Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
File: 819bfec2-19de-4cdb-ba40-657fff6a743e.roa (raw, json)
Hash identifier: CGjBw8sgQ5adobHAVkGHdmVXpJIK7P6fPXrO8eGTUuw=
Subject key identifier: 98:ED:85:B5:E5:B8:B4:04:1D:C2:55:96:C6:C4:DA:A3:BE:0B:65:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 177103F7A0D9344058DB77F15F3A36AD4FD3E151
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
Signing time: Sat 28 Feb 2026 05:20:22 +0000
ROA not before: Sat 28 Feb 2026 05:20:22 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:71:03:f7:a0:d9:34:40:58:db:77:f1:5f:3a:36:ad:4f:d3:e1:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:22 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=ce94a7c4d996ce21c16bf422a22b908c6bf3639e8fa580a7cabcb171eaff100c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:38:f4:ea:9a:c2:4c:94:9e:4a:d8:78:e3:2e:
00:c5:b3:a5:d9:35:1f:6f:c8:9e:ad:ca:e3:61:16:
eb:79:99:11:11:fd:ea:93:de:c9:dd:89:0c:56:3b:
fc:63:df:65:ee:52:42:1e:57:2c:10:3d:82:d9:06:
c1:aa:34:24:29:93:ab:90:b1:3d:c8:a3:62:92:96:
0b:e4:88:94:f8:3e:3b:a0:90:14:bf:7a:96:c6:7c:
1c:28:92:76:de:28:77:ca:7a:62:84:a9:1f:0a:12:
be:bd:e5:9a:83:04:93:ba:62:f7:94:05:e8:ae:ad:
d7:17:34:12:93:75:b5:7a:5b:29:42:fc:82:16:d8:
f7:1a:c3:01:78:b0:a4:6c:f5:11:59:f3:c6:9f:63:
d2:d3:45:29:45:d6:b6:47:cf:9c:a9:91:d8:d1:50:
37:c1:4e:44:33:bf:cc:9a:fc:cf:8a:ea:1d:2a:81:
ca:13:d9:6a:20:0f:20:1e:50:88:85:3f:9e:58:72:
35:71:b3:f0:05:7f:cf:a4:25:fd:3c:4e:03:b7:5e:
f4:da:ce:dd:20:20:d2:44:22:90:b0:a1:3c:00:45:
e2:79:cd:3a:8a:28:c8:65:fa:de:37:c6:8b:29:af:
5c:f0:69:63:0b:83:81:bd:da:a1:4f:ff:b9:ef:99:
e2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:ED:85:B5:E5:B8:B4:04:1D:C2:55:96:C6:C4:DA:A3:BE:0B:65:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
80:0d:d4:40:30:a4:dc:c8:cb:fa:ff:b6:43:84:ed:40:04:4a:
27:64:2d:14:c0:21:7f:7c:c5:d2:36:32:0a:0f:26:6b:e0:4f:
ed:e1:81:65:18:b9:06:c4:03:73:81:11:7e:ed:60:d9:cb:b2:
ea:6e:cc:d9:20:13:f1:eb:3e:79:fc:00:19:70:a6:10:3f:96:
29:15:94:f2:4a:31:bc:f3:ad:53:a7:fc:a0:5b:5a:c5:ad:d9:
4f:05:b0:0b:db:d6:a9:79:c1:a1:4f:63:ce:5e:fa:79:a2:ca:
dd:47:91:1f:d6:eb:27:e2:84:ab:7b:23:b8:5f:38:60:e5:37:
83:b2:97:d2:ed:60:19:ae:5a:23:4f:20:fd:1e:2e:72:86:b0:
ba:11:9f:de:6a:99:68:bf:0e:86:ee:4b:78:68:bc:2d:97:a7:
51:d3:48:6c:6a:74:05:29:3b:83:5a:ae:8d:aa:06:d2:1d:f0:
4d:18:78:9d:f9:74:21:8b:19:de:34:6e:41:0a:cb:68:f9:81:
2e:d3:b0:c3:dc:fc:17:6e:b9:fc:ab:bf:bb:a9:22:15:9a:e0:
a4:52:6a:a6:0c:75:6d:78:9a:4b:8a:c4:61:0c:60:56:df:95:
b7:c3:63:8b:8a:d1:d8:94:e7:a9:d7:c1:c4:da:c0:20:cd:df:
26:27:74:2e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF3ED96DZNEBY23fxXzo2rU/T4VEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMjJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlOTRhN2M0ZDk5NmNlMjFjMTZiZjQyMmEyMmI5MDhjNmJmMzYzOWU4ZmE1
ODBhN2NhYmNiMTcxZWFmZjEwMGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKw49OqawkyUnkrYeOMuAMWzpdk1H2/Inq3K42EW63mZERH96pPeyd2JDFY7
/GPfZe5SQh5XLBA9gtkGwao0JCmTq5CxPcijYpKWC+SIlPg+O6CQFL96lsZ8HCiS
dt4od8p6YoSpHwoSvr3lmoMEk7pi95QF6K6t1xc0EpN1tXpbKUL8ghbY9xrDAXiw
pGz1EVnzxp9j0tNFKUXWtkfPnKmR2NFQN8FORDO/zJr8z4rqHSqByhPZaiAPIB5Q
iIU/nlhyNXGz8AV/z6Ql/TxOA7de9NrO3SAg0kQikLChPABF4nnNOoooyGX63jfG
iymvXPBpYwuDgb3aoU//ue+Z4rUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSY7YW1
5bi0BB3CVZbGxNqjvgtlGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE5YmZlYzItMTlkZS00Y2RiLWJhNDAtNjU3ZmZmNmE3NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCADdRAMKTcyMv6/7ZDhO1ABEonZC0UwCF/fMXS
NjIKDyZr4E/t4YFlGLkGxANzgRF+7WDZy7LqbszZIBPx6z55/AAZcKYQP5YpFZTy
SjG8861Tp/ygW1rFrdlPBbAL29apecGhT2POXvp5osrdR5Ef1usn4oSreyO4Xzhg
5TeDspfS7WAZrlojTyD9Hi5yhrC6EZ/eaplovw6G7kt4aLwtl6dR00hsanQFKTuD
Wq6NqgbSHfBNGHid+XQhixneNG5BCsto+YEu07DD3PwXbrn8q7+7qSIVmuCkUmqm
DHVteJpLisRhDGBW35W3w2OLitHYlOep18HE2sAgzd8mJ3Qu
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:09 2026 by rpki-client