Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json)
Hash identifier: uMzfgQDKBaXu3oAmVxZY+AglR8RT9DqdTYc6QY51xKM=
Subject key identifier: A7:E4:85:B6:0E:D4:4B:CB:03:4D:1D:1B:7B:9E:E8:93:B4:56:11:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 536A4C4BECF2CF1988E9C520A72261040E2654B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
Signing time: Sat 28 Feb 2026 05:20:55 +0000
ROA not before: Sat 28 Feb 2026 05:20:55 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:6a:4c:4b:ec:f2:cf:19:88:e9:c5:20:a7:22:61:04:0e:26:54:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:55 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f00eacf051ff447101ee542e60e5aa4d43059796384b76a000343789d7bc455e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:75:be:18:dd:88:34:46:eb:8b:25:24:01:22:
be:d7:0c:ac:44:70:ca:b1:41:f8:23:55:33:18:3d:
01:78:af:d7:28:ee:a7:2a:38:f7:e9:a0:5c:cc:45:
da:45:56:e1:31:c5:2d:65:73:ed:9d:6d:83:44:6c:
82:2b:b0:6b:67:85:9e:29:28:80:a2:73:d8:77:2c:
98:8e:01:22:9a:b7:7b:af:df:52:9e:27:5c:76:bd:
ab:e5:cb:22:eb:68:56:ce:9e:31:8e:fe:0f:e0:16:
b6:4c:94:52:4b:d0:4e:7a:63:65:e3:a7:17:a5:de:
e9:11:76:9e:f3:c9:cb:c8:94:23:9a:26:bf:c0:5c:
d3:74:b8:19:5e:b5:4d:71:f7:ab:99:6d:c6:56:e5:
76:65:6c:11:42:83:04:f0:ad:ae:b9:ac:94:3a:86:
d4:27:52:d6:74:fd:e0:e9:5c:05:16:92:39:2d:60:
47:75:54:be:c2:6c:dd:a9:80:9e:4d:fa:f2:d1:fc:
35:a8:a3:ba:e5:83:cb:89:c8:5e:6a:b4:5e:0e:39:
8f:f2:fa:dd:bf:52:92:26:d4:7c:dc:31:75:28:1b:
5c:a2:d0:91:83:42:01:fd:32:de:32:44:a9:bb:1b:
c3:6f:91:64:28:36:a8:cf:1a:f2:26:5c:fd:62:82:
cf:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:E4:85:B6:0E:D4:4B:CB:03:4D:1D:1B:7B:9E:E8:93:B4:56:11:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:e000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:7b:21:20:aa:07:23:e3:5d:84:b8:85:48:0f:c5:c2:b9:7f:
c6:92:6d:0c:2e:72:43:29:81:a1:4d:38:06:07:c6:ee:f7:dd:
42:c2:4d:fb:a3:e7:f5:96:65:3e:19:b5:12:61:a7:9c:53:35:
c3:a3:6f:40:59:36:7a:d6:ab:b4:08:e0:e8:74:7b:d8:12:92:
6f:7c:a7:8c:55:f5:97:81:1b:45:24:d9:3d:cc:f5:0d:fa:af:
d6:b3:ad:cf:4f:23:42:04:db:f5:49:f4:2a:c5:88:29:ae:ad:
23:a2:e0:ab:1c:79:2d:7d:ab:69:cb:06:14:db:9b:d6:79:be:
d5:f2:61:71:88:2a:0d:ba:cd:65:56:2b:d5:5d:1f:bc:51:3e:
36:d6:3c:db:ea:ef:4e:84:67:42:fa:00:78:bb:8d:6f:a5:ac:
3a:01:0e:84:46:c1:34:95:6d:59:f6:e4:85:d9:95:46:5d:f8:
7c:d5:bf:19:ee:e3:98:f7:bd:23:34:62:89:b1:96:ed:ea:ca:
30:c8:3a:3a:66:e2:b0:b0:07:9c:53:ca:0d:d8:52:0b:41:d0:
aa:42:f1:72:96:45:ca:6c:24:98:74:2b:f0:d8:6e:44:50:73:
a7:79:1d:80:9c:fa:3c:ad:d4:ef:65:6e:f7:07:6d:d8:c8:81:
0d:19:1f:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU2pMS+zyzxmI6cUgpyJhBA4mVLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNTVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwMGVhY2YwNTFmZjQ0NzEwMWVlNTQyZTYwZTVhYTRkNDMwNTk3OTYzODRi
NzZhMDAwMzQzNzg5ZDdiYzQ1NWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPJ1vhjdiDRG64slJAEivtcMrERwyrFB+CNVMxg9AXiv1yjupyo49+mgXMxF
2kVW4THFLWVz7Z1tg0Rsgiuwa2eFnikogKJz2HcsmI4BIpq3e6/fUp4nXHa9q+XL
IutoVs6eMY7+D+AWtkyUUkvQTnpjZeOnF6Xe6RF2nvPJy8iUI5omv8Bc03S4GV61
TXH3q5ltxlbldmVsEUKDBPCtrrmslDqG1CdS1nT94OlcBRaSOS1gR3VUvsJs3amA
nk368tH8NaijuuWDy4nIXmq0Xg45j/L63b9SkibUfNwxdSgbXKLQkYNCAf0y3jJE
qbsbw2+RZCg2qM8a8iZc/WKCz8kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSn5IW2
DtRLywNNHRt7nuiTtFYRejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg
MA0GCSqGSIb3DQEBCwUAA4IBAQA8eyEgqgcj412EuIVID8XCuX/Gkm0MLnJDKYGh
TTgGB8bu991Cwk37o+f1lmU+GbUSYaecUzXDo29AWTZ61qu0CODodHvYEpJvfKeM
VfWXgRtFJNk9zPUN+q/Ws63PTyNCBNv1SfQqxYgprq0jouCrHHktfatpywYU25vW
eb7V8mFxiCoNus1lVivVXR+8UT421jzb6u9OhGdC+gB4u41vpaw6AQ6ERsE0lW1Z
9uSF2ZVGXfh81b8Z7uOY970jNGKJsZbt6sowyDo6ZuKwsAecU8oN2FILQdCqQvFy
lkXKbCSYdCvw2G5EUHOneR2AnPo8rdTvZW73B23YyIENGR9j
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:29:51 2026 by rpki-client