Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
File: 68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa (raw, json)
Hash identifier: E8XPjA/j82xIFZrV18SvPOSQtHn1Vo1r20T/KJdieVI=
Subject key identifier: C1:9B:E7:75:B0:68:4F:76:F0:68:07:7C:35:CA:98:A7:47:C4:CC:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 690E46692E26F0CE5E382C544CDE5012B8A3A139
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
Signing time: Sat 28 Feb 2026 05:50:08 +0000
ROA not before: Sat 28 Feb 2026 05:50:08 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:0e:46:69:2e:26:f0:ce:5e:38:2c:54:4c:de:50:12:b8:a3:a1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:08 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f73c97300398a2ad2bd44dc938bcd8b3d40e7206e33ab011e9dc82b612521994, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7b:38:23:3a:c2:ad:15:b8:6e:52:e8:95:f9:
8c:69:7c:1a:ae:c6:89:17:c7:38:99:63:79:8a:13:
51:3c:bc:ce:77:4f:7d:14:03:a9:48:d9:16:aa:17:
a8:ec:be:5f:e4:8c:b6:78:1f:5a:27:5b:6f:18:89:
43:1b:ba:72:27:c6:7c:3e:70:0a:4a:ea:aa:5f:f3:
d8:22:a5:f6:68:fe:76:6f:ee:f0:49:2c:72:5d:bd:
59:27:79:3c:28:3e:0c:65:3e:0f:34:5d:91:a5:47:
94:6d:c5:06:83:13:e9:24:89:c4:97:c1:ca:49:44:
52:8b:1f:26:2e:8b:0a:fc:69:8a:cd:2a:1b:25:da:
6a:49:9c:fc:81:77:7c:14:58:39:2e:1d:18:20:78:
fd:c5:60:0a:b1:9d:ee:53:4a:ff:69:d3:ba:dc:52:
59:89:1e:21:d8:68:06:56:82:1f:15:e6:69:c7:44:
9c:dc:7c:67:67:23:64:6d:80:c8:41:d3:e5:02:8d:
36:2f:51:35:bd:27:b2:2f:6d:53:fc:4b:9d:92:5b:
39:56:2a:f7:07:ef:e1:b0:66:a8:f9:5e:7d:b5:e2:
67:30:45:b9:6f:e5:62:f1:c3:ba:a9:69:fa:8f:81:
82:08:65:56:28:13:89:2d:7c:bf:df:54:21:3a:87:
45:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9B:E7:75:B0:68:4F:76:F0:68:07:7C:35:CA:98:A7:47:C4:CC:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:a000::/40
Signature Algorithm: sha256WithRSAEncryption
b5:64:2d:ad:33:2f:19:f5:34:da:fe:89:af:10:47:9b:dc:a4:
84:05:0d:d8:98:3e:d7:59:91:54:5a:ea:7d:89:de:df:b3:f3:
cb:ce:13:f2:25:cb:1f:4f:dc:35:58:6c:f0:40:50:9c:98:5b:
70:fc:3f:27:14:3f:f6:12:57:1b:3b:89:8c:54:15:65:17:87:
d7:1a:b1:e9:ca:66:4d:f2:2c:c8:08:ed:70:5b:86:13:af:52:
89:aa:dd:b0:82:96:fb:65:1b:a0:ea:e9:16:80:57:d3:93:89:
49:41:79:e1:e3:46:6f:24:d2:f6:11:23:a6:70:26:51:0c:47:
63:43:c6:ed:77:22:dd:96:30:77:fa:e8:49:0c:fe:a5:a4:ae:
9c:4e:c2:47:22:6e:70:5b:fb:85:66:91:81:4d:e1:5c:85:45:
47:99:4f:86:98:51:89:ce:9d:44:5a:6a:b6:34:5b:75:c4:f6:
26:be:b2:ba:00:01:b3:16:48:c9:1f:f4:b9:41:87:98:82:71:
f8:a5:7f:3a:ac:4e:6a:2c:3c:db:53:9d:c1:ab:1b:4b:d7:50:
11:94:de:05:00:5b:fd:ce:c0:07:98:7c:bc:97:52:49:e0:c2:
6d:2f:83:e5:25:d8:a1:39:c6:99:a9:3f:23:8e:a8:c4:37:fb:
d3:67:a9:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaQ5GaS4m8M5eOCxUTN5QErijoTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwMDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3M2M5NzMwMDM5OGEyYWQyYmQ0NGRjOTM4YmNkOGIzZDQwZTcyMDZlMzNh
YjAxMWU5ZGM4MmI2MTI1MjE5OTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJ7OCM6wq0VuG5S6JX5jGl8Gq7GiRfHOJljeYoTUTy8zndPfRQDqUjZFqoX
qOy+X+SMtngfWidbbxiJQxu6cifGfD5wCkrqql/z2CKl9mj+dm/u8Ekscl29WSd5
PCg+DGU+DzRdkaVHlG3FBoMT6SSJxJfByklEUosfJi6LCvxpis0qGyXaakmc/IF3
fBRYOS4dGCB4/cVgCrGd7lNK/2nTutxSWYkeIdhoBlaCHxXmacdEnNx8Z2cjZG2A
yEHT5QKNNi9RNb0nsi9tU/xLnZJbOVYq9wfv4bBmqPlefbXiZzBFuW/lYvHDuqlp
+o+BgghlVigTiS18v99UITqHRfcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTBm+d1
sGhPdvBoB3w1ypinR8TMWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhkNWQ5MzQtZmVkNi00OWE1LWFlMDMtYTI4YTU4NmU5YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fig
MA0GCSqGSIb3DQEBCwUAA4IBAQC1ZC2tMy8Z9TTa/omvEEeb3KSEBQ3YmD7XWZFU
Wup9id7fs/PLzhPyJcsfT9w1WGzwQFCcmFtw/D8nFD/2ElcbO4mMVBVlF4fXGrHp
ymZN8izICO1wW4YTr1KJqt2wgpb7ZRug6ukWgFfTk4lJQXnh40ZvJNL2ESOmcCZR
DEdjQ8btdyLdljB3+uhJDP6lpK6cTsJHIm5wW/uFZpGBTeFchUVHmU+GmFGJzp1E
Wmq2NFt1xPYmvrK6AAGzFkjJH/S5QYeYgnH4pX86rE5qLDzbU53BqxtL11ARlN4F
AFv9zsAHmHy8l1JJ4MJtL4PlJdihOcaZqT8jjqjEN/vTZ6nK
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:25:33 2026 by rpki-client