Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
File: 60b690d0-a362-4547-bf57-d14f49f40869.roa (raw, json)
Hash identifier: 5JOOD558H0r2bFXWIim63GB1KRHK63IfKg1T8gaHlek=
Subject key identifier: 2A:47:EF:EC:22:60:F6:18:E1:68:A5:01:8F:1E:36:E3:17:28:5B:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 654EB65103B1DA244924B41560942B6661184418
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
Signing time: Sat 28 Feb 2026 05:30:52 +0000
ROA not before: Sat 28 Feb 2026 05:30:52 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:4e:b6:51:03:b1:da:24:49:24:b4:15:60:94:2b:66:61:18:44:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:52 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b8bd4479d080b5f1ab55d097886b8e2d14080e0e5f95b1bf2984b42af3cddfb4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4a:8c:c6:eb:d7:3c:3e:ab:ac:8e:e6:ce:b0:
cd:20:5d:39:de:a5:e8:ad:b9:ef:f1:51:af:76:9e:
a3:3e:28:47:7a:b3:f8:37:99:36:d4:57:9c:18:8b:
4e:bd:6a:d2:4d:f0:26:b8:d7:9e:2c:24:79:75:04:
12:e6:6f:98:cf:65:66:9c:fd:a7:e1:8a:37:66:e8:
c3:f4:94:99:74:e5:ea:05:8d:7a:83:fb:59:f2:d7:
2a:4f:05:77:31:5d:38:a7:04:52:16:91:0d:cc:7e:
1e:7a:10:7d:a4:85:a1:86:b1:f8:74:cb:68:4c:f5:
32:54:c3:20:b8:34:54:e3:ab:63:22:82:16:51:06:
15:db:c1:b4:66:b9:e2:70:27:b7:41:cd:7a:d3:66:
96:1e:f4:25:c7:bd:71:8a:10:f9:ec:c1:73:59:1e:
34:1a:be:80:a8:84:a4:fe:d3:31:94:3f:17:7a:dc:
82:8e:05:b1:ae:a4:f1:0e:c4:1a:6a:ed:af:b8:8c:
03:13:8e:19:f8:15:70:30:68:69:86:ad:52:42:fa:
4d:e6:74:dd:95:e6:4b:b9:66:9c:1e:32:8f:5b:81:
b9:ce:66:f7:69:fb:47:e2:c6:8d:e1:1c:00:b8:c2:
ac:1a:64:c9:fb:5b:87:57:b7:fa:6a:c5:49:69:a5:
41:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:47:EF:EC:22:60:F6:18:E1:68:A5:01:8F:1E:36:E3:17:28:5B:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:400::/38
Signature Algorithm: sha256WithRSAEncryption
72:98:0d:e2:ca:0b:b0:48:ea:29:04:b1:60:b2:93:a7:3e:9d:
df:e7:a0:af:a5:fb:d9:cd:20:45:df:77:1d:99:d0:80:ee:34:
ee:d8:4c:37:27:35:4f:c9:8c:07:23:fc:77:f6:e8:4f:da:d3:
84:cc:75:b0:cd:00:d5:6e:70:2a:96:36:d9:7b:ae:0c:b9:6e:
0d:6d:fc:a8:d9:dc:65:c5:ca:65:47:9f:f6:12:97:cb:74:44:
6b:5a:1b:52:a6:3f:79:a2:11:d5:47:38:f5:6a:06:65:e6:cc:
f1:f4:f2:30:93:62:9c:d0:85:93:ec:75:0f:39:23:c4:f3:74:
1a:d3:d5:3f:45:52:a2:e7:24:9d:79:a4:55:e6:e3:85:0e:a0:
38:f1:f3:eb:97:c8:67:4f:ac:91:62:a5:02:88:c6:26:51:c0:
91:46:ca:0a:1a:f6:78:cd:6e:3d:d5:ff:bc:39:11:fa:79:9b:
02:ba:d1:d3:2e:a9:a2:f5:20:0c:2f:97:a9:7d:e7:f1:27:1d:
e1:f9:da:a8:2e:ce:70:89:cf:18:78:d8:a6:cf:6c:c7:69:57:
3b:d2:90:21:fe:ee:7e:2b:74:e8:f8:a5:d1:5a:36:51:ea:e6:
60:15:c9:34:05:d7:17:28:10:ae:b2:d3:bd:03:f7:9d:13:16:
7b:8c:96:fd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZU62UQOx2iRJJLQVYJQrZmEYRBgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwNTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4YmQ0NDc5ZDA4MGI1ZjFhYjU1ZDA5Nzg4NmI4ZTJkMTQwODBlMGU1Zjk1
YjFiZjI5ODRiNDJhZjNjZGRmYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhKjMbr1zw+q6yO5s6wzSBdOd6l6K257/FRr3aeoz4oR3qz+DeZNtRXnBiL
Tr1q0k3wJrjXniwkeXUEEuZvmM9lZpz9p+GKN2bow/SUmXTl6gWNeoP7WfLXKk8F
dzFdOKcEUhaRDcx+HnoQfaSFoYax+HTLaEz1MlTDILg0VOOrYyKCFlEGFdvBtGa5
4nAnt0HNetNmlh70Jce9cYoQ+ezBc1keNBq+gKiEpP7TMZQ/F3rcgo4Fsa6k8Q7E
Gmrtr7iMAxOOGfgVcDBoaYatUkL6TeZ03ZXmS7lmnB4yj1uBuc5m92n7R+LGjeEc
ALjCrBpkyftbh1e3+mrFSWmlQQkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQqR+/s
ImD2GOFopQGPHjbjFyhb+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBiNjkwZDAtYTM2Mi00NTQ3LWJmNTctZDE0ZjQ5ZjQwODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgE
MA0GCSqGSIb3DQEBCwUAA4IBAQBymA3iyguwSOopBLFgspOnPp3f56CvpfvZzSBF
33cdmdCA7jTu2Ew3JzVPyYwHI/x39uhP2tOEzHWwzQDVbnAqljbZe64MuW4Nbfyo
2dxlxcplR5/2EpfLdERrWhtSpj95ohHVRzj1agZl5szx9PIwk2Kc0IWT7HUPOSPE
83Qa09U/RVKi5ySdeaRV5uOFDqA48fPrl8hnT6yRYqUCiMYmUcCRRsoKGvZ4zW49
1f+8ORH6eZsCutHTLqmi9SAML5epfefxJx3h+dqoLs5wic8YeNimz2zHaVc70pAh
/u5+K3To+KXRWjZR6uZgFck0BdcXKBCustO9A/edExZ7jJb9
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:51 2026 by rpki-client