Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
File: 8553b3da-6a47-43ee-87d3-5259a23c371b.roa (raw, json)
Hash identifier: +SsEPYhX0uH1lWMycGWZpPwnw92JJnUyOFduYUJlEpw=
Subject key identifier: AE:B8:5B:2E:7A:61:C3:FE:20:7B:4D:86:B1:45:5A:60:C1:31:8D:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C3023C87EC8E6B9A8756C87B7C79358107FBEB8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
Signing time: Sat 28 Feb 2026 06:10:43 +0000
ROA not before: Sat 28 Feb 2026 06:10:43 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:30:23:c8:7e:c8:e6:b9:a8:75:6c:87:b7:c7:93:58:10:7f:be:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:43 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=645b31187806655396241328f7b2be5897af8488cdae4795b09ee0f92e98ecaa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d8:40:81:d7:a8:f3:35:ab:66:e3:e4:63:64:
2c:bb:83:29:74:36:ae:20:da:1e:84:6c:47:7f:09:
d8:5f:9e:da:80:f7:dd:dc:bd:92:81:94:5f:c6:2f:
1c:a4:44:fb:6e:10:dc:0b:7c:91:31:1b:ce:a7:5c:
fb:3e:0a:0b:be:36:31:51:9a:b6:49:91:c9:42:67:
26:4c:8e:61:ca:39:39:b3:66:22:92:82:9e:a6:fe:
d6:8e:c9:33:f8:c1:8b:7f:fa:3d:82:a1:7f:a4:58:
5b:f6:93:e9:5e:72:62:d1:92:38:4b:8d:60:3a:0a:
d6:4d:d9:fa:81:8b:6f:ba:4f:e5:1a:27:4e:00:06:
4c:9b:69:71:8f:2a:c5:32:70:b9:c2:e1:cd:a7:f5:
64:50:7c:5e:c8:29:62:ff:46:d7:d3:03:0b:c6:12:
d4:b1:5d:ed:9b:59:14:e2:af:9b:99:50:a9:97:8d:
86:eb:22:37:1e:11:23:cb:2c:c1:13:d4:10:5f:d1:
d1:18:ca:01:30:cb:1e:99:d6:08:37:0e:a2:5e:0c:
53:48:96:fa:82:69:81:bc:44:d1:49:75:a2:64:dc:
1c:e4:36:62:0b:83:8f:fd:dc:db:24:48:df:90:98:
38:e4:26:b3:63:8d:0f:ac:6e:a5:72:43:d4:54:5a:
fa:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B8:5B:2E:7A:61:C3:FE:20:7B:4D:86:B1:45:5A:60:C1:31:8D:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:2000::/40
Signature Algorithm: sha256WithRSAEncryption
02:72:86:4b:d7:61:e0:35:5b:a3:0d:98:c2:0b:3f:49:c6:f4:
a7:af:bb:a0:ee:b2:be:5b:d9:ae:bf:7a:75:be:f8:d6:cf:08:
fc:0f:2d:2a:d2:cf:70:5c:2c:35:f2:80:74:f3:ad:56:87:8c:
4d:e7:4b:83:d4:7e:66:66:77:e5:a1:81:a4:a0:11:18:67:1a:
15:76:1f:ac:0b:e3:13:93:c9:7d:ad:b8:70:6f:18:88:2f:df:
1e:de:d2:05:95:b0:c9:cc:26:20:35:de:8e:0d:3c:10:dc:6b:
e2:11:72:d4:2c:81:98:a2:a3:e8:6e:bc:6b:f8:8f:dc:87:cc:
ec:77:a8:bb:3f:14:03:d5:f8:1d:2b:2d:97:69:74:d9:73:c0:
5f:e3:31:39:ad:9f:11:54:cb:27:79:95:5c:3f:ba:28:4f:00:
c5:66:98:79:1f:09:c6:6a:88:27:c3:8b:30:03:eb:df:91:58:
06:e6:e2:da:6b:31:cd:3c:f9:d8:90:f5:7a:6b:6f:0a:2e:86:
60:b4:05:13:16:39:8a:a4:d8:30:b5:e4:c4:f7:54:bf:79:0d:
e6:47:5c:ce:c1:0b:28:29:6c:9c:5d:7c:44:14:6f:50:1e:56:
7f:ad:fc:b6:06:9d:24:cc:b6:a5:37:d9:3b:d0:43:cf:ca:a2:
82:e4:a8:fb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULDAjyH7I5rmodWyHt8eTWBB/vrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0NWIzMTE4NzgwNjY1NTM5NjI0MTMyOGY3YjJiZTU4OTdhZjg0ODhjZGFl
NDc5NWIwOWVlMGY5MmU5OGVjYWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbYQIHXqPM1q2bj5GNkLLuDKXQ2riDaHoRsR38J2F+e2oD33dy9koGUX8Yv
HKRE+24Q3At8kTEbzqdc+z4KC742MVGatkmRyUJnJkyOYco5ObNmIpKCnqb+1o7J
M/jBi3/6PYKhf6RYW/aT6V5yYtGSOEuNYDoK1k3Z+oGLb7pP5RonTgAGTJtpcY8q
xTJwucLhzaf1ZFB8XsgpYv9G19MDC8YS1LFd7ZtZFOKvm5lQqZeNhusiNx4RI8ss
wRPUEF/R0RjKATDLHpnWCDcOol4MU0iW+oJpgbxE0Ul1omTcHOQ2YguDj/3c2yRI
35CYOOQms2OND6xupXJD1FRa+scCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuuFsu
emHD/iB7TYaxRVpgwTGNazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODU1M2IzZGEtNmE0Ny00M2VlLTg3ZDMtNTI1OWEyM2MzNzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEg
MA0GCSqGSIb3DQEBCwUAA4IBAQACcoZL12HgNVujDZjCCz9JxvSnr7ug7rK+W9mu
v3p1vvjWzwj8Dy0q0s9wXCw18oB0861Wh4xN50uD1H5mZnfloYGkoBEYZxoVdh+s
C+MTk8l9rbhwbxiIL98e3tIFlbDJzCYgNd6ODTwQ3GviEXLULIGYoqPobrxr+I/c
h8zsd6i7PxQD1fgdKy2XaXTZc8Bf4zE5rZ8RVMsneZVcP7ooTwDFZph5HwnGaogn
w4swA+vfkVgG5uLaazHNPPnYkPV6a28KLoZgtAUTFjmKpNgwteTE91S/eQ3mR1zO
wQsoKWycXXxEFG9QHlZ/rfy2Bp0kzLalN9k70EPPyqKC5Kj7
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:32 2026 by rpki-client