Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
File: 5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa (raw, json)
Hash identifier: H7z6d7tNXvf+IAhXUlXq9T+Ynd7kfQeSJ40QVAL5spA=
Subject key identifier: 80:8D:B0:3A:46:EA:09:45:EA:79:3E:24:CC:03:EE:A0:E1:9A:17:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2486C91080E6485DAE1602453868DF39D6D76C58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
Signing time: Sat 28 Feb 2026 05:40:50 +0000
ROA not before: Sat 28 Feb 2026 05:40:50 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:86:c9:10:80:e6:48:5d:ae:16:02:45:38:68:df:39:d6:d7:6c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:50 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4a4997e2067482baaf10f0185e0a34fedbe990a53acac4dbeb28aae70c8ede55, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:31:04:c9:f5:0b:19:01:fd:34:44:19:10:b3:
0e:b6:a7:cf:60:73:97:68:5a:d5:8c:3f:05:f5:29:
a7:06:6b:b8:7f:f8:4e:66:78:c1:01:3d:77:4a:bf:
2c:bc:47:a4:38:93:d1:69:10:f9:b7:c8:0a:2b:f3:
73:ae:f1:b6:bd:da:26:20:7c:b9:ab:03:a5:ea:9a:
b6:ea:01:b7:9c:65:bd:2a:08:39:ee:58:d4:c0:df:
b7:99:bf:ee:a5:e3:a2:41:82:6a:ba:d9:7c:39:31:
cd:c3:dc:d6:fa:f3:e7:44:36:6e:8f:b8:75:9b:8e:
d6:70:d1:7c:38:a4:13:8c:76:ce:32:c6:9b:00:2e:
52:e4:e8:13:85:0b:82:ad:53:10:bc:17:37:34:59:
2b:66:51:66:ae:8f:c0:c2:1f:00:ee:86:3d:39:6b:
ac:e3:65:6b:4b:d3:25:56:43:55:19:17:75:39:28:
04:cc:f6:c5:31:b0:24:93:24:37:60:09:13:21:25:
09:aa:9d:2f:fb:5c:50:f7:a0:63:0b:96:92:4e:c9:
82:86:4f:6c:ef:7b:23:90:61:34:49:30:09:c6:16:
63:07:06:c0:bf:05:70:6c:f8:9b:16:b0:fa:ad:9d:
05:10:9e:cf:c5:e0:7f:92:b3:0e:72:d4:31:fc:b7:
76:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:8D:B0:3A:46:EA:09:45:EA:79:3E:24:CC:03:EE:A0:E1:9A:17:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80b0::/48
Signature Algorithm: sha256WithRSAEncryption
86:23:c0:b9:35:a1:62:ab:dc:e0:66:ff:03:e2:b9:d9:68:5e:
f1:f7:ca:df:5a:95:6e:9b:fa:fd:2d:a3:57:78:b6:5c:41:e8:
6e:6d:57:f6:10:58:77:a8:23:8b:97:cc:00:24:4d:e6:18:bf:
ff:12:dc:13:17:5b:5c:87:6f:ea:19:49:3d:d8:d2:83:13:00:
da:70:1c:d5:00:ad:51:4d:40:76:9c:96:d6:25:ca:13:9d:e5:
47:b2:ed:3e:15:fb:1e:e1:35:57:6d:a6:b6:9e:70:22:ac:94:
84:1e:94:a2:bf:34:af:31:d2:6c:85:01:92:d0:d2:e8:32:a7:
9d:99:7d:d8:9e:bf:15:4a:40:6b:65:53:23:a4:18:79:86:6f:
75:f5:25:fe:f8:93:ca:05:59:eb:3d:ca:bd:31:36:83:cc:86:
ed:83:80:fc:c5:e8:97:36:33:16:2e:78:52:1f:0c:e6:55:41:
93:52:80:c2:b3:e3:29:87:e4:ec:86:26:11:3b:59:2f:23:5b:
fb:20:74:8a:9a:c7:04:59:da:d2:99:76:10:67:d5:a0:49:36:
fd:95:d5:15:0a:72:87:7f:9e:7e:3f:c2:06:62:c8:7e:1e:b9:
d8:88:1e:93:e6:50:8e:ea:42:41:ba:70:14:33:45:4d:7e:bf:
52:ad:d8:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJIbJEIDmSF2uFgJFOGjfOdbXbFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwNTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhNDk5N2UyMDY3NDgyYmFhZjEwZjAxODVlMGEzNGZlZGJlOTkwYTUzYWNh
YzRkYmViMjhhYWU3MGM4ZWRlNTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIoxBMn1CxkB/TREGRCzDranz2Bzl2ha1Yw/BfUppwZruH/4TmZ4wQE9d0q/
LLxHpDiT0WkQ+bfICivzc67xtr3aJiB8uasDpeqatuoBt5xlvSoIOe5Y1MDft5m/
7qXjokGCarrZfDkxzcPc1vrz50Q2bo+4dZuO1nDRfDikE4x2zjLGmwAuUuToE4UL
gq1TELwXNzRZK2ZRZq6PwMIfAO6GPTlrrONla0vTJVZDVRkXdTkoBMz2xTGwJJMk
N2AJEyElCaqdL/tcUPegYwuWkk7JgoZPbO97I5BhNEkwCcYWYwcGwL8FcGz4mxaw
+q2dBRCez8Xgf5KzDnLUMfy3dh8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSAjbA6
RuoJRep5PiTMA+6g4ZoX2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQxZmZmOTgtNDQxNS00Y2QwLWIyY2MtMjZmNjFhOGNhZTdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
sDANBgkqhkiG9w0BAQsFAAOCAQEAhiPAuTWhYqvc4Gb/A+K52Whe8ffK31qVbpv6
/S2jV3i2XEHobm1X9hBYd6gji5fMACRN5hi//xLcExdbXIdv6hlJPdjSgxMA2nAc
1QCtUU1AdpyW1iXKE53lR7LtPhX7HuE1V22mtp5wIqyUhB6Uor80rzHSbIUBktDS
6DKnnZl92J6/FUpAa2VTI6QYeYZvdfUl/viTygVZ6z3KvTE2g8yG7YOA/MXolzYz
Fi54Uh8M5lVBk1KAwrPjKYfk7IYmETtZLyNb+yB0iprHBFna0pl2EGfVoEk2/ZXV
FQpyh3+efj/CBmLIfh652Igek+ZQjupCQbpwFDNFTX6/Uq3Y1g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:58 2026 by rpki-client