Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
File: 5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa (raw, json)
Hash identifier: eazcl+DK4RjTIZOJE6QkL4gfE8enO5mJNDlzaNlZPJ8=
Subject key identifier: 4A:22:83:59:CC:98:B1:E0:36:68:2F:8C:CE:FC:F0:FD:FA:D3:DB:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F11DD6FFA04A41E6CCEB65EAA62CCAE8A808D11
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
Signing time: Tue 17 Feb 2026 03:00:48 +0000
ROA not before: Tue 17 Feb 2026 03:00:48 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:11:dd:6f:fa:04:a4:1e:6c:ce:b6:5e:aa:62:cc:ae:8a:80:8d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:48 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=7701d083f8c98eca4c82ba843f0c1a0e4f3d5966381b0607e55e3821816e03db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:1c:2f:0e:a6:1c:8f:1d:f2:32:af:6c:b8:0c:
f4:a0:82:f9:d0:4b:dd:42:9e:3a:78:d0:50:50:6c:
c5:ba:34:c6:e7:80:3d:79:35:72:ff:7b:e8:a7:4d:
d6:bf:22:43:e6:12:b6:ce:50:20:bf:5a:68:bb:3d:
2a:cf:3c:0e:df:ef:01:f3:30:77:32:7c:7d:c1:d9:
f7:54:a7:26:92:15:03:17:1c:6b:9d:70:fa:37:e7:
2b:39:4f:f3:db:df:59:7a:fc:10:fd:24:54:78:78:
32:c1:c2:68:1c:5e:bd:98:23:8b:31:aa:7a:a0:5f:
14:27:6a:66:74:40:f9:3e:3c:1c:c6:a9:2f:af:49:
7d:24:9a:91:a0:f9:e2:4a:4d:aa:59:d0:59:61:5c:
f2:f0:77:a3:2f:42:dc:18:59:56:42:b0:33:a7:18:
55:c3:68:1f:06:a5:ca:8b:47:bd:3c:b3:63:7d:7d:
23:1d:6d:8d:84:7a:b3:03:fd:3b:af:2b:c7:c6:bc:
c7:28:bc:0d:dd:20:4d:a1:57:20:4b:d5:65:c7:c7:
f5:e5:42:ad:ef:8e:cb:dc:13:a7:2c:53:fa:a2:ce:
53:e7:ec:0b:6a:7f:d8:60:9f:1a:76:98:a3:a7:03:
7a:aa:0d:86:30:6d:87:7a:48:18:6e:27:43:f1:0b:
33:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:22:83:59:CC:98:B1:E0:36:68:2F:8C:CE:FC:F0:FD:FA:D3:DB:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9000::/40
Signature Algorithm: sha256WithRSAEncryption
10:6b:a6:06:7b:af:5e:58:95:8d:12:44:dc:50:3a:72:e7:80:
97:a4:49:bc:6a:5a:bc:38:b3:5d:dd:ec:b0:a1:1d:fd:5a:98:
7e:06:f0:dc:89:58:bf:b3:cd:d0:10:f6:36:3f:c6:98:fc:eb:
b1:36:45:81:13:3d:11:da:f6:10:f2:07:3b:8e:49:7b:05:b8:
15:67:fc:32:e2:ea:69:dd:cf:97:e4:5c:8b:17:04:26:51:f4:
1f:da:44:2c:42:c5:ef:cf:58:dc:8b:69:47:cd:94:3c:46:8e:
85:61:67:bf:a5:a9:ac:da:83:98:79:6f:89:11:bd:41:a5:5f:
a1:ea:9c:68:ba:6e:4c:0a:9b:75:51:72:90:6e:ff:7d:0c:b8:
f8:02:fc:26:d1:3c:23:8e:b2:6a:9f:af:30:64:07:4a:e6:13:
93:92:40:33:3a:7b:2b:a7:4e:6b:0f:be:c1:50:0e:71:51:99:
e5:df:83:42:7a:68:ac:f2:40:d4:4b:6d:05:54:07:fd:6c:16:
4a:fa:4e:2f:68:d2:4e:5c:88:2e:0b:21:67:57:b0:83:4e:d2:
a7:e9:65:6a:c1:cb:e8:ba:d7:53:dc:c7:9c:5e:ac:2c:d3:e9:
e4:ba:68:47:25:8a:30:c4:52:ed:c9:f5:5d:68:ef:0e:34:23:
a7:19:f2:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULxHdb/oEpB5szrZeqmLMroqAjREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwNDhaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3MDFkMDgzZjhjOThlY2E0YzgyYmE4NDNmMGMxYTBlNGYzZDU5NjYzODFi
MDYwN2U1NWUzODIxODE2ZTAzZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPccLw6mHI8d8jKvbLgM9KCC+dBL3UKeOnjQUFBsxbo0xueAPXk1cv976KdN
1r8iQ+YSts5QIL9aaLs9Ks88Dt/vAfMwdzJ8fcHZ91SnJpIVAxcca51w+jfnKzlP
89vfWXr8EP0kVHh4MsHCaBxevZgjizGqeqBfFCdqZnRA+T48HMapL69JfSSakaD5
4kpNqlnQWWFc8vB3oy9C3BhZVkKwM6cYVcNoHwalyotHvTyzY319Ix1tjYR6swP9
O68rx8a8xyi8Dd0gTaFXIEvVZcfH9eVCre+Oy9wTpyxT+qLOU+fsC2p/2GCfGnaY
o6cDeqoNhjBth3pIGG4nQ/ELM48CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRKIoNZ
zJix4DZoL4zO/PD9+tPbUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQzN2RjMTUtMTIyNC00OTAxLWFhYjEtN2Y3ZjMwZmU2MWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAQa6YGe69eWJWNEkTcUDpy54CXpEm8alq8OLNd
3eywoR39Wph+BvDciVi/s83QEPY2P8aY/OuxNkWBEz0R2vYQ8gc7jkl7BbgVZ/wy
4upp3c+X5FyLFwQmUfQf2kQsQsXvz1jci2lHzZQ8Ro6FYWe/pams2oOYeW+JEb1B
pV+h6pxoum5MCpt1UXKQbv99DLj4Avwm0TwjjrJqn68wZAdK5hOTkkAzOnsrp05r
D77BUA5xUZnl34NCemis8kDUS20FVAf9bBZK+k4vaNJOXIguCyFnV7CDTtKn6WVq
wcvoutdT3MecXqws0+nkumhHJYowxFLtyfVdaO8ONCOnGfJc
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:26 2026 by rpki-client