Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
File: 79440387-66a3-4852-a94b-8a3250f20726.roa (raw, json)
Hash identifier: sEcRJcdUyImEbhAJ04VvcmG4g102f34s4umob068mq0=
Subject key identifier: 5E:1C:9F:8C:B1:F8:34:4E:B6:DF:13:29:50:D8:2A:D8:D1:F5:5D:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BA4AD49F1BA8123525A7C39232DC433B98E10DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
Signing time: Sat 28 Feb 2026 05:10:34 +0000
ROA not before: Sat 28 Feb 2026 05:10:34 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:a4:ad:49:f1:ba:81:23:52:5a:7c:39:23:2d:c4:33:b9:8e:10:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:34 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=28ea257ba5b40e5ba1d01280b171cc781147d293eb7f07215124ace4cef3c4ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8d:5f:fd:9a:29:10:03:4b:0b:84:0b:c7:34:
11:ee:7f:31:2c:98:41:dc:17:b0:2c:70:72:32:ad:
c6:b2:88:78:58:c8:f3:a7:cc:65:31:ee:88:21:87:
ba:d3:e6:8d:7c:f5:d6:83:33:1a:e4:2f:9a:2c:4b:
1d:c7:de:93:b2:35:3e:06:d2:c0:c0:a6:dc:de:db:
7a:d9:d7:a7:10:62:1d:62:03:e3:dc:81:a3:cb:e9:
12:fb:0c:13:0a:fe:be:05:f0:0d:00:c2:59:77:21:
ca:71:54:14:94:e1:d2:e2:c2:4d:82:5a:85:98:45:
7f:7a:88:3f:32:31:df:bc:ad:2c:2c:e3:ca:b8:1c:
df:25:bb:24:56:a4:4d:eb:0e:df:96:dd:e4:0a:7b:
c5:d8:04:e4:e0:90:fb:03:3d:4e:52:db:4d:5a:59:
3d:8b:7d:f9:50:f5:11:71:f7:4d:6b:be:f4:99:4b:
bb:85:b3:b7:78:53:b1:67:7c:2c:dd:fd:e1:55:34:
7b:fa:ea:d0:a8:7c:df:55:ea:b3:8e:0f:a9:3d:f6:
d8:fd:1d:d5:3a:b1:40:6c:35:0b:7f:4a:bf:60:ba:
f0:f8:93:6c:ff:88:31:d2:b0:05:8b:58:48:a9:7a:
eb:50:be:85:73:81:78:07:e7:8d:d6:3d:ca:c0:12:
c5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1C:9F:8C:B1:F8:34:4E:B6:DF:13:29:50:D8:2A:D8:D1:F5:5D:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a040::/48
Signature Algorithm: sha256WithRSAEncryption
23:32:9e:fa:8f:4d:4a:b8:da:46:7d:ba:23:f4:17:51:46:04:
6a:4f:13:f3:ea:c9:29:bf:29:8b:39:78:a3:ce:66:b1:43:a3:
66:81:a5:4a:f5:b8:56:bf:48:4e:0d:72:ae:7d:0a:ad:54:e1:
ea:dd:e0:55:67:34:df:ad:5e:d0:70:76:f1:1a:f5:a5:05:9c:
c7:4f:c8:6f:df:e6:fc:72:af:c5:37:ef:ef:2e:bb:31:92:88:
b8:31:7e:09:9c:0a:a3:8c:c4:cf:cc:6c:4d:e0:e5:27:44:34:
b3:a3:29:e1:6b:61:b2:73:15:ca:51:e3:f6:f5:ab:28:9e:3b:
c7:91:1f:42:94:3e:f3:8a:a7:29:ed:d8:bc:77:42:6e:b8:aa:
6b:38:4d:df:d5:b2:90:b3:60:e3:2f:aa:11:56:e7:2a:91:c3:
0c:b3:55:6b:27:75:df:14:07:d5:da:42:6b:31:d2:b8:94:73:
05:b4:b6:79:97:06:88:cf:a0:c8:a5:b4:27:3d:43:42:59:8a:
24:38:57:f3:4c:f8:e7:32:41:18:c3:23:fe:1c:e8:1a:37:dd:
32:0e:23:fe:dc:50:93:33:56:54:84:d2:62:da:68:78:4f:67:
4b:13:d2:38:f0:82:84:7d:84:3c:7c:8f:e6:22:c1:45:23:16:
b3:3c:52:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUO6StSfG6gSNSWnw5Iy3EM7mOEN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMzRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4ZWEyNTdiYTViNDBlNWJhMWQwMTI4MGIxNzFjYzc4MTE0N2QyOTNlYjdm
MDcyMTUxMjRhY2U0Y2VmM2M0YWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuNX/2aKRADSwuEC8c0Ee5/MSyYQdwXsCxwcjKtxrKIeFjI86fMZTHuiCGH
utPmjXz11oMzGuQvmixLHcfek7I1PgbSwMCm3N7betnXpxBiHWID49yBo8vpEvsM
Ewr+vgXwDQDCWXchynFUFJTh0uLCTYJahZhFf3qIPzIx37ytLCzjyrgc3yW7JFak
TesO35bd5Ap7xdgE5OCQ+wM9TlLbTVpZPYt9+VD1EXH3TWu+9JlLu4Wzt3hTsWd8
LN394VU0e/rq0Kh831Xqs44PqT322P0d1TqxQGw1C39Kv2C68PiTbP+IMdKwBYtY
SKl661C+hXOBeAfnjdY9ysASxfsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBReHJ+M
sfg0TrbfEylQ2CrY0fVdkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzk0NDAzODctNjZhMy00ODUyLWE5NGItOGEzMjUwZjIwNzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
QDANBgkqhkiG9w0BAQsFAAOCAQEAIzKe+o9NSrjaRn26I/QXUUYEak8T8+rJKb8p
izl4o85msUOjZoGlSvW4Vr9ITg1yrn0KrVTh6t3gVWc0361e0HB28Rr1pQWcx0/I
b9/m/HKvxTfv7y67MZKIuDF+CZwKo4zEz8xsTeDlJ0Q0s6Mp4WthsnMVylHj9vWr
KJ47x5EfQpQ+84qnKe3YvHdCbriqazhN39WykLNg4y+qEVbnKpHDDLNVayd13xQH
1dpCazHSuJRzBbS2eZcGiM+gyKW0Jz1DQlmKJDhX80z45zJBGMMj/hzoGjfdMg4j
/txQkzNWVITSYtpoeE9nSxPSOPCChH2EPHyP5iLBRSMWszxSQw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:02:23 2026 by rpki-client