Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
File: 7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa (raw, json)
Hash identifier: onulRWb6cEjz9W7Rd7N+J4TeTc53FupMDca4afJLPxM=
Subject key identifier: E9:7E:34:97:CC:39:CE:BB:A1:6E:4B:B6:B2:DD:04:4B:45:2C:E5:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BB5B62858BD6344156F5E127D3F66BD53DC221C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
Signing time: Sat 28 Feb 2026 05:20:29 +0000
ROA not before: Sat 28 Feb 2026 05:20:29 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d027::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:b5:b6:28:58:bd:63:44:15:6f:5e:12:7d:3f:66:bd:53:dc:22:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:29 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e17f9c9abfaca9efd354b17c19113fb8e2ccca19c370c19ed0f9b2ceb4fc9e93, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:49:af:1e:57:57:c0:c6:49:5c:8f:0c:a8:b9:
8d:82:38:df:d8:c4:a9:b8:b8:14:89:01:56:47:1f:
a1:0f:ee:4a:10:1b:4a:be:4b:79:81:e4:ce:f5:c4:
fc:2e:20:ed:92:e0:2a:98:10:60:21:7d:e6:6a:7a:
66:56:36:f3:7f:fd:24:84:79:e6:9b:0c:3e:46:17:
44:6e:de:93:6e:d7:64:0f:27:7a:aa:df:2a:dc:c0:
f0:69:f8:d5:6e:a5:19:44:14:03:c4:99:d5:38:5c:
7e:29:1e:5d:23:12:4e:39:58:36:9f:d4:ac:1a:1c:
40:6d:c8:29:8b:8f:c4:1c:b4:80:32:2a:e8:23:7f:
75:67:cb:8a:39:05:5d:55:07:be:2d:24:84:6e:0a:
4f:09:0f:81:22:80:34:58:ec:58:ce:d7:ed:2f:60:
06:75:56:23:7a:01:3a:00:5f:a2:bd:c7:11:4c:3a:
ed:77:71:9d:55:b5:56:7a:e5:80:b4:d1:d4:5a:a6:
bc:3a:53:5a:2f:f2:b7:88:d2:0f:ce:e6:75:95:48:
dc:30:3c:69:fe:cd:c6:83:77:b9:b7:52:44:70:1e:
05:e6:ad:1b:0d:4b:57:f0:19:b5:8d:a0:40:72:26:
75:aa:de:40:f8:50:2b:af:26:13:6f:6b:e1:16:ad:
43:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:7E:34:97:CC:39:CE:BB:A1:6E:4B:B6:B2:DD:04:4B:45:2C:E5:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d027::/36
Signature Algorithm: sha256WithRSAEncryption
2a:be:b8:45:e9:0d:aa:82:da:1b:4e:7f:80:0b:5f:c7:0f:e5:
41:c3:69:43:6d:75:0d:da:0b:5b:41:61:c3:3b:57:4c:bb:26:
92:96:34:56:4c:9b:f9:ef:10:56:e9:1f:5f:ad:f9:8b:ae:9d:
4b:ac:9d:65:12:97:25:1a:53:48:a2:1c:bf:26:2e:59:69:8c:
85:59:69:87:31:f6:c6:10:44:a2:a8:9a:a6:53:14:9d:6e:4f:
e6:14:cc:10:77:47:18:d9:17:3f:ba:a1:ee:c1:77:f8:f5:28:
af:5b:7b:02:24:9b:ec:84:ea:4f:f0:32:5e:f9:5e:eb:06:93:
97:7d:eb:71:50:2c:9d:16:1f:ce:11:16:a1:bb:fa:d3:2a:af:
2b:7d:c3:29:04:07:50:5c:6e:d5:28:97:cc:cd:bd:29:88:65:
d0:11:68:86:47:fb:00:d1:2f:a7:a0:24:92:46:9e:e3:f5:bf:
91:74:ae:77:82:44:a7:12:d9:f7:52:09:0b:6f:5c:8b:6f:0e:
c0:2e:01:6a:d0:5e:cd:09:d9:6d:3a:82:b8:2a:95:a7:e8:ad:
ef:ac:f6:03:82:87:f0:92:64:02:22:b4:4b:bb:ce:02:13:30:
0b:fe:40:cb:ea:c6:69:63:da:86:62:2e:33:8f:7b:d0:f0:d7:
d3:6d:c6:c7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO7W2KFi9Y0QVb14SfT9mvVPcIhwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMjlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxN2Y5YzlhYmZhY2E5ZWZkMzU0YjE3YzE5MTEzZmI4ZTJjY2NhMTljMzcw
YzE5ZWQwZjliMmNlYjRmYzllOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIlJrx5XV8DGSVyPDKi5jYI439jEqbi4FIkBVkcfoQ/uShAbSr5LeYHkzvXE
/C4g7ZLgKpgQYCF95mp6ZlY283/9JIR55psMPkYXRG7ek27XZA8neqrfKtzA8Gn4
1W6lGUQUA8SZ1ThcfikeXSMSTjlYNp/UrBocQG3IKYuPxBy0gDIq6CN/dWfLijkF
XVUHvi0khG4KTwkPgSKANFjsWM7X7S9gBnVWI3oBOgBfor3HEUw67XdxnVW1Vnrl
gLTR1FqmvDpTWi/yt4jSD87mdZVI3DA8af7NxoN3ubdSRHAeBeatGw1LV/AZtY2g
QHImdareQPhQK68mE29r4RatQ6MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTpfjSX
zDnOu6FuS7ay3QRLRSzlQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2JjYmY5ZjMtN2E2My00MmEyLTliNTgtNGMwYzEwZmMzNGRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CcA
MA0GCSqGSIb3DQEBCwUAA4IBAQAqvrhF6Q2qgtobTn+AC1/HD+VBw2lDbXUN2gtb
QWHDO1dMuyaSljRWTJv57xBW6R9frfmLrp1LrJ1lEpclGlNIohy/Ji5ZaYyFWWmH
MfbGEESiqJqmUxSdbk/mFMwQd0cY2Rc/uqHuwXf49SivW3sCJJvshOpP8DJe+V7r
BpOXfetxUCydFh/OERahu/rTKq8rfcMpBAdQXG7VKJfMzb0piGXQEWiGR/sA0S+n
oCSSRp7j9b+RdK53gkSnEtn3UgkLb1yLbw7ALgFq0F7NCdltOoK4KpWn6K3vrPYD
gofwkmQCIrRLu84CEzAL/kDL6sZpY9qGYi4zj3vQ8NfTbcbH
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:50:07 2026 by rpki-client