Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa
File: 7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa (raw, json)
Hash identifier: x4lb4LGQ1SSfmyHM4qYQO2sieOcV5OJU9QIklWXyOyo=
Subject key identifier: 81:D5:E0:1E:45:55:29:8A:BF:CB:2A:F1:99:11:27:2C:48:D8:AD:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B6A565D3316D562A4E30ECEE9046ACBBD53AB41
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa
Signing time: Tue 24 Feb 2026 03:00:08 +0000
ROA not before: Tue 24 Feb 2026 03:00:08 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:6a:56:5d:33:16:d5:62:a4:e3:0e:ce:e9:04:6a:cb:bd:53:ab:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 03:00:08 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=39b4e358da598fd94881d63efa69906ae8da29334c321c19b8d6a4a4cdfbfc46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:10:a8:46:d6:9f:43:9b:b1:49:c7:43:37:e3:
2f:8e:c3:cb:0d:3a:97:2c:6d:36:17:52:f8:1e:43:
3a:98:6d:41:32:01:d1:a1:50:94:56:a0:0e:47:d7:
f8:cd:58:f1:69:85:37:14:c0:d1:21:ba:09:e9:51:
51:95:c4:11:c5:1e:04:45:c0:c6:c6:62:86:f6:92:
ba:32:87:13:2d:d1:45:df:0a:c0:4d:20:03:1b:a5:
b6:d5:b8:7e:e9:e1:75:be:18:3e:56:d7:64:df:8b:
d6:ed:8a:0f:0b:d0:70:a6:0f:24:84:88:8f:1e:8d:
42:cb:93:a3:cf:55:82:9a:73:9b:b2:be:98:4d:b4:
cf:7d:03:a8:8b:f9:e4:10:72:88:08:a8:63:5a:98:
ec:5c:60:ab:cd:6b:fa:d6:f9:82:07:d9:4d:af:a3:
99:95:0a:06:c9:60:42:57:ac:c7:14:af:ec:96:fa:
33:cc:6e:8a:b4:3d:04:f4:a7:67:fd:34:9f:9d:0e:
9f:74:e1:6a:48:e6:13:39:ad:29:20:9d:92:62:5e:
6c:9f:75:2f:b1:d2:18:48:ac:e8:65:9c:76:86:84:
c3:ca:e4:78:72:29:77:a8:f0:a1:89:08:c3:f3:f4:
8c:de:54:ca:b5:b7:fa:c9:7b:9a:22:40:dd:41:82:
d7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D5:E0:1E:45:55:29:8A:BF:CB:2A:F1:99:11:27:2C:48:D8:AD:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:f4:0a:55:8b:cb:c7:53:90:9c:e9:1a:79:1a:04:66:0f:fd:
fc:91:8d:5d:9a:c5:5b:84:63:ba:b4:6c:6d:41:a1:a2:d7:b3:
99:73:e0:ba:98:38:39:38:bb:90:69:99:1e:1f:78:5b:24:40:
c9:dc:e5:47:7f:4c:63:82:3c:25:f8:48:1e:86:88:89:ee:10:
ae:a0:0a:95:11:ae:5d:2f:cb:cf:2e:9d:d7:fb:6c:05:b3:a1:
fa:10:51:be:a3:b4:b4:11:fb:f5:81:a5:2e:7a:b3:76:52:05:
59:d2:cd:fe:50:4d:60:87:d5:f9:75:2a:90:f4:5d:8f:93:be:
05:c8:87:85:b3:c9:49:b3:cd:aa:8c:bf:8e:43:80:b3:c4:8a:
7e:b3:b7:0e:9d:e1:cf:7f:af:1d:23:f6:2c:e3:64:1c:0a:56:
0d:41:a1:16:d2:31:ef:98:6e:e7:da:ae:9e:42:1e:94:97:00:
68:92:75:dd:f6:cc:91:e1:b1:93:dc:67:1f:98:c8:5a:f0:93:
9c:fc:ea:81:94:18:a7:7b:68:19:24:44:3a:5c:4d:f7:3f:33:
ec:04:63:86:2d:d7:c0:78:a0:a5:32:4f:68:aa:04:a1:de:f3:
08:e6:91:b7:a2:39:71:f9:b5:5a:0a:ef:5e:53:f8:4a:e3:ed:
c6:f5:04:c1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC2pWXTMW1WKk4w7O6QRqy71Tq0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwMzAwMDhaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5YjRlMzU4ZGE1OThmZDk0ODgxZDYzZWZhNjk5MDZhZThkYTI5MzM0YzMy
MWMxOWI4ZDZhNGE0Y2RmYmZjNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIQqEbWn0ObsUnHQzfjL47Dyw06lyxtNhdS+B5DOphtQTIB0aFQlFagDkfX
+M1Y8WmFNxTA0SG6CelRUZXEEcUeBEXAxsZihvaSujKHEy3RRd8KwE0gAxulttW4
funhdb4YPlbXZN+L1u2KDwvQcKYPJISIjx6NQsuTo89Vgppzm7K+mE20z30DqIv5
5BByiAioY1qY7Fxgq81r+tb5ggfZTa+jmZUKBslgQlesxxSv7Jb6M8xuirQ9BPSn
Z/00n50On3ThakjmEzmtKSCdkmJebJ91L7HSGEis6GWcdoaEw8rkeHIpd6jwoYkI
w/P0jN5UyrW3+sl7miJA3UGC1/cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSB1eAe
RVUpir/LKvGZEScsSNitdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2ZjODAxMjQtMjU2ZC00ZDNkLWJmZmMtMmZlNWQ4MmM0NzdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVA
MA0GCSqGSIb3DQEBCwUAA4IBAQCy9ApVi8vHU5Cc6Rp5GgRmD/38kY1dmsVbhGO6
tGxtQaGi17OZc+C6mDg5OLuQaZkeH3hbJEDJ3OVHf0xjgjwl+EgehoiJ7hCuoAqV
Ea5dL8vPLp3X+2wFs6H6EFG+o7S0Efv1gaUuerN2UgVZ0s3+UE1gh9X5dSqQ9F2P
k74FyIeFs8lJs82qjL+OQ4CzxIp+s7cOneHPf68dI/Ys42QcClYNQaEW0jHvmG7n
2q6eQh6UlwBoknXd9syR4bGT3GcfmMha8JOc/OqBlBine2gZJEQ6XE33PzPsBGOG
LdfAeKClMk9oqgSh3vMI5pG3ojlx+bVaCu9eU/hK4+3G9QTB
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:25 2026 by rpki-client