Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/715ce244-d76a-4faa-8b30-81259801a7e8.roa
File: 715ce244-d76a-4faa-8b30-81259801a7e8.roa (raw, json)
Hash identifier: h2soffP++JV4SwvZ5Bv4xRMtx/P6I0sKZPk/gpuK+rU=
Subject key identifier: 12:01:BA:67:37:EA:BC:8E:3C:07:8B:5B:8F:4D:72:CD:66:92:28:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 277EBB5AE2B81DCD29DBC24D769431B9E87DBA00
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/715ce244-d76a-4faa-8b30-81259801a7e8.roa
Signing time: Tue 17 Feb 2026 03:00:31 +0000
ROA not before: Tue 17 Feb 2026 03:00:31 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:7e:bb:5a:e2:b8:1d:cd:29:db:c2:4d:76:94:31:b9:e8:7d:ba:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:31 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=00c11f256e3f3c4f71da4d8f9ccea329b9706dd334d65f55196d2fcc0e7a2ee9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:10:0b:76:b4:72:ce:cb:99:a3:20:cf:95:cf:
05:23:51:c5:b4:c6:e0:4a:8a:49:39:13:96:d6:04:
43:76:d7:7a:0b:47:9f:c3:51:1c:00:5b:e5:1a:02:
df:7e:ed:20:1f:2e:6a:8f:17:4a:6f:e0:5b:42:62:
ac:b7:f8:05:fb:98:4a:f0:ca:64:08:ae:9f:92:64:
05:04:97:56:25:54:ec:01:c7:dd:a4:fa:ca:a9:ea:
a5:54:da:93:b7:88:0e:29:c4:ce:98:d6:3c:2d:07:
f4:f0:a5:f4:b4:bc:62:41:6f:19:76:a3:55:b7:08:
e1:62:73:b7:08:aa:b1:d3:78:95:14:5c:1b:43:5b:
af:78:84:9f:dd:47:42:36:04:64:16:f0:c8:af:0b:
53:49:e8:de:0c:6e:41:29:22:2c:89:0d:ca:2a:96:
89:39:38:c7:ee:0a:1c:78:3a:0f:0a:fd:68:b8:9d:
f6:8f:0b:e2:ff:ad:fb:b7:09:82:22:5b:f0:e1:4c:
0b:01:f8:41:30:64:b2:da:65:1a:1b:15:cc:27:b9:
3c:80:ad:f5:4b:2d:dd:ee:fc:42:d9:cc:24:44:35:
58:38:57:32:18:c2:70:ab:f5:81:51:5b:9c:0d:a8:
30:04:61:4a:87:64:a7:33:e5:13:55:28:67:25:d6:
00:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:01:BA:67:37:EA:BC:8E:3C:07:8B:5B:8F:4D:72:CD:66:92:28:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/715ce244-d76a-4faa-8b30-81259801a7e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:6000::/40
Signature Algorithm: sha256WithRSAEncryption
62:be:e3:d6:00:bc:50:b2:05:4c:f1:c4:04:99:4d:eb:90:5a:
d3:c9:19:18:1a:2d:7a:f5:7a:48:23:21:6d:7e:0d:3b:cd:51:
81:f6:0c:a3:4c:a7:e3:95:57:5c:67:75:09:40:e1:7e:94:9e:
2c:52:d3:72:1e:6b:19:b6:47:34:89:08:83:ab:35:fd:98:85:
bc:3a:ce:78:53:ee:8e:36:66:07:42:27:60:23:ea:c3:01:60:
9c:83:8d:d1:e9:c5:e8:4b:28:bb:13:f6:05:49:de:74:01:13:
17:5c:f6:45:85:41:87:09:60:3c:e9:95:fd:d6:2e:5b:80:a2:
3d:3d:3a:bf:71:f0:92:cc:54:fd:97:5b:67:17:f1:f3:79:ff:
b0:d5:0d:32:bb:29:0a:ca:3d:1d:a6:d0:50:b3:fa:a7:97:1f:
4b:07:02:74:ed:51:eb:ff:ef:1f:a7:c9:9b:9f:5d:6d:d5:61:
33:4d:12:d3:dd:b2:ee:90:51:ab:3e:76:d3:eb:e6:35:06:7e:
d8:b1:b5:b5:fa:1d:c7:c9:bd:4b:73:83:fa:a0:bb:00:dd:64:
bc:f5:4b:77:3a:7f:22:23:b1:89:6a:e3:fe:d0:5d:74:3b:ee:
87:77:2f:16:76:60:d8:8d:b4:7b:c1:96:84:65:22:47:f8:09:
07:9e:d9:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ367WuK4Hc0p28JNdpQxueh9ugAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMzFaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwYzExZjI1NmUzZjNjNGY3MWRhNGQ4ZjljY2VhMzI5Yjk3MDZkZDMzNGQ2
NWY1NTE5NmQyZmNjMGU3YTJlZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIkQC3a0cs7LmaMgz5XPBSNRxbTG4EqKSTkTltYEQ3bXegtHn8NRHABb5RoC
337tIB8uao8XSm/gW0JirLf4BfuYSvDKZAiun5JkBQSXViVU7AHH3aT6yqnqpVTa
k7eIDinEzpjWPC0H9PCl9LS8YkFvGXajVbcI4WJztwiqsdN4lRRcG0Nbr3iEn91H
QjYEZBbwyK8LU0no3gxuQSkiLIkNyiqWiTk4x+4KHHg6Dwr9aLid9o8L4v+t+7cJ
giJb8OFMCwH4QTBkstplGhsVzCe5PICt9Ust3e78QtnMJEQ1WDhXMhjCcKv1gVFb
nA2oMARhSodkpzPlE1UoZyXWANcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSAbpn
N+q8jjwHi1uPTXLNZpIojzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzE1Y2UyNDQtZDc2YS00ZmFhLThiMzAtODEyNTk4MDFhN2U4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Flg
MA0GCSqGSIb3DQEBCwUAA4IBAQBivuPWALxQsgVM8cQEmU3rkFrTyRkYGi169XpI
IyFtfg07zVGB9gyjTKfjlVdcZ3UJQOF+lJ4sUtNyHmsZtkc0iQiDqzX9mIW8Os54
U+6ONmYHQidgI+rDAWCcg43R6cXoSyi7E/YFSd50ARMXXPZFhUGHCWA86ZX91i5b
gKI9PTq/cfCSzFT9l1tnF/Hzef+w1Q0yuykKyj0dptBQs/qnlx9LBwJ07VHr/+8f
p8mbn11t1WEzTRLT3bLukFGrPnbT6+Y1Bn7YsbW1+h3Hyb1Lc4P6oLsA3WS89Ut3
On8iI7GJauP+0F10O+6Hdy8WdmDYjbR7wZaEZSJH+AkHntnD
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:27:36 2026 by rpki-client