Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
File: 655038e8-ae62-4d89-86ef-c5f745dc0c17.roa (raw, json)
Hash identifier: Tb8oUbFBGwt49ScKfb/7JSWolZnnHK3LbY9xfvgVvbo=
Subject key identifier: 92:0A:79:DA:6E:37:06:BA:40:C5:85:B9:9A:BC:A6:48:5D:77:76:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D429D316600EC26A0B74F9B823536D9B99774FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
Signing time: Thu 26 Feb 2026 02:10:10 +0000
ROA not before: Thu 26 Feb 2026 02:10:10 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:42:9d:31:66:00:ec:26:a0:b7:4f:9b:82:35:36:d9:b9:97:74:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:10:10 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=15265526c31a258d95fc2e07c70645ca4d330cb543b6feda44e5fb19d5ddc62b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4b:8d:a8:6e:8f:c3:06:ca:87:fa:c1:ee:f5:
64:37:5c:dd:b0:ca:97:29:99:74:2c:56:5b:d5:d5:
33:e5:b0:0c:88:02:80:14:e7:9d:ee:ea:8a:ea:df:
6d:c4:ac:d2:00:af:77:9b:d2:61:b8:00:cf:50:c3:
e1:36:16:8b:9c:c6:7c:c0:c8:eb:fa:71:e4:a1:7d:
11:ec:ff:b0:88:5d:1c:09:93:bc:ac:81:7e:53:ee:
53:22:ac:fc:53:11:aa:e7:60:da:7f:b0:14:c9:7d:
07:92:5b:49:5a:b8:a5:39:4d:31:5d:cd:11:07:41:
42:f9:15:eb:6e:40:98:7b:de:b6:b5:76:12:1f:31:
fb:b9:a4:02:96:bf:4e:53:41:f3:26:4d:36:e6:7c:
09:f0:cd:c0:c0:25:0c:80:d0:09:5b:e0:40:0d:38:
57:fd:aa:05:77:7f:b9:9d:58:4d:58:27:44:84:81:
3c:63:38:2d:1a:31:fc:87:08:cd:b6:2c:0c:2e:61:
43:3c:82:5e:33:62:07:77:c9:8b:fb:1f:a6:a0:6c:
ba:3e:c5:dd:7b:c6:e9:e9:82:77:97:23:c5:ac:76:
dd:53:e4:73:cd:a3:22:1b:94:72:1e:01:eb:6c:8d:
49:5b:33:43:54:82:ee:61:66:6b:72:9e:30:db:36:
f8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0A:79:DA:6E:37:06:BA:40:C5:85:B9:9A:BC:A6:48:5D:77:76:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:840::/48
Signature Algorithm: sha256WithRSAEncryption
77:d5:bc:6b:e6:49:68:c7:5c:46:16:61:ee:8d:96:2e:07:e6:
fa:b4:29:f8:04:b7:75:58:b0:82:72:a1:90:d9:73:95:e9:f9:
6c:3c:b1:a9:2a:89:34:8f:40:c1:b7:69:c7:d2:88:52:f1:ee:
67:5e:9f:3b:50:da:f2:ca:28:10:14:94:36:4f:29:df:cc:f1:
1f:63:00:d8:31:aa:03:3a:58:81:37:0f:ab:c7:14:f0:9c:5e:
5a:05:14:b9:ad:44:98:80:6c:9c:cd:c0:d8:c1:3d:48:bc:39:
6c:7e:ac:b5:fb:1e:60:0b:8b:9a:af:ab:7a:8d:39:ec:14:d8:
39:cf:5e:63:a0:0c:e3:1a:47:30:cf:25:ac:79:43:25:34:6b:
bf:a7:6f:70:94:1f:78:96:94:cc:3b:64:b8:ce:ce:cb:d7:20:
ee:27:2a:83:73:9b:51:1b:12:a5:26:f9:15:64:d9:1e:4a:91:
ff:9c:42:20:fb:f0:0a:d9:2e:4b:13:6f:d1:cf:65:69:62:a9:
11:c9:ce:93:f5:56:b4:2e:1e:8c:fc:ad:68:ca:2e:ea:29:29:
da:c5:88:ce:26:61:01:b1:b3:b8:e9:11:8e:60:b3:fa:fb:78:
af:41:c9:06:e4:5a:e6:bd:20:b9:16:80:1d:91:58:4a:b3:ff:
75:93:21:5d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTUKdMWYA7Cagt0+bgjU22bmXdP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjEwMTBaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1MjY1NTI2YzMxYTI1OGQ5NWZjMmUwN2M3MDY0NWNhNGQzMzBjYjU0M2I2
ZmVkYTQ0ZTVmYjE5ZDVkZGM2MmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdLjahuj8MGyof6we71ZDdc3bDKlymZdCxWW9XVM+WwDIgCgBTnne7qiurf
bcSs0gCvd5vSYbgAz1DD4TYWi5zGfMDI6/px5KF9Eez/sIhdHAmTvKyBflPuUyKs
/FMRqudg2n+wFMl9B5JbSVq4pTlNMV3NEQdBQvkV625AmHvetrV2Eh8x+7mkApa/
TlNB8yZNNuZ8CfDNwMAlDIDQCVvgQA04V/2qBXd/uZ1YTVgnRISBPGM4LRox/IcI
zbYsDC5hQzyCXjNiB3fJi/sfpqBsuj7F3XvG6emCd5cjxax23VPkc82jIhuUch4B
62yNSVszQ1SC7mFma3KeMNs2+JECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSSCnna
bjcGukDFhbmavKZIXXd2LjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjU1MDM4ZTgtYWU2Mi00ZDg5LTg2ZWYtYzVmNzQ1ZGMwYzE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
QDANBgkqhkiG9w0BAQsFAAOCAQEAd9W8a+ZJaMdcRhZh7o2WLgfm+rQp+AS3dViw
gnKhkNlzlen5bDyxqSqJNI9Awbdpx9KIUvHuZ16fO1Da8sooEBSUNk8p38zxH2MA
2DGqAzpYgTcPq8cU8JxeWgUUua1EmIBsnM3A2ME9SLw5bH6stfseYAuLmq+reo05
7BTYOc9eY6AM4xpHMM8lrHlDJTRrv6dvcJQfeJaUzDtkuM7Oy9cg7icqg3ObURsS
pSb5FWTZHkqR/5xCIPvwCtkuSxNv0c9laWKpEcnOk/VWtC4ejPytaMou6ikp2sWI
ziZhAbGzuOkRjmCz+vt4r0HJBuRa5r0guRaAHZFYSrP/dZMhXQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:04 2026 by rpki-client