Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/834ff2b2-55b6-4011-9d9b-451a7311335d.roa
File: 834ff2b2-55b6-4011-9d9b-451a7311335d.roa (raw, json)
Hash identifier: e1Q6xiMduq3evlIsOr1Hk21AFkH2Jpfw1CpVeuYeXzY=
Subject key identifier: DF:22:F3:49:6B:E1:22:42:D5:10:E3:46:A3:74:19:D6:6B:08:1C:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 442A8A0F17390F6D890FCB917F06A0207494C8A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/834ff2b2-55b6-4011-9d9b-451a7311335d.roa
Signing time: Sat 28 Feb 2026 05:20:41 +0000
ROA not before: Sat 28 Feb 2026 05:20:41 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:2a:8a:0f:17:39:0f:6d:89:0f:cb:91:7f:06:a0:20:74:94:c8:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:41 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=6ad856b5102b312600c58a006ca9206b2892ad73ed00c587a86fe35d3607a533, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:88:3f:26:fb:13:88:6b:e5:7b:16:d4:26:
1f:34:a7:8b:d0:59:2e:c9:c7:69:e3:0f:ea:0a:3a:
c8:75:95:3d:03:dc:87:de:7f:18:a0:18:7d:c3:b6:
cf:6d:bf:5e:42:e2:e7:d4:ae:43:ef:2a:85:9b:71:
cf:be:b6:ca:da:98:1e:9d:5e:ce:3e:87:37:8f:37:
7b:39:50:5b:4f:9e:6f:1b:a3:3f:27:bf:3f:15:90:
c1:f2:2a:75:16:55:c8:47:1a:84:9a:35:7a:c3:be:
08:05:87:55:40:da:81:82:72:7f:9b:d6:cc:f8:50:
72:6a:4c:c8:1f:63:e3:0c:2d:bf:a1:40:3f:6f:fe:
ac:50:b5:1d:5f:6d:c9:89:14:48:38:41:39:84:e3:
c6:f4:63:d1:0c:b2:a5:40:f7:0f:2e:50:b0:9c:47:
de:2e:3a:9b:ea:b7:fa:fd:68:e0:26:26:28:3b:99:
24:7c:94:c5:ae:0d:51:94:59:4c:0d:d1:7c:3d:d1:
95:dc:1f:34:ca:b1:d5:ab:a6:18:45:45:f2:0c:ea:
5a:5d:53:7a:52:71:76:2f:ed:c0:fe:67:c5:e9:8a:
83:fb:10:47:84:06:95:49:3c:ed:b0:aa:98:67:e9:
8a:c1:fc:64:41:39:bd:27:2d:93:27:a4:f8:48:d9:
cd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:22:F3:49:6B:E1:22:42:D5:10:E3:46:A3:74:19:D6:6B:08:1C:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/834ff2b2-55b6-4011-9d9b-451a7311335d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:b000::/40
Signature Algorithm: sha256WithRSAEncryption
c2:56:24:12:94:90:35:c8:57:06:b0:c2:73:3e:5d:c0:e3:5f:
46:e4:6b:f0:73:a6:3b:1c:b3:5a:0b:a0:e4:1e:12:66:e6:89:
28:d0:b5:2e:9c:7e:83:18:80:58:f4:4f:ef:18:4b:26:f6:de:
19:7c:a8:a9:28:d1:12:01:62:b5:91:2d:ab:71:2f:75:2e:60:
3a:b8:a6:2f:72:4e:70:2a:8e:66:37:f2:f9:af:2f:c3:c7:b2:
69:9c:ec:05:f1:0c:ce:d0:83:8b:d5:f3:70:ca:1d:56:02:d2:
0b:9d:e2:22:12:e3:eb:ea:b9:2b:9f:18:e8:50:5a:5e:74:16:
ea:c6:05:28:ab:54:87:52:19:70:1d:dd:7a:9f:2e:cd:a6:8d:
e0:6d:94:77:33:10:52:b4:88:18:3c:80:80:75:51:09:43:88:
f2:d3:bd:f0:c8:6f:be:0d:6d:c8:6c:b9:c5:8e:7c:c6:e1:36:
f9:93:ae:a9:d4:69:df:93:97:e9:d2:06:70:72:7f:7b:13:30:
96:88:3f:bb:de:1b:aa:21:8c:33:4b:0f:51:19:0e:69:10:99:
ee:9a:b2:2b:49:f6:35:5a:fb:4b:65:49:89:14:fa:19:1b:eb:
ea:4b:f7:8b:f1:bf:69:ad:4d:6f:fc:48:7a:c1:86:fb:2b:80:
d0:1e:8d:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURCqKDxc5D22JD8uRfwagIHSUyKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNDFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZDg1NmI1MTAyYjMxMjYwMGM1OGEwMDZjYTkyMDZiMjg5MmFkNzNlZDAw
YzU4N2E4NmZlMzVkMzYwN2E1MzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvWiD8m+xOIa+V7FtQmHzSni9BZLsnHaeMP6go6yHWVPQPch95/GKAYfcO2
z22/XkLi59SuQ+8qhZtxz762ytqYHp1ezj6HN483ezlQW0+ebxujPye/PxWQwfIq
dRZVyEcahJo1esO+CAWHVUDagYJyf5vWzPhQcmpMyB9j4wwtv6FAP2/+rFC1HV9t
yYkUSDhBOYTjxvRj0QyypUD3Dy5QsJxH3i46m+q3+v1o4CYmKDuZJHyUxa4NUZRZ
TA3RfD3RldwfNMqx1aumGEVF8gzqWl1TelJxdi/twP5nxemKg/sQR4QGlUk87bCq
mGfpisH8ZEE5vSctkyek+EjZzd0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfIvNJ
a+EiQtUQ40ajdBnWawgcYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODM0ZmYyYjItNTViNi00MDExLTlkOWItNDUxYTczMTEzMzVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Daw
MA0GCSqGSIb3DQEBCwUAA4IBAQDCViQSlJA1yFcGsMJzPl3A419G5Gvwc6Y7HLNa
C6DkHhJm5oko0LUunH6DGIBY9E/vGEsm9t4ZfKipKNESAWK1kS2rcS91LmA6uKYv
ck5wKo5mN/L5ry/Dx7JpnOwF8QzO0IOL1fNwyh1WAtILneIiEuPr6rkrnxjoUFpe
dBbqxgUoq1SHUhlwHd16ny7Npo3gbZR3MxBStIgYPICAdVEJQ4jy073wyG++DW3I
bLnFjnzG4Tb5k66p1Gnfk5fp0gZwcn97EzCWiD+73huqIYwzSw9RGQ5pEJnumrIr
SfY1WvtLZUmJFPoZG+vqS/eL8b9prU1v/Eh6wYb7K4DQHo3X
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:37 2026 by rpki-client