Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
File: 5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa (raw, json)
Hash identifier: tDE31tAeVwR+iIshJmDlpspAV2z53HMQhmKYizOUD40=
Subject key identifier: 24:91:C2:9D:88:A1:F7:C7:E0:54:B9:64:69:BD:D8:D8:B3:52:FC:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FDB817D810757F6EEEF34AEC2800785022C2817
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
Signing time: Sat 28 Feb 2026 06:10:47 +0000
ROA not before: Sat 28 Feb 2026 06:10:47 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:db:81:7d:81:07:57:f6:ee:ef:34:ae:c2:80:07:85:02:2c:28:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:47 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4047bb40696fa5f88a5778e717a7edb128fc7c23a0f66a5206131406cc68d2bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e8:27:8f:1b:f1:49:78:29:d7:e2:4d:5f:15:
c3:09:bc:87:6f:6a:7e:88:03:78:69:0d:e3:c9:d1:
9a:5f:83:15:c3:45:8c:a8:be:bb:05:0a:fa:db:c6:
98:80:aa:d8:f5:5a:49:06:f9:ec:45:45:bf:1b:6b:
52:4d:1b:9f:ac:74:51:8e:66:af:6f:4f:c1:ac:e6:
03:80:ff:ed:d3:78:e3:17:f5:56:e8:e3:de:f6:96:
49:e2:4c:4c:92:be:64:b8:2c:d9:89:1e:0d:0b:57:
8b:eb:4c:10:2a:ec:77:2f:2a:3b:e5:68:09:14:b6:
73:4f:07:66:c1:63:22:08:88:39:06:ce:8f:af:f6:
7e:b8:63:fe:8f:0a:b3:b1:2e:2e:cc:66:1b:c1:d8:
1c:31:34:41:a1:50:b1:1a:ba:eb:1c:69:87:61:cb:
64:f5:eb:52:f0:dc:8d:e2:3c:67:ca:be:f4:22:47:
7a:8f:cf:37:b6:82:ad:6c:ec:2e:fc:14:85:79:97:
54:c8:c1:b5:dc:95:47:0c:3d:cb:34:c2:95:ae:67:
d7:97:c1:61:b9:97:f4:a8:0d:62:03:bf:9f:a8:43:
6f:d9:2d:2d:66:58:15:6e:55:6f:d9:0d:cd:c2:16:
d7:76:0d:78:c9:d4:14:93:50:2c:59:e3:7c:86:11:
b1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:91:C2:9D:88:A1:F7:C7:E0:54:B9:64:69:BD:D8:D8:B3:52:FC:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025:1000::/36
Signature Algorithm: sha256WithRSAEncryption
3e:37:2b:79:80:88:e2:fa:5c:09:ea:32:a9:c3:d1:af:41:d7:
5f:0b:a4:e1:4e:56:43:13:da:63:b9:6a:77:86:7b:ce:94:3a:
5b:33:71:b9:61:88:d7:82:cf:d7:a0:fc:78:58:1d:85:43:76:
d7:a7:9b:67:6c:99:58:74:cc:70:4a:88:22:df:0c:aa:19:a0:
cf:b7:f5:d5:03:ec:16:63:f5:e5:f9:b8:02:69:60:91:86:ff:
f3:49:0b:ef:e5:66:e0:b2:e1:69:ed:e0:f9:52:7b:6a:7b:30:
e2:13:f0:5c:b0:73:1b:ef:bc:66:55:e9:1f:7f:ee:50:4c:c3:
02:4f:2e:50:3c:d4:70:d2:98:09:08:27:4e:34:6b:38:f7:73:
0b:d2:2d:d2:41:6a:9d:c8:d2:cf:3e:6e:ed:6c:03:d5:6e:2c:
cb:e0:e4:9f:05:5e:37:cd:01:71:91:98:b6:26:a2:9b:c7:24:
85:a4:ba:8b:27:e0:5f:79:29:2c:61:29:d2:1e:b5:7d:95:df:
8d:ab:f8:b8:24:6b:ae:8d:4a:09:4e:04:16:ae:38:26:e9:e2:
db:71:08:63:f8:a6:e4:d2:9a:8c:b4:5d:85:f9:18:96:18:84:
f2:52:31:31:5e:fb:11:81:31:ec:1b:39:82:72:e2:d2:41:c4:
57:16:38:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf9uBfYEHV/bu7zSuwoAHhQIsKBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNDdiYjQwNjk2ZmE1Zjg4YTU3NzhlNzE3YTdlZGIxMjhmYzdjMjNhMGY2
NmE1MjA2MTMxNDA2Y2M2OGQyYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMroJ48b8Ul4KdfiTV8Vwwm8h29qfogDeGkN48nRml+DFcNFjKi+uwUK+tvG
mICq2PVaSQb57EVFvxtrUk0bn6x0UY5mr29PwazmA4D/7dN44xf1Vujj3vaWSeJM
TJK+ZLgs2YkeDQtXi+tMECrsdy8qO+VoCRS2c08HZsFjIgiIOQbOj6/2frhj/o8K
s7EuLsxmG8HYHDE0QaFQsRq66xxph2HLZPXrUvDcjeI8Z8q+9CJHeo/PN7aCrWzs
LvwUhXmXVMjBtdyVRww9yzTCla5n15fBYbmX9KgNYgO/n6hDb9ktLWZYFW5Vb9kN
zcIW13YNeMnUFJNQLFnjfIYRsbMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkkcKd
iKH3x+BUuWRpvdjYs1L8EzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1ODVlOWQtOGJmMC00YmMxLWFkN2ItYjZjM2UwYmY5YjkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA+Nyt5gIji+lwJ6jKpw9GvQddfC6ThTlZDE9pj
uWp3hnvOlDpbM3G5YYjXgs/XoPx4WB2FQ3bXp5tnbJlYdMxwSogi3wyqGaDPt/XV
A+wWY/Xl+bgCaWCRhv/zSQvv5WbgsuFp7eD5UntqezDiE/BcsHMb77xmVekff+5Q
TMMCTy5QPNRw0pgJCCdONGs493ML0i3SQWqdyNLPPm7tbAPVbizL4OSfBV43zQFx
kZi2JqKbxySFpLqLJ+BfeSksYSnSHrV9ld+Nq/i4JGuujUoJTgQWrjgm6eLbcQhj
+Kbk0pqMtF2F+RiWGITyUjExXvsRgTHsGzmCcuLSQcRXFjhx
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:33 2026 by rpki-client