Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
File: 7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa (raw, json)
Hash identifier: A43JcZneViTaR4lL3+8WXxSxzTF2jU6zU1VhQ/gsJdg=
Subject key identifier: 7A:74:1E:76:12:91:4E:C8:0A:E4:35:9F:46:1A:0A:67:DD:1A:6F:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FC3C22463184BFB89094FA6918F893F04784EC0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
Signing time: Sun 15 Feb 2026 00:00:07 +0000
ROA not before: Sun 15 Feb 2026 00:00:07 +0000
ROA not after: Sat 16 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:c3:c2:24:63:18:4b:fb:89:09:4f:a6:91:8f:89:3f:04:78:4e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 15 00:00:07 2026 GMT
Not After : May 16 23:59:59 2026 GMT
Subject: serialNumber=161fafef530afc3ef9972a124f29ffb9c64b3b3236a3a789520a7bf550d30e3d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:67:c4:e3:c4:26:dd:27:dc:11:89:66:53:c7:
22:91:8c:b1:a2:59:e4:51:b9:7c:60:04:eb:ab:09:
46:fb:38:91:a5:04:33:9d:dd:2e:51:7b:c8:b2:e0:
73:bc:64:17:9e:d4:a6:22:7f:66:13:c7:37:03:45:
dd:40:42:e7:e3:69:5c:bb:7b:c0:43:aa:77:77:13:
55:c8:8b:41:4f:9d:c2:5c:0e:42:1f:4e:68:3c:d3:
50:45:ac:ba:7b:de:5f:04:5d:b9:c6:78:a7:28:0a:
0f:3b:70:ed:9e:5c:a1:6e:5e:30:95:9f:a8:96:a1:
03:75:0f:38:87:9c:2c:12:c7:b8:83:11:92:62:6f:
85:f3:d7:64:3c:1a:d3:0b:49:12:e0:68:3b:8d:b3:
df:17:a8:58:b0:d9:d1:25:d3:f4:f8:44:95:d5:f8:
e1:5f:06:f8:31:46:94:e6:cc:2e:f3:49:93:f7:6c:
2b:3e:07:a5:bb:03:af:dc:7e:b0:7b:7b:09:1f:88:
44:4d:cf:fe:ab:03:02:d8:d7:3f:4c:7f:1d:7e:ae:
c9:20:73:90:21:d7:55:84:74:59:cc:13:8d:3f:6c:
62:52:4d:bd:1e:6b:7f:2b:77:b9:8c:6f:cf:be:23:
45:99:06:65:0b:fe:b8:ef:e5:5e:62:09:19:8a:61:
12:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:74:1E:76:12:91:4E:C8:0A:E4:35:9F:46:1A:0A:67:DD:1A:6F:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f3452cc-a2fb-45ca-9617-8db45bd3c546.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/42
Signature Algorithm: sha256WithRSAEncryption
48:22:e6:68:a0:92:1e:82:8b:95:6b:95:23:7f:37:f9:db:b4:
0f:c8:0f:16:79:d4:ac:d2:1c:2a:24:6b:f7:b9:60:66:1d:3f:
c3:d6:47:21:28:89:fd:0b:3f:47:a5:b7:3e:59:e3:79:16:da:
5b:07:9a:9b:b7:d7:5e:1f:72:f0:e7:af:fe:7b:7c:67:f5:47:
7c:7f:a6:9a:d7:ec:9a:e5:b5:ed:9c:72:1b:4f:a3:1c:1d:6b:
1a:53:e8:8d:95:05:a4:da:4d:0b:f5:2d:9e:aa:29:b5:1b:66:
8f:5f:b3:2e:86:a3:11:3e:29:2c:d1:7b:87:d5:7b:b2:c4:f7:
fb:7e:3f:5d:3c:8c:ac:8c:54:df:9b:3a:c2:0a:59:8a:c2:3b:
35:06:16:e4:0c:f6:61:ca:09:44:48:eb:7e:62:0a:c0:fa:27:
f0:2c:e7:03:11:17:1d:57:9f:54:59:47:05:5a:f3:2f:06:62:
6c:a9:b5:50:d6:0a:6f:f1:b1:f1:ad:07:23:02:df:22:49:27:
a4:1a:1b:50:42:ff:97:32:41:3b:93:26:b5:73:98:75:fd:f7:
55:6a:d3:b2:0c:80:4b:77:ad:c2:69:95:0e:b1:15:7b:08:1f:
66:34:5d:06:2a:d8:ce:13:69:e7:2f:6c:93:52:ef:6d:bf:a7:
9a:2f:ad:62
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUX8PCJGMYS/uJCU+mkY+JPwR4TsAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTUwMDAwMDdaFw0yNjA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MWZhZmVmNTMwYWZjM2VmOTk3MmExMjRmMjlmZmI5YzY0YjNiMzIzNmEz
YTc4OTUyMGE3YmY1NTBkMzBlM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdnxOPEJt0n3BGJZlPHIpGMsaJZ5FG5fGAE66sJRvs4kaUEM53dLlF7yLLg
c7xkF57UpiJ/ZhPHNwNF3UBC5+NpXLt7wEOqd3cTVciLQU+dwlwOQh9OaDzTUEWs
unveXwRducZ4pygKDztw7Z5coW5eMJWfqJahA3UPOIecLBLHuIMRkmJvhfPXZDwa
0wtJEuBoO42z3xeoWLDZ0SXT9PhEldX44V8G+DFGlObMLvNJk/dsKz4HpbsDr9x+
sHt7CR+IRE3P/qsDAtjXP0x/HX6uySBzkCHXVYR0WcwTjT9sYlJNvR5rfyt3uYxv
z74jRZkGZQv+uO/lXmIJGYphEqsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR6dB52
EpFOyArkNZ9GGgpn3RpvtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2YzNDUyY2MtYTJmYi00NWNhLTk2MTctOGRiNDViZDNjNTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBioF0BsA
ADANBgkqhkiG9w0BAQsFAAOCAQEASCLmaKCSHoKLlWuVI383+du0D8gPFnnUrNIc
KiRr97lgZh0/w9ZHISiJ/Qs/R6W3PlnjeRbaWweam7fXXh9y8Oev/nt8Z/VHfH+m
mtfsmuW17ZxyG0+jHB1rGlPojZUFpNpNC/UtnqoptRtmj1+zLoajET4pLNF7h9V7
ssT3+34/XTyMrIxU35s6wgpZisI7NQYW5Az2YcoJREjrfmIKwPon8CznAxEXHVef
VFlHBVrzLwZibKm1UNYKb/Gx8a0HIwLfIkknpBobUEL/lzJBO5MmtXOYdf33VWrT
sgyAS3etwmmVDrEVewgfZjRdBirYzhNp5y9sk1Lvbb+nmi+tYg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:08 2026 by rpki-client