Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
File: 7665346b-5715-4d4a-9ee7-32affc669e92.roa (raw, json)
Hash identifier: CotRmlLKj462V2TATgOHL3nAF97F6udrgTjylHF36RY=
Subject key identifier: F9:0E:B9:81:C5:FE:EB:E3:FF:26:99:6C:54:70:1B:5E:8B:3A:86:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57447E20B02C566513137361D0200C8D25D3FC59
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
Signing time: Sat 28 Feb 2026 05:10:33 +0000
ROA not before: Sat 28 Feb 2026 05:10:33 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:44:7e:20:b0:2c:56:65:13:13:73:61:d0:20:0c:8d:25:d3:fc:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:33 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=108ed7ab4d73b56e28b5c30d31cb13a22895f606d0312d2347b2b411e2224330, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:48:50:5c:63:1a:4c:45:da:47:63:00:d9:a9:
27:a7:eb:b6:3e:fd:45:38:c1:2f:82:1f:1e:87:82:
92:14:d5:37:f6:71:b8:86:b1:6e:e4:a3:1b:8a:a0:
1b:0c:4b:b1:8a:ff:b5:a8:0f:1f:cf:eb:ec:0b:26:
8c:88:74:14:9d:60:9c:4b:70:3e:0c:c6:d1:10:8a:
16:63:d2:07:69:35:ba:34:fe:d4:f4:bb:2f:20:4c:
ca:ec:f8:6c:11:86:ec:da:31:7d:cd:d5:09:68:52:
eb:19:d4:fc:b5:6a:68:88:b3:bd:20:b7:68:33:49:
bf:c2:c2:d3:d9:73:eb:15:16:e9:3e:03:9a:ab:98:
f6:81:ce:85:5b:39:16:bd:ea:ff:97:3d:f8:f9:cc:
f2:41:2a:c9:4f:87:87:55:d1:52:da:9b:1b:a6:6b:
20:60:e7:ca:86:2a:dc:b4:54:31:38:fc:46:d8:6f:
00:54:c5:bc:7e:de:ac:ad:99:9d:a0:2f:1f:4f:02:
6a:b9:26:b9:97:b7:37:e7:5c:d8:44:cc:6b:68:e5:
9e:f9:6c:94:0a:72:bf:7f:71:78:f2:c9:be:24:b0:
1c:73:b6:44:87:08:75:c9:fa:44:67:0d:ea:7c:b3:
83:6d:92:9b:bb:8d:b3:2b:60:1f:99:81:a3:da:f3:
53:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:0E:B9:81:C5:FE:EB:E3:FF:26:99:6C:54:70:1B:5E:8B:3A:86:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2040::/48
Signature Algorithm: sha256WithRSAEncryption
c2:22:4b:33:72:ad:21:4a:39:85:65:80:96:f2:14:4b:9f:7e:
5c:d6:07:5c:eb:63:53:8b:25:71:9a:69:02:1f:3f:1a:8b:0f:
b9:68:90:41:a4:ba:f6:16:12:d6:49:90:9c:db:e8:a4:9b:8b:
52:76:1c:72:e7:72:54:14:08:d0:90:56:86:a8:6e:7d:36:26:
8c:f7:c1:ab:b5:cc:b2:a0:35:35:a3:a0:46:43:a1:54:76:df:
13:64:fa:93:13:c0:0a:03:75:a9:24:1d:6c:3b:66:92:78:a6:
34:4c:97:5c:36:7f:78:b8:08:49:fd:ea:2d:64:26:ab:e1:56:
36:a1:67:27:4d:d5:27:e7:b6:1f:69:3f:f7:17:ea:f6:be:d2:
f0:bb:e1:ff:dc:90:fc:ee:ff:40:25:b2:f8:e4:d4:8b:d5:16:
ec:96:1b:8e:82:58:55:cd:6e:57:8e:4f:13:a6:9c:0a:96:61:
1a:7d:b6:c8:9f:32:63:30:ad:8b:6a:8f:e0:f3:d1:a6:78:06:
98:c5:a8:a7:23:65:df:1a:c0:01:cb:f4:2c:94:b7:3e:ba:8d:
d1:b8:c8:58:6d:37:f7:c7:b1:2a:a2:74:c5:d1:75:4c:7c:38:
9b:69:43:81:95:41:99:4b:2d:4c:5b:ea:84:d7:3a:3b:69:e1:
d8:75:77:ce
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUV0R+ILAsVmUTE3Nh0CAMjSXT/FkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMzNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwOGVkN2FiNGQ3M2I1NmUyOGI1YzMwZDMxY2IxM2EyMjg5NWY2MDZkMDMx
MmQyMzQ3YjJiNDExZTIyMjQzMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPxIUFxjGkxF2kdjANmpJ6frtj79RTjBL4IfHoeCkhTVN/ZxuIaxbuSjG4qg
GwxLsYr/tagPH8/r7AsmjIh0FJ1gnEtwPgzG0RCKFmPSB2k1ujT+1PS7LyBMyuz4
bBGG7Noxfc3VCWhS6xnU/LVqaIizvSC3aDNJv8LC09lz6xUW6T4DmquY9oHOhVs5
Fr3q/5c9+PnM8kEqyU+Hh1XRUtqbG6ZrIGDnyoYq3LRUMTj8RthvAFTFvH7erK2Z
naAvH08CarkmuZe3N+dc2ETMa2jlnvlslApyv39xePLJviSwHHO2RIcIdcn6RGcN
6nyzg22Sm7uNsytgH5mBo9rzUwMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT5DrmB
xf7r4/8mmWxUcBteizqGvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY2NTM0NmItNTcxNS00ZDRhLTllZTctMzJhZmZjNjY5ZTkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
QDANBgkqhkiG9w0BAQsFAAOCAQEAwiJLM3KtIUo5hWWAlvIUS59+XNYHXOtjU4sl
cZppAh8/GosPuWiQQaS69hYS1kmQnNvopJuLUnYccudyVBQI0JBWhqhufTYmjPfB
q7XMsqA1NaOgRkOhVHbfE2T6kxPACgN1qSQdbDtmknimNEyXXDZ/eLgISf3qLWQm
q+FWNqFnJ03VJ+e2H2k/9xfq9r7S8Lvh/9yQ/O7/QCWy+OTUi9UW7JYbjoJYVc1u
V45PE6acCpZhGn22yJ8yYzCti2qP4PPRpngGmMWopyNl3xrAAcv0LJS3PrqN0bjI
WG0398exKqJ0xdF1THw4m2lDgZVBmUstTFvqhNc6O2nh2HV3zg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:56 2026 by rpki-client