Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json)
Hash identifier: /E8WnXe3jglrAcFSLZuEmkoMOW31MLUkFyqFHS/iuLw=
Subject key identifier: A7:02:B2:DD:44:DF:1A:1C:69:BA:9A:5C:72:24:FF:AE:9B:20:E7:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44882FE7C8DCF7A8321236A36B147646ADD0ABCF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
Signing time: Sat 28 Feb 2026 06:00:06 +0000
ROA not before: Sat 28 Feb 2026 06:00:06 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:88:2f:e7:c8:dc:f7:a8:32:12:36:a3:6b:14:76:46:ad:d0:ab:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:06 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c87888df40f131ba98e4c96d082a3a9caea0c1ed3a4d928dc59f33845a0da7ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ad:ca:3f:fd:26:52:fc:3b:fb:2d:8a:77:e0:
5e:f7:0c:14:4a:9b:6c:af:8c:41:19:cf:d5:fb:63:
84:4a:a3:08:1c:10:ce:9f:bc:e1:0d:ff:eb:35:8e:
45:35:ff:dd:ea:be:6b:69:3e:6d:58:02:eb:1f:4d:
3f:9b:b7:30:6b:ab:ec:79:be:d9:15:14:b0:77:27:
66:6a:3e:31:99:8b:ef:db:8d:4e:a9:69:da:63:9c:
67:60:47:a6:6a:46:ec:ba:17:7b:fb:b3:90:35:6a:
5d:c5:a1:d2:be:72:a3:41:b5:41:cd:e8:3d:66:68:
94:db:36:77:82:a2:06:94:58:63:92:e7:b0:1a:12:
a4:8e:eb:0c:05:25:e6:fa:70:32:fe:56:49:c1:4d:
61:04:1a:da:f2:32:1e:46:55:05:c6:23:d3:13:02:
e9:dd:6a:ab:0d:09:aa:26:4c:fe:83:66:03:11:bd:
02:13:3a:79:48:8b:4d:43:cc:23:82:23:aa:cc:e5:
6b:69:03:c6:07:f3:03:d8:73:0b:76:4e:cf:09:9c:
5a:77:64:ae:87:a5:58:dc:39:5e:b2:fc:a7:48:46:
e7:05:2c:fe:80:b1:2a:e6:02:07:e7:09:64:50:39:
06:6b:96:ab:d9:a5:85:af:fb:74:bc:be:1b:b6:46:
b5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:02:B2:DD:44:DF:1A:1C:69:BA:9A:5C:72:24:FF:AE:9B:20:E7:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
5f:d1:e3:d0:a8:e9:c2:36:ce:72:3c:43:82:6a:f4:97:b5:bc:
5a:a8:c4:61:bc:c7:0c:58:20:b7:7c:0a:09:3e:67:78:22:cc:
8a:19:ac:0f:ea:1d:ff:1f:ae:11:21:5f:e6:92:bf:12:2f:98:
fb:40:82:b7:c2:c8:36:a4:05:b6:14:6f:8d:8a:20:d3:42:06:
eb:c6:d0:09:0e:3e:78:c4:54:57:65:17:e5:e7:f1:36:25:53:
71:c7:6a:35:ba:d3:e5:5b:1f:cb:2a:3d:75:42:f8:d1:ed:95:
14:1d:c4:43:e0:c2:87:ce:a2:9a:6f:9e:81:cd:fc:61:75:df:
2e:5b:87:7e:43:d0:5b:56:7e:0c:26:98:4a:d1:88:cd:fe:4c:
70:c3:71:64:f1:b0:05:67:cf:71:d4:32:0b:cb:a2:01:0e:ed:
64:84:38:d6:cd:46:e7:f1:56:47:dd:c2:ad:12:e2:30:76:7f:
5d:2c:a0:ef:18:db:20:7e:9f:23:00:10:05:11:bd:82:c2:30:
dd:db:97:d3:ec:14:ad:6b:60:10:df:dd:15:0d:05:73:af:28:
42:b5:a2:a8:95:42:f2:3d:b7:37:83:d7:18:d2:73:a6:cb:40:
f3:b0:ea:07:7d:bf:61:aa:39:fa:de:21:58:9d:49:17:09:e1:
0e:6e:6e:e6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURIgv58jc96gyEjajaxR2Rq3Qq88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwMDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4Nzg4OGRmNDBmMTMxYmE5OGU0Yzk2ZDA4MmEzYTljYWVhMGMxZWQzYTRk
OTI4ZGM1OWYzMzg0NWEwZGE3YWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+tyj/9JlL8O/stinfgXvcMFEqbbK+MQRnP1ftjhEqjCBwQzp+84Q3/6zWO
RTX/3eq+a2k+bVgC6x9NP5u3MGur7Hm+2RUUsHcnZmo+MZmL79uNTqlp2mOcZ2BH
pmpG7LoXe/uzkDVqXcWh0r5yo0G1Qc3oPWZolNs2d4KiBpRYY5LnsBoSpI7rDAUl
5vpwMv5WScFNYQQa2vIyHkZVBcYj0xMC6d1qqw0JqiZM/oNmAxG9AhM6eUiLTUPM
I4Ijqszla2kDxgfzA9hzC3ZOzwmcWndkroelWNw5XrL8p0hG5wUs/oCxKuYCB+cJ
ZFA5BmuWq9mlha/7dLy+G7ZGtecCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSnArLd
RN8aHGm6mlxyJP+umyDntjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
wDANBgkqhkiG9w0BAQsFAAOCAQEAX9Hj0KjpwjbOcjxDgmr0l7W8WqjEYbzHDFgg
t3wKCT5neCLMihmsD+od/x+uESFf5pK/Ei+Y+0CCt8LINqQFthRvjYog00IG68bQ
CQ4+eMRUV2UX5efxNiVTccdqNbrT5Vsfyyo9dUL40e2VFB3EQ+DCh86imm+egc38
YXXfLluHfkPQW1Z+DCaYStGIzf5McMNxZPGwBWfPcdQyC8uiAQ7tZIQ41s1G5/FW
R93CrRLiMHZ/XSyg7xjbIH6fIwAQBRG9gsIw3duX0+wUrWtgEN/dFQ0Fc68oQrWi
qJVC8j23N4PXGNJzpstA87DqB32/Yao5+t4hWJ1JFwnhDm5u5g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:47:12 2026 by rpki-client