Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
File: 70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa (raw, json)
Hash identifier: uW7gK+lsMyLV8gndMres03tOoyEOlbWzBUHuEE1YsD4=
Subject key identifier: F3:7F:2D:1A:27:08:7D:06:50:B7:12:8A:44:AF:C9:BC:BF:F6:93:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 707DB6A1860F53B83213329B49D60F407B051A34
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
Signing time: Sat 28 Feb 2026 05:31:33 +0000
ROA not before: Sat 28 Feb 2026 05:31:33 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:7d:b6:a1:86:0f:53:b8:32:13:32:9b:49:d6:0f:40:7b:05:1a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:33 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=814ae74b965b250915ac0e8126bfaa01518bca2ac51198e0879949d8d0439eee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:74:d2:ce:bf:64:08:64:78:de:7e:6b:e9:00:
dc:c2:10:95:35:9d:4c:67:43:d9:80:f0:5d:5c:f0:
23:83:34:a9:99:35:eb:18:dc:1c:fa:b6:14:d2:2e:
49:97:8b:a4:1c:79:78:23:e7:f4:6e:89:b9:ef:f7:
4e:57:2c:11:6e:64:34:84:f6:0b:58:3c:87:28:72:
c2:03:6c:15:04:06:ee:4a:e3:70:4f:d1:00:f9:ef:
7b:8b:0a:62:af:01:23:43:a8:3d:ee:6c:f1:f4:1d:
d2:d8:94:6d:cb:c7:26:1d:ab:96:35:18:45:d9:ba:
d2:71:6d:bd:0f:a9:d8:c8:ca:2b:7e:be:f4:47:a9:
35:2e:a7:94:03:8d:20:e2:05:8f:00:59:84:14:ff:
32:6d:80:58:7c:22:cc:97:fe:f9:36:d4:30:c7:b5:
45:00:87:98:71:f2:13:d5:6d:97:e6:f2:43:50:64:
ed:41:05:ad:2d:32:56:71:f2:ef:7d:fb:11:08:73:
39:81:14:9f:24:c8:e1:3d:9b:64:61:30:97:58:d4:
bc:05:49:5d:b9:a5:dd:ce:8a:1c:5a:3d:de:24:44:
87:b0:26:5e:1b:31:af:4c:7e:b6:59:0e:d3:19:73:
9a:24:f0:92:b4:7f:4a:b0:b2:aa:80:01:16:f4:29:
06:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:7F:2D:1A:27:08:7D:06:50:B7:12:8A:44:AF:C9:BC:BF:F6:93:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:5000::/40
Signature Algorithm: sha256WithRSAEncryption
0e:cd:f5:e4:32:af:82:03:c3:37:1c:e3:f3:4a:82:a9:b5:fb:
fd:36:dd:57:91:ab:34:7b:e0:ba:b3:79:bd:6e:89:6c:84:36:
40:91:e0:42:c3:7d:ad:57:ae:85:f0:d4:18:8f:1b:46:8d:ea:
30:9b:14:be:f8:47:68:6c:e0:5c:48:8a:17:30:fa:12:28:4d:
fe:1b:78:1c:bb:8d:69:1e:6c:29:7a:16:7d:11:16:d1:5d:41:
59:bc:db:dd:7d:85:14:3b:c2:e2:d1:c0:f7:8c:21:25:f2:c2:
a7:45:0e:fc:90:02:64:49:7a:9d:6e:23:0b:e7:2f:37:7f:5f:
5c:21:f7:a2:f8:f0:1c:3d:4a:64:c5:ea:7a:98:3a:94:8a:21:
4d:20:c3:a4:25:21:87:1e:9b:51:88:70:6f:f5:6d:bf:e2:79:
f9:16:3f:b5:92:12:a8:a2:ff:e4:38:4a:f2:d2:17:b8:ec:69:
b7:2b:af:64:74:43:38:a9:b8:bd:52:f8:a0:7c:d4:ef:cc:58:
91:84:29:5c:89:6d:e1:c2:8a:7f:06:14:30:6b:f7:fa:a6:2b:
a1:6f:53:b2:b9:36:c8:1a:88:35:0f:2c:91:bc:a9:1d:0a:fc:
63:94:dd:3c:79:61:c5:ec:d4:8d:87:2b:a5:d7:2c:28:41:1d:
59:61:b1:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcH22oYYPU7gyEzKbSdYPQHsFGjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMzNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNGFlNzRiOTY1YjI1MDkxNWFjMGU4MTI2YmZhYTAxNTE4YmNhMmFjNTEx
OThlMDg3OTk0OWQ4ZDA0MzllZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJ00s6/ZAhkeN5+a+kA3MIQlTWdTGdD2YDwXVzwI4M0qZk16xjcHPq2FNIu
SZeLpBx5eCPn9G6Jue/3TlcsEW5kNIT2C1g8hyhywgNsFQQG7krjcE/RAPnve4sK
Yq8BI0OoPe5s8fQd0tiUbcvHJh2rljUYRdm60nFtvQ+p2MjKK36+9EepNS6nlAON
IOIFjwBZhBT/Mm2AWHwizJf++TbUMMe1RQCHmHHyE9Vtl+byQ1Bk7UEFrS0yVnHy
7337EQhzOYEUnyTI4T2bZGEwl1jUvAVJXbml3c6KHFo93iREh7AmXhsxr0x+tlkO
0xlzmiTwkrR/SrCyqoABFvQpBt0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzfy0a
Jwh9BlC3EopEr8m8v/aTdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzBkOWIzMmQtNmRiMy00OTcxLWJkYjQtZTVkZDI1MWY2NzA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAOzfXkMq+CA8M3HOPzSoKptfv9Nt1Xkas0e+C6
s3m9bolshDZAkeBCw32tV66F8NQYjxtGjeowmxS++EdobOBcSIoXMPoSKE3+G3gc
u41pHmwpehZ9ERbRXUFZvNvdfYUUO8Li0cD3jCEl8sKnRQ78kAJkSXqdbiML5y83
f19cIfei+PAcPUpkxep6mDqUiiFNIMOkJSGHHptRiHBv9W2/4nn5Fj+1khKoov/k
OEry0he47Gm3K69kdEM4qbi9UvigfNTvzFiRhClciW3hwop/BhQwa/f6piuhb1Oy
uTbIGog1DyyRvKkdCvxjlN08eWHF7NSNhyul1ywoQR1ZYbE8
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:11:07 2026 by rpki-client