Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
File: 87ec9982-c725-40e5-b829-ff0f06d939c8.roa (raw, json)
Hash identifier: ELel6eZBYtD670plXSbmDBDOkuA09yfmi53dNdOdF68=
Subject key identifier: E2:09:67:5C:BD:02:05:07:1B:D0:33:56:8C:90:2C:A5:35:74:2E:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DF6A27E2BDBED0874DBB85DCD3DC1AD19C66DCD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
Signing time: Sat 28 Feb 2026 05:20:29 +0000
ROA not before: Sat 28 Feb 2026 05:20:29 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:f6:a2:7e:2b:db:ed:08:74:db:b8:5d:cd:3d:c1:ad:19:c6:6d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:29 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=37e9140f2fe2753a779a6682a08833f7d0a72a84184cd12c814edde86348b400, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fc:e6:46:9d:14:d7:ec:8a:34:b0:7f:5a:e2:
bc:af:9f:e1:09:99:7a:26:b8:13:b2:ef:23:87:6e:
36:74:44:10:60:65:e6:30:6d:ae:b6:58:ec:d1:12:
50:c2:1a:6a:36:91:d4:71:ff:30:50:11:8b:ec:b0:
62:94:05:99:a3:8c:b7:ff:59:88:a2:f8:f8:d9:8c:
55:6e:54:59:b2:b4:e8:e6:0f:6b:34:5a:97:0f:72:
c1:e7:6a:0f:c6:dd:d8:a6:1b:a6:a8:4a:2e:e8:c8:
27:70:64:f0:3f:b9:6f:c6:e9:05:8e:85:aa:ac:b5:
06:95:26:6a:b3:dc:57:73:28:bc:10:58:a6:ad:b2:
c2:3a:e0:e1:40:34:53:b2:d1:fb:8c:32:34:38:6e:
a6:68:da:5b:e1:92:fe:1f:96:84:d7:82:9b:ed:74:
8f:3f:38:98:6a:1a:78:13:b7:5f:43:73:4e:4a:1b:
f4:5b:0b:59:8f:d3:aa:9d:1e:12:b5:0e:dd:0b:94:
3c:ab:ab:09:ac:86:dd:18:95:57:bf:a0:bd:da:73:
ab:a8:e5:b0:ef:93:e1:cd:7a:10:ca:d2:86:eb:81:
75:79:61:f6:6f:9e:e7:ca:4c:25:a8:94:1c:93:c0:
5d:93:85:d8:48:85:9b:78:60:c9:41:c7:a2:39:49:
07:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:09:67:5C:BD:02:05:07:1B:D0:33:56:8C:90:2C:A5:35:74:2E:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:9000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:d0:e6:a3:42:78:c6:69:21:aa:2f:c1:71:b3:c5:60:95:78:
ba:83:58:cf:c1:a5:b3:41:80:17:bb:00:42:6d:10:3d:06:b4:
e4:85:8f:e0:bb:82:00:e2:db:ce:8c:1f:33:14:a6:15:df:ad:
6e:ff:5c:ac:37:68:50:b6:12:55:97:86:5d:20:e7:da:ea:43:
c0:94:f7:8c:d9:50:98:92:d6:f4:91:13:a4:67:87:30:df:f7:
69:54:0f:29:a4:60:e7:b2:a9:8f:80:ff:06:1a:2f:85:1a:1d:
72:b8:c3:25:29:67:40:f7:72:1d:56:30:e1:30:a7:9a:24:2c:
be:e3:97:9b:de:cb:6a:19:dd:55:f3:b8:ae:11:20:c7:f1:4f:
0b:8e:18:6d:65:6f:b6:74:5f:59:73:5f:70:b1:30:c1:92:1f:
64:af:39:89:98:b8:3e:8b:ec:1f:17:c3:9a:82:01:07:16:85:
b7:fa:64:f8:67:aa:60:f7:82:ca:d7:8c:c8:7a:16:13:3a:e6:
e9:75:ad:d2:aa:d5:d0:23:13:c0:e6:4e:33:d1:79:ec:1e:77:
ec:79:6f:8b:c2:59:eb:da:ac:2a:f2:c2:fd:dd:26:9b:16:1f:
bf:29:e6:e3:66:fb:7b:4e:3c:74:b9:f4:47:f2:2e:e5:f2:35:
5a:aa:6b:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDfaifivb7Qh027hdzT3BrRnGbc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMjlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3ZTkxNDBmMmZlMjc1M2E3NzlhNjY4MmEwODgzM2Y3ZDBhNzJhODQxODRj
ZDEyYzgxNGVkZGU4NjM0OGI0MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMD85kadFNfsijSwf1rivK+f4QmZeia4E7LvI4duNnREEGBl5jBtrrZY7NES
UMIaajaR1HH/MFARi+ywYpQFmaOMt/9ZiKL4+NmMVW5UWbK06OYPazRalw9ywedq
D8bd2KYbpqhKLujIJ3Bk8D+5b8bpBY6Fqqy1BpUmarPcV3MovBBYpq2ywjrg4UA0
U7LR+4wyNDhupmjaW+GS/h+WhNeCm+10jz84mGoaeBO3X0NzTkob9FsLWY/Tqp0e
ErUO3QuUPKurCayG3RiVV7+gvdpzq6jlsO+T4c16EMrShuuBdXlh9m+e58pMJaiU
HJPAXZOF2EiFm3hgyUHHojlJB9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTiCWdc
vQIFBxvQM1aMkCylNXQuFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODdlYzk5ODItYzcyNS00MGU1LWI4MjktZmYwZjA2ZDkzOWM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDH0OajQnjGaSGqL8Fxs8VglXi6g1jPwaWzQYAX
uwBCbRA9BrTkhY/gu4IA4tvOjB8zFKYV361u/1ysN2hQthJVl4ZdIOfa6kPAlPeM
2VCYktb0kROkZ4cw3/dpVA8ppGDnsqmPgP8GGi+FGh1yuMMlKWdA93IdVjDhMKea
JCy+45eb3stqGd1V87iuESDH8U8LjhhtZW+2dF9Zc19wsTDBkh9krzmJmLg+i+wf
F8OaggEHFoW3+mT4Z6pg94LK14zIehYTOubpda3SqtXQIxPA5k4z0XnsHnfseW+L
wlnr2qwq8sL93SabFh+/KebjZvt7Tjx0ufRH8i7l8jVaqmvL
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:56 2026 by rpki-client