Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
File: 70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa (raw, json)
Hash identifier: qnPoY/7leViOJ8Vox0Ahi5Zu/dg01X63c+BAZeboQbQ=
Subject key identifier: BA:7C:29:9E:39:33:4E:1D:51:39:D3:5F:93:A0:18:A9:40:75:8D:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29E2C4A59C63D35417ECA5273915933C030DCB61
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
Signing time: Sat 28 Feb 2026 06:00:38 +0000
ROA not before: Sat 28 Feb 2026 06:00:38 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:e2:c4:a5:9c:63:d3:54:17:ec:a5:27:39:15:93:3c:03:0d:cb:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:38 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=aea23a14c11529315167fd434f835111c593b2085c74a62348c8f0d438da8d68, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:af:82:00:f4:3b:12:ef:ea:82:ef:04:18:a6:
bb:8f:68:6f:0c:82:89:23:c5:27:b2:f4:4a:d9:a7:
15:af:00:1d:9e:ff:43:03:cb:5b:c8:11:f8:e8:c7:
10:12:a9:da:60:a6:63:0c:eb:7b:be:8a:9f:7a:9a:
9d:26:61:05:77:f7:4e:19:fc:0d:cc:2e:4a:51:87:
c1:82:77:75:9f:9b:7c:f3:d2:f8:d8:14:1f:67:5f:
86:e6:55:dc:29:58:88:c4:61:ea:1e:26:9e:a6:25:
39:cc:5b:ef:b3:79:77:4e:78:a5:11:f4:f7:ba:fb:
03:a2:c5:cb:60:69:ef:bb:1e:1c:f2:c5:4b:c5:dc:
fd:bc:b5:e2:12:a1:5a:33:e0:55:94:d6:4a:30:ca:
7e:21:b7:5c:9f:34:9a:db:90:ae:d1:ad:6d:08:31:
10:36:e4:1e:09:6f:b2:4e:7c:17:ff:98:de:dc:9e:
76:88:d1:ef:89:94:b0:05:7e:7e:7f:96:09:ca:f1:
36:bd:1f:dd:6f:8d:4e:17:5f:77:15:5a:17:83:90:
cf:1a:ac:2d:a4:67:23:eb:9d:87:be:e1:da:2f:4b:
68:41:da:3b:8b:62:da:2d:dc:89:5d:c7:d0:8e:73:
d5:ad:ed:24:03:83:18:f8:78:2b:cf:40:b2:80:2b:
55:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7C:29:9E:39:33:4E:1D:51:39:D3:5F:93:A0:18:A9:40:75:8D:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:e000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:82:3a:ff:3b:85:e2:d7:c6:01:e6:d2:0c:11:da:61:bd:7e:
43:24:4d:3b:2e:eb:bc:da:a7:78:b2:5c:5d:7b:0b:15:d4:a1:
8a:64:f0:26:c3:bc:ce:1b:d8:25:8c:71:39:29:51:0b:bf:65:
db:a9:ed:51:bd:a7:4f:56:37:81:45:f0:89:5e:2f:e1:83:9e:
15:d6:31:bf:eb:bc:db:c7:14:52:0e:78:63:0a:78:25:0a:50:
eb:8c:72:21:ba:1c:4a:77:fa:d7:50:a3:28:f7:db:e1:c0:cb:
80:42:cf:05:00:d6:ea:84:a2:1f:1e:07:97:b5:08:5f:7f:c1:
b6:bd:66:28:a6:42:4c:07:3a:5d:d2:4d:52:55:6d:aa:1d:ee:
2b:c2:be:22:41:94:a6:8e:8e:3e:c8:98:6a:3e:2a:96:db:20:
f6:21:97:d7:86:b6:51:b6:4c:82:b7:a1:87:0a:50:32:7e:b5:
95:73:03:06:67:00:1f:fd:48:7e:d3:79:6a:e0:0f:65:ca:0d:
a5:77:8c:89:4f:3d:ac:b1:2e:13:50:73:76:90:ea:18:5d:ed:
57:f1:6e:0c:22:d5:cd:00:c5:41:58:f8:39:65:c9:a8:a2:fc:
33:24:d0:ad:d7:4b:18:f3:44:03:13:85:32:27:29:6d:fa:a3:
56:5a:1f:ba
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKeLEpZxj01QX7KUnORWTPAMNy2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwMzhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlYTIzYTE0YzExNTI5MzE1MTY3ZmQ0MzRmODM1MTExYzU5M2IyMDg1Yzc0
YTYyMzQ4YzhmMGQ0MzhkYThkNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMivggD0OxLv6oLvBBimu49obwyCiSPFJ7L0StmnFa8AHZ7/QwPLW8gR+OjH
EBKp2mCmYwzre76Kn3qanSZhBXf3Thn8DcwuSlGHwYJ3dZ+bfPPS+NgUH2dfhuZV
3ClYiMRh6h4mnqYlOcxb77N5d054pRH097r7A6LFy2Bp77seHPLFS8Xc/by14hKh
WjPgVZTWSjDKfiG3XJ80mtuQrtGtbQgxEDbkHglvsk58F/+Y3tyedojR74mUsAV+
fn+WCcrxNr0f3W+NThdfdxVaF4OQzxqsLaRnI+udh77h2i9LaEHaO4ti2i3ciV3H
0I5z1a3tJAODGPh4K89AsoArVXkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6fCme
OTNOHVE501+ToBipQHWNbTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzBhMmJjNmYtYWUwZi00ZjEzLTk0OTktNzhjNTA1YTVmN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fjg
MA0GCSqGSIb3DQEBCwUAA4IBAQC7gjr/O4Xi18YB5tIMEdphvX5DJE07Luu82qd4
slxdewsV1KGKZPAmw7zOG9gljHE5KVELv2Xbqe1RvadPVjeBRfCJXi/hg54V1jG/
67zbxxRSDnhjCnglClDrjHIhuhxKd/rXUKMo99vhwMuAQs8FANbqhKIfHgeXtQhf
f8G2vWYopkJMBzpd0k1SVW2qHe4rwr4iQZSmjo4+yJhqPiqW2yD2IZfXhrZRtkyC
t6GHClAyfrWVcwMGZwAf/Uh+03lq4A9lyg2ld4yJTz2ssS4TUHN2kOoYXe1X8W4M
ItXNAMVBWPg5ZcmoovwzJNCt10sY80QDE4UyJylt+qNWWh+6
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:27:35 2026 by rpki-client