Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
File: 5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa (raw, json)
Hash identifier: KSgWF4LywWMZO7tT3gdQ2iTPro5zCALEwVGB26LtO/0=
Subject key identifier: 50:0A:89:B4:FC:F8:BE:D0:F9:2D:70:05:95:F7:F8:44:15:E6:34:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2474C68F46A8464185885CA88A74DEB494DBABB2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
Signing time: Sat 28 Feb 2026 06:00:50 +0000
ROA not before: Sat 28 Feb 2026 06:00:50 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:74:c6:8f:46:a8:46:41:85:88:5c:a8:8a:74:de:b4:94:db:ab:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:50 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=20f4b897b4db26efc74ac5a29e60ac3a3c7fe3f100ceebf50226fb09c29e43ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9f:8f:47:2f:61:f7:b0:f0:0b:39:f7:7c:9f:
c2:05:0d:ed:e0:1f:4e:c8:b9:43:1c:37:63:e7:e4:
45:16:92:f3:f6:37:c8:7f:e0:eb:83:96:6a:32:8c:
ca:47:ee:83:c6:0a:90:8f:95:c6:e1:eb:11:4f:73:
29:35:8b:ba:68:6f:9e:5a:fb:b6:42:e6:7f:6f:9c:
5b:df:cf:21:ba:e3:cc:da:07:9d:83:57:3c:11:9b:
69:da:1f:db:04:98:3d:9a:00:a9:19:7d:f9:2e:76:
98:03:49:77:a5:c1:0a:ec:c8:6b:28:77:8a:8f:74:
c8:bb:6b:63:9e:f7:b7:0b:ba:6e:3d:30:f4:87:af:
ff:3d:67:a3:dc:13:ce:06:94:bb:bb:c5:e3:42:81:
18:06:89:43:34:62:5f:01:9f:89:0e:21:a1:d2:83:
40:fc:02:36:37:17:4c:a8:b5:e4:7b:2e:c6:dd:5d:
3e:d9:b4:07:05:40:4a:60:07:a9:b4:89:8a:d1:98:
c3:18:08:8f:c9:74:a7:a5:fe:b9:50:76:24:1a:79:
f8:93:75:c1:1b:4a:c4:ba:34:86:cb:96:c9:e7:1f:
98:15:ec:92:7f:da:9f:d2:ba:d5:30:80:f0:79:db:
d5:7c:15:80:bb:fe:ac:c6:bf:5e:21:af:fa:9f:4b:
06:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:0A:89:B4:FC:F8:BE:D0:F9:2D:70:05:95:F7:F8:44:15:E6:34:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:61:bd:f0:84:29:70:bd:44:6b:00:a4:5c:4a:9d:a4:e9:5f:
9d:c1:cf:3e:a5:a0:5a:97:c1:d0:f3:4f:07:e7:92:56:f8:2c:
17:cd:f4:39:10:9e:c5:7b:cb:b1:fa:a1:29:74:97:9c:26:79:
32:af:c7:60:c9:92:49:55:25:29:09:ff:a4:2a:cb:b9:18:48:
ee:9b:ca:bb:78:92:11:62:3a:45:4e:ac:ae:02:0b:8d:01:9f:
8b:eb:c2:e5:66:f3:83:8e:4b:13:56:21:13:fa:58:87:e7:4a:
72:65:5f:c1:03:a0:40:c0:50:b0:34:98:27:11:90:3e:fc:99:
65:20:02:21:24:6b:b2:0f:97:d2:45:47:d1:8b:a2:35:86:5e:
a6:a4:65:94:1b:11:48:09:d9:9e:05:1a:04:9c:a3:70:5e:a0:
b5:b9:80:e6:81:09:3f:0a:5e:5a:87:be:51:d1:64:d0:db:0c:
f7:6f:9f:0e:e3:34:2d:8b:1b:b7:25:80:c8:9f:73:35:92:5a:
45:fd:3c:a2:b7:87:f9:e0:11:55:47:3a:61:fc:74:ce:c8:cb:
bf:66:94:c1:0c:d6:a4:aa:cb:a2:b4:c4:ac:43:b7:51:b5:25:
8f:59:f8:b0:18:61:c2:8b:5f:ef:9d:34:db:e5:80:76:31:dc:
f4:a2:02:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJHTGj0aoRkGFiFyoinTetJTbq7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwZjRiODk3YjRkYjI2ZWZjNzRhYzVhMjllNjBhYzNhM2M3ZmUzZjEwMGNl
ZWJmNTAyMjZmYjA5YzI5ZTQzYWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKfj0cvYfew8As593yfwgUN7eAfTsi5Qxw3Y+fkRRaS8/Y3yH/g64OWajKM
ykfug8YKkI+VxuHrEU9zKTWLumhvnlr7tkLmf2+cW9/PIbrjzNoHnYNXPBGbadof
2wSYPZoAqRl9+S52mANJd6XBCuzIayh3io90yLtrY573twu6bj0w9Iev/z1no9wT
zgaUu7vF40KBGAaJQzRiXwGfiQ4hodKDQPwCNjcXTKi15Hsuxt1dPtm0BwVASmAH
qbSJitGYwxgIj8l0p6X+uVB2JBp5+JN1wRtKxLo0hsuWyecfmBXskn/an9K61TCA
8Hnb1XwVgLv+rMa/XiGv+p9LBnMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRQCom0
/Pi+0PktcAWV9/hEFeY0jzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQ4ZTgzMWUtNGQ2MS00NDliLWE1MzItYTFkZDlkNzQzYWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hog
MA0GCSqGSIb3DQEBCwUAA4IBAQBdYb3whClwvURrAKRcSp2k6V+dwc8+paBal8HQ
808H55JW+CwXzfQ5EJ7Fe8ux+qEpdJecJnkyr8dgyZJJVSUpCf+kKsu5GEjum8q7
eJIRYjpFTqyuAguNAZ+L68LlZvODjksTViET+liH50pyZV/BA6BAwFCwNJgnEZA+
/JllIAIhJGuyD5fSRUfRi6I1hl6mpGWUGxFICdmeBRoEnKNwXqC1uYDmgQk/Cl5a
h75R0WTQ2wz3b58O4zQtixu3JYDIn3M1klpF/Tyit4f54BFVRzph/HTOyMu/ZpTB
DNakqsuitMSsQ7dRtSWPWfiwGGHCi1/vnTTb5YB2Mdz0ogJ3
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:56 2026 by rpki-client