Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
File: 5c829516-8640-4a9a-a2b3-cfababf09faa.roa (raw, json)
Hash identifier: wF5xhAiEOyuqqr3Y3A3lbpNuTQRcHFMC+WsPVLeBvpk=
Subject key identifier: AD:58:CA:50:7C:17:2A:28:EC:98:B1:E7:38:28:24:6A:33:EC:05:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4765289637D6036AC40B94CE0F77FA519DCB5AA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
Signing time: Sat 28 Feb 2026 06:10:42 +0000
ROA not before: Sat 28 Feb 2026 06:10:42 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:65:28:96:37:d6:03:6a:c4:0b:94:ce:0f:77:fa:51:9d:cb:5a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:42 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=d63ee059d54cb2010db9ce451f1835ae14ae55a9575f66b06c2465a3b565e3c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7a:7b:6a:72:38:b1:54:9d:0c:66:1b:0c:5c:
ba:51:9a:93:41:06:0f:c4:1e:14:24:ac:0b:9e:56:
de:36:94:24:67:eb:5a:18:55:3b:b2:4f:9a:d5:a6:
c2:73:a5:0e:f0:ed:ee:2a:e4:d8:92:fd:71:90:70:
08:e5:6c:d7:c5:59:63:1c:88:41:b1:77:18:d6:b7:
58:6d:80:72:91:73:83:50:9a:8a:0c:52:75:c9:dc:
8c:32:80:06:a4:1a:b6:57:c4:17:8c:6c:72:a4:b9:
93:d8:97:d8:79:9e:f4:d2:05:b0:f1:90:8d:e4:8d:
db:35:4b:2d:09:44:1d:d3:fb:d0:b9:60:43:eb:92:
52:91:d5:ce:d3:cb:3e:6f:bb:18:18:f8:a2:c2:5f:
58:87:17:a6:cd:d7:31:35:84:0d:da:ee:be:ac:8c:
1a:9d:1e:ec:27:fb:23:b8:27:c4:2c:8f:8a:dc:08:
8c:ed:74:32:1a:3e:aa:96:e2:2d:94:cd:5d:60:72:
b2:09:07:5f:85:9d:01:a4:4e:aa:b1:b0:59:f6:3b:
3a:46:1e:e5:0f:39:5b:98:a0:88:07:83:4d:ed:4c:
f1:6c:6f:57:a0:23:87:69:d0:1e:57:d5:27:db:64:
31:5a:06:36:86:81:e0:70:bc:74:2d:bd:75:03:a7:
57:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:58:CA:50:7C:17:2A:28:EC:98:B1:E7:38:28:24:6A:33:EC:05:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e080::/48
Signature Algorithm: sha256WithRSAEncryption
b7:dc:85:26:71:4e:4b:b1:49:3e:99:16:d7:a5:99:cd:64:36:
2b:66:04:76:2d:10:96:99:25:54:4b:08:70:0b:ef:28:ad:b9:
ed:4b:3a:c6:82:86:e0:82:98:a9:f4:35:7a:ba:a7:0f:2b:0f:
a3:84:53:09:cf:23:be:e3:26:b0:a8:16:e6:f3:c9:5c:0a:0d:
60:da:ba:6e:b0:42:fb:37:14:ba:1c:58:9a:fe:6c:ae:8d:be:
4d:fe:69:0a:74:50:8c:3a:ed:da:28:33:8a:b6:d4:1b:d0:4e:
e2:8a:32:32:8d:cf:98:d1:97:b8:e1:59:7e:69:25:52:01:f8:
df:6c:db:28:30:73:97:39:2a:36:f1:5d:37:72:c6:9d:eb:8e:
3b:c8:2e:a9:d2:48:18:91:27:8f:42:2c:6b:88:12:d0:54:b8:
68:4f:04:a0:a2:91:5a:b6:2f:c2:a8:0c:ab:f1:ea:1a:b8:2f:
e1:98:b6:97:1b:a8:ee:fb:79:03:64:83:a0:cc:99:d9:d0:41:
19:ab:11:f9:41:3d:86:39:3a:7d:56:66:84:88:47:d8:d0:ae:
83:42:2f:80:59:0a:51:6a:b3:b0:c5:f5:db:ef:d3:50:d3:53:
3c:bf:0f:0e:89:d2:68:9a:5f:00:08:0f:d0:e0:19:d3:fc:73:
ed:e4:07:8c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR2UoljfWA2rEC5TOD3f6UZ3LWqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNDJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2M2VlMDU5ZDU0Y2IyMDEwZGI5Y2U0NTFmMTgzNWFlMTRhZTU1YTk1NzVm
NjZiMDZjMjQ2NWEzYjU2NWUzYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIx6e2pyOLFUnQxmGwxculGak0EGD8QeFCSsC55W3jaUJGfrWhhVO7JPmtWm
wnOlDvDt7irk2JL9cZBwCOVs18VZYxyIQbF3GNa3WG2AcpFzg1CaigxSdcncjDKA
BqQatlfEF4xscqS5k9iX2Hme9NIFsPGQjeSN2zVLLQlEHdP70LlgQ+uSUpHVztPL
Pm+7GBj4osJfWIcXps3XMTWEDdruvqyMGp0e7Cf7I7gnxCyPitwIjO10Mho+qpbi
LZTNXWBysgkHX4WdAaROqrGwWfY7OkYe5Q85W5igiAeDTe1M8WxvV6Ajh2nQHlfV
J9tkMVoGNoaB4HC8dC29dQOnVwECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBStWMpQ
fBcqKOyYsec4KCRqM+wFeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4Mjk1MTYtODY0MC00YTlhLWEyYjMtY2ZhYmFiZjA5ZmFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
gDANBgkqhkiG9w0BAQsFAAOCAQEAt9yFJnFOS7FJPpkW16WZzWQ2K2YEdi0Qlpkl
VEsIcAvvKK257Us6xoKG4IKYqfQ1erqnDysPo4RTCc8jvuMmsKgW5vPJXAoNYNq6
brBC+zcUuhxYmv5sro2+Tf5pCnRQjDrt2igzirbUG9BO4ooyMo3PmNGXuOFZfmkl
UgH432zbKDBzlzkqNvFdN3LGneuOO8guqdJIGJEnj0Isa4gS0FS4aE8EoKKRWrYv
wqgMq/HqGrgv4Zi2lxuo7vt5A2SDoMyZ2dBBGasR+UE9hjk6fVZmhIhH2NCug0Iv
gFkKUWqzsMX12+/TUNNTPL8PDonSaJpfAAgP0OAZ0/xz7eQHjA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:19 2026 by rpki-client