Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
File: 5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa (raw, json)
Hash identifier: F1cFnfCordDmJzeuEuJgjW9r4aU6r2EYGB9MavY+srk=
Subject key identifier: BB:D6:85:EC:7F:E7:C3:E2:4E:0B:67:19:6B:18:46:C2:F2:2E:12:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24299FF91542752572610AC49B117138D9EC6C37
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
Signing time: Fri 06 Feb 2026 00:40:11 +0000
ROA not before: Fri 06 Feb 2026 00:40:11 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:29:9f:f9:15:42:75:25:72:61:0a:c4:9b:11:71:38:d9:ec:6c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:40:11 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=8996efb41814494f60fe90fa01baad0d2c1144acd3ef5cb1153ce9926f5a8219, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ca:a5:50:ce:b9:03:82:89:22:de:c5:11:44:
94:65:fb:d3:35:48:54:5a:7e:6f:88:0a:3b:2c:b3:
ff:da:b8:7a:df:93:11:0a:29:c8:c7:c3:fe:c9:b9:
08:c1:23:02:29:0b:c7:b5:cd:67:0c:b2:7a:47:61:
b0:87:04:8d:77:8a:ac:05:7e:ed:8c:0e:c0:60:e7:
f0:3c:e1:8c:f1:d7:a5:f5:fe:65:d9:40:66:9b:2a:
ad:f0:31:f0:71:5b:ec:a0:f5:a9:2a:36:37:40:53:
c1:0b:81:0f:66:71:15:ae:ec:52:00:5c:cf:4d:b1:
15:e7:cd:b3:30:06:d0:34:5c:5a:e6:38:d0:7c:32:
3e:42:a0:d9:89:28:2e:93:bf:7f:f9:9c:ae:e8:cd:
bc:bf:55:4f:5f:2c:e6:66:44:b8:0c:60:de:57:b9:
7b:2c:e0:7d:8a:f3:30:d4:f8:0f:df:1a:a8:58:ea:
28:36:6a:a3:04:bf:77:b6:0f:da:57:4a:4c:b3:19:
9e:02:0c:44:ed:ed:54:ba:6c:91:d8:0c:3c:d2:04:
7c:75:b9:52:cc:b3:92:99:49:f1:f1:e6:c6:70:94:
d7:37:ff:45:39:57:64:50:3a:29:e6:c9:60:ef:11:
a1:5b:90:a9:9e:a3:3c:45:07:65:d3:cb:fb:b9:f9:
22:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D6:85:EC:7F:E7:C3:E2:4E:0B:67:19:6B:18:46:C2:F2:2E:12:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:e2:23:ec:73:c3:31:09:7a:b5:00:e5:d6:15:b9:4c:6c:65:
5b:e4:85:2b:0c:4a:04:b1:da:e6:66:81:16:f1:8a:e6:a2:bf:
3d:5f:d2:3e:f6:2f:e0:ce:ad:fc:6d:53:59:36:98:f2:9c:73:
8c:5a:81:2c:ac:4f:bb:ac:f4:87:0a:62:e9:47:c9:bd:f5:39:
2a:c1:24:ab:e0:e8:02:c1:4d:34:2f:e6:33:93:fc:75:44:0d:
58:9b:2d:f9:b5:76:35:b8:7c:7d:11:a1:87:d1:35:ce:be:bf:
7f:f9:7e:18:3b:69:75:e8:74:c9:56:f4:70:d6:7d:06:8a:51:
85:9c:1b:45:d7:2e:37:58:1f:77:31:97:88:a2:a1:08:bb:03:
be:a4:d0:89:99:82:65:97:c3:25:51:9d:f3:8c:1e:34:55:c5:
80:9a:21:c7:48:6b:8a:85:f9:d4:be:20:bd:c2:70:bd:d8:95:
d5:c9:b8:0b:cb:9a:e3:7b:ec:6d:35:fc:ca:df:68:58:fc:8e:
bb:92:ca:d4:38:76:69:67:8b:e0:54:81:b4:92:5b:8d:3d:86:
be:c6:8d:c8:e2:97:96:34:1d:a8:c4:d3:53:49:ab:7a:dc:0d:
00:da:4e:00:a3:bd:91:41:97:e6:34:a3:c6:14:78:4e:f3:d5:
87:d2:49:d6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJCmf+RVCdSVyYQrEmxFxONnsbDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDQwMTFaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5OTZlZmI0MTgxNDQ5NGY2MGZlOTBmYTAxYmFhZDBkMmMxMTQ0YWNkM2Vm
NWNiMTE1M2NlOTkyNmY1YTgyMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzKpVDOuQOCiSLexRFElGX70zVIVFp+b4gKOyyz/9q4et+TEQopyMfD/sm5
CMEjAikLx7XNZwyyekdhsIcEjXeKrAV+7YwOwGDn8DzhjPHXpfX+ZdlAZpsqrfAx
8HFb7KD1qSo2N0BTwQuBD2ZxFa7sUgBcz02xFefNszAG0DRcWuY40HwyPkKg2Yko
LpO/f/mcrujNvL9VT18s5mZEuAxg3le5eyzgfYrzMNT4D98aqFjqKDZqowS/d7YP
2ldKTLMZngIMRO3tVLpskdgMPNIEfHW5UsyzkplJ8fHmxnCU1zf/RTlXZFA6KebJ
YO8RoVuQqZ6jPEUHZdPL+7n5IpMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS71oXs
f+fD4k4LZxlrGEbC8i4SUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYzMDU0YjgtNTRlZS00YjhiLWFmYzgtNTMxZjI0ZDU5ZmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSA
MA0GCSqGSIb3DQEBCwUAA4IBAQCa4iPsc8MxCXq1AOXWFblMbGVb5IUrDEoEsdrm
ZoEW8Yrmor89X9I+9i/gzq38bVNZNpjynHOMWoEsrE+7rPSHCmLpR8m99TkqwSSr
4OgCwU00L+Yzk/x1RA1Ymy35tXY1uHx9EaGH0TXOvr9/+X4YO2l16HTJVvRw1n0G
ilGFnBtF1y43WB93MZeIoqEIuwO+pNCJmYJll8MlUZ3zjB40VcWAmiHHSGuKhfnU
viC9wnC92JXVybgLy5rje+xtNfzK32hY/I67ksrUOHZpZ4vgVIG0kluNPYa+xo3I
4peWNB2oxNNTSat63A0A2k4Ao72RQZfmNKPGFHhO89WH0knW
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:19:18 2026 by rpki-client