:a1:fc:23:2a:db:d1:82:e4:0a:13:ca:69:17:77:58:
be:86:a5:c1:ce:38:54:ef:03:6d:ba:02:ea:b3:7f:1f:54:4a:
99:b0:27:20:22:80:fc:46:58:5e:e5:25:68:42:d5:6d:1c:99:
1c:ee:46:ae:f5:59:f8:a2:a7:b7:cf:b0:88:31:9b:0c:2f:08:
66:d0:01:71:3a:7d:5c:75:8d:c1:8d:c8:a9:69:bb:6a:92:12:
1a:85:23:86:18:8d:dc:4d:6f:4d:3c:c2:77:01:b4:48:e9:9a:
63:2b:91:f9:7a:93:8f:ee:6a:da:c7:9d:67:66:6e:ad:fd:5b:
51:fd:6d:cf:94:72:55:12:00:c8:e8:6b:f3:6b:28:e2:48:e0:
82:c8:7f:e7:5c:98:9a:78:67:9d:06:aa:c8:d2:03:62:d3:3a:
3c:57:a9:78
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUZ0NhaQxh7sC4BvpKfEQlUWWUEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3Njk2YjRmNTE5NjAxZTlmYjNhOTlhYjcxODMzZmYyNGE3ZmM2Y2U0NThj
ZTFlYjcyMjYxYTgxM2UzYTQ5MDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEs8vRKkOCk6CnOFMouDitHvTs7QlvmFnv/xWNWIpKrompPk3Mywe4xSuS8
aW+kr3zLyqqnsZenINue0QHXvp5Rr31uXiRmzIZBEu5IrpC32YRJH77vQwhwz8WD
JL2w+6zg2Sbr+k/i/AUWn63EZWzEBA45iQMiMJ5zDk2CwWGoPysDxtL8DUk196Gv
hCLfr0c2we8QIj//NzWcSmcGRWAWpYXY4u008e+lcrdiaqcD8FoVRz8BEOJeheFv
X15qN02UWkUQaBTS2U9/uEyMF6lqRJvIhEbIw3ACNJu/2179JWwGsj3t2cRANuey
QOc2XsjA9H/cT4H9oOSVzMpPqX0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS8Moxe
zhtRWzij9pcqH7yRgoNhzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTk5ZTA2OTUtNGI2Ny00YTM3LTk5NGEtOGM3MWQ2MTI2MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
wDANBgkqhkiG9w0BAQsFAAOCAQEAN7d9PlqGUEBtmrFhWNEr49nUNXRa8YCGOK8g
NaSdWio1ALd5rE+IWtUHZFX/mGJFI7hHhC0j2WiKB5mLCW1Irm+kSAQxd7tOspja
GfZwMs1f1SXDLFtug2mq6Kb0ofwjKtvRguQKE8ppF3dYvoalwc44VO8DbboC6rN/
H1RKmbAnICKA/EZYXuUlaELVbRyZHO5GrvVZ+KKnt8+wiDGbDC8IZtABcTp9XHWN
wY3IqWm7apISGoUjhhiN3E1vTTzCdwG0SOmaYyuR+XqTj+5q2sedZ2Zurf1bUf1t
z5RyVRIAyOhr82so4kjggsh/51yYmnhnnQaqyNIDYtM6PFepeA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:59:14 2026 by rpki-client