Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
File: 75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa (raw, json)
Hash identifier: ZEaWMuCgtd66gyYBMGxF/FUoZFop2sVRpBEfvzAYY8c=
Subject key identifier: 8B:D9:4C:F3:6D:8F:7A:D3:0E:F1:B3:57:BA:42:55:27:69:5B:C5:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FF9395F7240AFB2F6C35F804CBF3A5ACB5B20A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
Signing time: Sat 28 Feb 2026 05:20:24 +0000
ROA not before: Sat 28 Feb 2026 05:20:24 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:f9:39:5f:72:40:af:b2:f6:c3:5f:80:4c:bf:3a:5a:cb:5b:20:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:24 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=ec7fa8bddd329e117481470a31d17cedc9b3b9fe8e7582de608f5f97f99925cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7c:a2:13:79:7f:df:67:55:45:84:4f:ae:15:
6c:06:b9:48:52:56:89:a9:5f:bf:49:cb:9c:17:ae:
b3:e5:68:ce:13:6d:5d:0d:0b:40:90:a1:d6:e4:d7:
4e:f6:c8:78:64:9c:dc:e6:b4:08:5c:19:d6:71:8b:
dd:da:e5:c5:28:f5:e3:0d:50:39:f8:7a:1c:97:0a:
dc:0a:47:fa:0c:e4:d5:1a:73:87:ba:a6:78:e3:0c:
14:55:d5:e5:f0:3c:68:68:d9:28:68:8b:96:54:5d:
c1:55:84:3b:7a:87:5b:17:98:1c:28:ac:57:a1:78:
9e:1e:be:75:5f:45:57:72:e6:3a:dd:55:19:fa:84:
fc:96:ef:08:f9:a9:9e:a8:70:a7:34:58:54:5a:db:
42:6d:ea:76:18:8a:2e:64:18:98:90:54:3f:b9:dc:
e3:56:c1:83:3d:5e:26:d8:4c:cd:82:f8:22:23:b8:
4b:42:99:f3:11:37:64:ab:09:43:7c:26:b8:a6:a9:
10:93:64:24:e7:22:3c:78:86:05:e3:97:36:16:33:
de:ab:0e:6a:a5:70:a2:1a:10:54:8e:bb:6b:21:e2:
03:58:13:80:b7:63:53:1d:c1:08:0d:9a:9f:65:67:
2a:0f:15:03:b5:94:03:a4:7b:58:16:31:f7:ed:52:
18:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D9:4C:F3:6D:8F:7A:D3:0E:F1:B3:57:BA:42:55:27:69:5B:C5:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6040::/48
Signature Algorithm: sha256WithRSAEncryption
6e:b5:fe:12:ac:4f:0d:87:13:80:e8:69:6a:2f:16:84:f3:92:
8f:71:45:d8:cd:4d:fe:75:40:84:b4:cc:f7:e4:78:05:c5:6f:
4b:8c:96:00:3c:aa:00:69:38:1f:90:03:be:ed:bb:17:7a:2e:
21:42:48:61:c3:02:28:ce:e0:e7:a2:0e:4a:67:a8:cd:24:4c:
8a:c8:29:f6:4e:38:d0:b6:fe:38:c1:18:af:d6:b8:ee:9c:3e:
f7:4d:f7:8c:f9:43:53:a4:9f:25:7a:96:2d:f4:a1:74:aa:fb:
e8:e7:10:1d:bd:00:2a:54:9b:f6:5f:b7:8c:9a:65:f5:90:6d:
b8:2f:f6:0f:ce:f4:e2:68:c4:32:c7:cb:c5:f0:51:83:d7:b5:
cd:f6:e3:28:cd:65:42:f7:40:a0:e6:b6:85:f0:a8:5b:3d:f2:
12:9d:a7:39:2c:54:ea:16:15:29:f6:ad:cd:77:84:c8:6d:22:
8b:12:1b:02:2d:22:d8:1a:3d:ef:06:9e:1f:9c:1e:10:ba:10:
28:7d:6e:ee:0b:3b:5e:40:3c:f7:2d:40:63:78:4b:dc:ce:23:
e1:67:71:6f:c4:75:27:aa:ac:4a:d0:cf:b0:86:f9:bd:c6:fb:
64:22:ee:88:b5:82:92:ad:13:8e:76:ce:20:fa:24:b2:2c:ca:
f0:c5:bb:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP/k5X3JAr7L2w1+ATL86WstbIKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMjRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjN2ZhOGJkZGQzMjllMTE3NDgxNDcwYTMxZDE3Y2VkYzliM2I5ZmU4ZTc1
ODJkZTYwOGY1Zjk3Zjk5OTI1Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOV8ohN5f99nVUWET64VbAa5SFJWialfv0nLnBeus+VozhNtXQ0LQJCh1uTX
TvbIeGSc3Oa0CFwZ1nGL3drlxSj14w1QOfh6HJcK3ApH+gzk1Rpzh7qmeOMMFFXV
5fA8aGjZKGiLllRdwVWEO3qHWxeYHCisV6F4nh6+dV9FV3LmOt1VGfqE/JbvCPmp
nqhwpzRYVFrbQm3qdhiKLmQYmJBUP7nc41bBgz1eJthMzYL4IiO4S0KZ8xE3ZKsJ
Q3wmuKapEJNkJOciPHiGBeOXNhYz3qsOaqVwohoQVI67ayHiA1gTgLdjUx3BCA2a
n2VnKg8VA7WUA6R7WBYx9+1SGL8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSL2Uzz
bY960w7xs1e6QlUnaVvFujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzVkMGI1ZDktMjQ3Ny00ZDM4LWFiN2EtMGM2MGEzM2Q4MjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
QDANBgkqhkiG9w0BAQsFAAOCAQEAbrX+EqxPDYcTgOhpai8WhPOSj3FF2M1N/nVA
hLTM9+R4BcVvS4yWADyqAGk4H5ADvu27F3ouIUJIYcMCKM7g56IOSmeozSRMisgp
9k440Lb+OMEYr9a47pw+9033jPlDU6SfJXqWLfShdKr76OcQHb0AKlSb9l+3jJpl
9ZBtuC/2D8704mjEMsfLxfBRg9e1zfbjKM1lQvdAoOa2hfCoWz3yEp2nOSxU6hYV
KfatzXeEyG0iixIbAi0i2Bo97waeH5weELoQKH1u7gs7XkA89y1AY3hL3M4j4Wdx
b8R1J6qsStDPsIb5vcb7ZCLuiLWCkq0TjnbOIPoksizK8MW79g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:26 2026 by rpki-client