Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
File: 5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa (raw, json)
Hash identifier: 4L62hn1bRsKZKRVU8MWi6/5dAyKnT1fYyFynXjQCcoM=
Subject key identifier: C8:71:28:7B:40:9D:7D:7F:2C:6B:83:B1:B0:94:0A:53:EC:B0:66:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E7E9CC082230FC859627A3AC7CE15BD6DE5C1C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
Signing time: Thu 26 Feb 2026 02:10:08 +0000
ROA not before: Thu 26 Feb 2026 02:10:08 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:7e:9c:c0:82:23:0f:c8:59:62:7a:3a:c7:ce:15:bd:6d:e5:c1:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:10:08 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=1e40a51012ac99518fedc4fc99a87f8492bcb467cbe01b7eec76710948992722, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9c:e6:4f:46:05:15:82:90:06:e5:5c:99:4d:
ee:07:bc:75:fe:92:e1:e6:11:9b:fa:90:ba:41:1b:
a3:b2:4e:e3:30:3a:a7:af:a7:80:0b:80:2c:51:74:
1e:8b:c5:df:b9:82:7b:a3:6c:35:d0:de:03:fc:75:
fe:d6:01:0a:6a:b7:14:15:1e:c0:c4:bd:17:77:78:
c1:1b:2e:2c:07:d7:70:4d:e3:04:2e:37:01:67:63:
6a:85:3e:72:6f:37:ae:b0:9d:75:cc:fa:79:8d:e5:
d3:03:e4:fd:e0:48:4d:26:ce:57:20:16:8c:af:5b:
19:ab:99:5d:0a:59:e7:cd:91:3e:30:21:6d:af:bc:
53:ed:90:61:32:ee:71:8e:e3:21:18:a9:9a:9c:0c:
bb:0a:ac:b9:0a:33:a1:c0:71:1f:95:3f:8e:a1:d3:
df:96:2f:03:b7:0c:b1:0e:b4:ea:41:2e:0c:a8:8b:
80:c6:45:a5:97:0b:cb:34:4a:08:e9:f5:e2:0a:4b:
d4:dd:fe:f5:1b:2c:38:13:9e:56:7b:71:d8:66:86:
68:c9:f9:24:85:01:79:ca:38:6b:9f:2f:75:34:50:
0a:af:1a:97:5c:4d:8f:63:2a:9b:be:d2:dc:d6:b4:
bf:27:00:03:4b:41:68:9b:84:21:68:9a:6d:32:21:
90:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:71:28:7B:40:9D:7D:7F:2C:6B:83:B1:B0:94:0A:53:EC:B0:66:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:880::/48
Signature Algorithm: sha256WithRSAEncryption
61:8f:1b:eb:f6:7f:ec:c5:05:b2:55:b1:1b:e1:29:3d:86:11:
d3:65:e1:c2:8c:b9:3b:02:c9:4e:00:23:73:be:d5:04:7e:9f:
01:5d:c6:e1:97:85:89:b9:30:ec:c0:c5:ab:1c:10:ee:45:1b:
25:f1:f5:28:d8:0b:33:30:db:3b:d6:24:87:23:31:34:1a:25:
58:a2:b1:f0:e3:20:22:f7:f9:c4:6d:37:8a:00:1a:bc:ad:19:
e5:35:0e:60:e9:a3:f2:29:09:77:82:29:bf:ea:3f:36:3d:7a:
87:43:74:a9:61:c1:b6:0a:2d:e2:fa:9c:cf:7f:3c:b3:f5:77:
de:f1:76:f6:92:d6:65:1a:2e:47:19:d5:f6:64:60:06:88:f8:
08:b7:12:f6:df:97:46:13:5c:b6:6d:72:b3:46:31:7b:39:03:
76:89:d6:98:41:6d:f3:3d:13:b3:05:fb:7e:70:a7:46:07:d6:
76:cb:55:e8:5c:ee:c6:48:64:28:71:13:74:e0:42:4c:78:4a:
63:2c:a7:ab:41:5f:2a:d1:12:6a:6c:23:7e:91:00:a4:04:13:
88:b0:a3:d6:96:f1:9d:02:b0:30:4a:8a:ba:36:79:d1:40:62:
ee:a5:6a:04:2b:bd:af:23:9d:18:a4:bb:c4:da:85:2c:23:26:
38:ec:11:a6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULn6cwIIjD8hZYno6x84VvW3lwckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjEwMDhaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlNDBhNTEwMTJhYzk5NTE4ZmVkYzRmYzk5YTg3Zjg0OTJiY2I0NjdjYmUw
MWI3ZWVjNzY3MTA5NDg5OTI3MjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2c5k9GBRWCkAblXJlN7ge8df6S4eYRm/qQukEbo7JO4zA6p6+ngAuALFF0
HovF37mCe6NsNdDeA/x1/tYBCmq3FBUewMS9F3d4wRsuLAfXcE3jBC43AWdjaoU+
cm83rrCddcz6eY3l0wPk/eBITSbOVyAWjK9bGauZXQpZ582RPjAhba+8U+2QYTLu
cY7jIRipmpwMuwqsuQozocBxH5U/jqHT35YvA7cMsQ606kEuDKiLgMZFpZcLyzRK
COn14gpL1N3+9RssOBOeVntx2GaGaMn5JIUBeco4a58vdTRQCq8al1xNj2Mqm77S
3Na0vycAA0tBaJuEIWiabTIhkLECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTIcSh7
QJ19fyxrg7GwlApT7LBmBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4YmUxYjEtNWNjOS00MGRjLWEwYzEtOTg5MjBjYzI5M2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
gDANBgkqhkiG9w0BAQsFAAOCAQEAYY8b6/Z/7MUFslWxG+EpPYYR02Xhwoy5OwLJ
TgAjc77VBH6fAV3G4ZeFibkw7MDFqxwQ7kUbJfH1KNgLMzDbO9YkhyMxNBolWKKx
8OMgIvf5xG03igAavK0Z5TUOYOmj8ikJd4Ipv+o/Nj16h0N0qWHBtgot4vqcz388
s/V33vF29pLWZRouRxnV9mRgBoj4CLcS9t+XRhNctm1ys0YxezkDdonWmEFt8z0T
swX7fnCnRgfWdstV6FzuxkhkKHETdOBCTHhKYyynq0FfKtESamwjfpEApAQTiLCj
1pbxnQKwMEqKujZ50UBi7qVqBCu9ryOdGKS7xNqFLCMmOOwRpg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:32 2026 by rpki-client