Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
File: 88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa (raw, json)
Hash identifier: o3IdTFEAm8XxC3JckO0M/f1fT1X/qhEKhjlzDe/GMn4=
Subject key identifier: F3:3E:30:6A:62:12:DA:29:8E:DC:FD:FD:2A:F6:B9:E2:9E:3D:7D:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47F039432543DAFF4E377ED37C746D24119353C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
Signing time: Sat 28 Feb 2026 05:41:22 +0000
ROA not before: Sat 28 Feb 2026 05:41:22 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:f0:39:43:25:43:da:ff:4e:37:7e:d3:7c:74:6d:24:11:93:53:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:22 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=aad05d3d5d6e2a4946e6113d3bf6e9585feaf7f8d04993065b79fd2a5be49e33, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d0:3b:d6:89:fa:dd:e2:6c:f5:37:b9:ff:74:
6c:02:bf:f3:5c:6f:cc:ba:e8:8d:78:b3:35:7f:05:
4a:c9:67:61:de:0e:87:e1:84:bd:74:54:86:fd:94:
36:f6:c4:3d:d5:55:72:24:b8:af:75:47:8f:00:77:
bd:bd:8b:76:d3:60:8f:35:51:4a:7c:93:5e:4b:19:
61:ac:3d:09:ba:b9:08:1e:b5:38:ee:f7:98:74:0d:
e6:35:e6:54:86:7a:1f:20:09:b3:2b:f5:6c:5f:16:
a8:ff:5e:62:56:97:1b:75:02:62:15:13:5b:84:11:
65:9c:b1:c1:bd:f8:5f:b8:3e:47:2d:aa:1e:6a:7a:
b6:57:c1:92:23:54:74:4c:a7:e4:e7:e0:52:b0:1f:
3e:a6:29:17:39:01:07:da:e8:94:6d:a1:9e:63:11:
16:0c:e6:eb:3f:12:fe:40:b8:d2:46:aa:5f:f3:d4:
dd:65:ab:b2:ef:ca:da:02:4a:2f:65:6f:11:25:66:
9a:c4:63:08:14:18:bc:b3:60:07:17:6e:52:db:c9:
71:2d:ce:84:32:8a:ee:b6:cb:98:8a:a0:5c:c7:72:
bf:8f:60:ac:66:b7:10:a2:bd:fd:86:76:95:0b:6a:
cc:bc:18:bb:a1:3f:be:d8:1c:89:79:39:7d:06:b8:
3f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3E:30:6A:62:12:DA:29:8E:DC:FD:FD:2A:F6:B9:E2:9E:3D:7D:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:c00::/38
Signature Algorithm: sha256WithRSAEncryption
3b:8e:39:90:f9:72:e3:c9:69:7d:75:26:4a:76:2e:69:7c:c6:
eb:11:0a:a9:10:15:8d:31:26:4d:58:6b:e3:90:c5:cb:23:22:
12:1a:48:d9:4d:5d:fd:3f:71:08:04:66:2b:0e:44:e9:f5:d0:
6f:c4:b5:3c:40:e5:4d:7e:14:4c:f7:4e:3b:62:0d:5d:2f:3d:
c0:28:58:6b:41:e5:16:bb:17:d8:85:81:7e:6b:29:2f:24:92:
2f:de:0d:44:82:d3:a7:00:08:8b:1b:a9:53:d9:c7:15:b4:8b:
19:ed:e0:de:57:6e:64:39:59:29:1b:62:85:5f:5a:65:e6:10:
68:35:72:e8:17:ff:5e:96:f5:7f:37:3e:69:a0:23:61:13:b8:
c3:78:98:cb:df:88:0a:1f:94:e1:3b:a2:a1:75:4c:05:7d:31:
74:48:e0:50:4b:ad:cf:22:7e:04:b8:58:9f:86:a8:2e:14:0f:
91:d6:3f:72:b6:82:62:ad:49:30:0e:e0:08:56:43:30:49:f5:
c0:a9:9c:68:ab:d7:d1:ba:1f:fc:69:df:17:02:6a:8e:12:f7:
3b:3b:d3:4b:d1:91:8f:33:ad:85:b8:46:2b:a7:61:c5:ab:7e:
12:4f:77:06:48:5b:b5:70:02:d8:34:66:9c:eb:c2:86:e6:6e:
49:23:fe:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR/A5QyVD2v9ON37TfHRtJBGTU8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhZDA1ZDNkNWQ2ZTJhNDk0NmU2MTEzZDNiZjZlOTU4NWZlYWY3ZjhkMDQ5
OTMwNjViNzlmZDJhNWJlNDllMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbQO9aJ+t3ibPU3uf90bAK/81xvzLrojXizNX8FSslnYd4Oh+GEvXRUhv2U
NvbEPdVVciS4r3VHjwB3vb2LdtNgjzVRSnyTXksZYaw9Cbq5CB61OO73mHQN5jXm
VIZ6HyAJsyv1bF8WqP9eYlaXG3UCYhUTW4QRZZyxwb34X7g+Ry2qHmp6tlfBkiNU
dEyn5OfgUrAfPqYpFzkBB9rolG2hnmMRFgzm6z8S/kC40kaqX/PU3WWrsu/K2gJK
L2VvESVmmsRjCBQYvLNgBxduUtvJcS3OhDKK7rbLmIqgXMdyv49grGa3EKK9/YZ2
lQtqzLwYu6E/vtgciXk5fQa4P4ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzPjBq
YhLaKY7c/f0q9rninj19czAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg4MDBmOWYtNDhmZC00NDQyLWE2ZjYtN2E1MDRlMWNiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIM
MA0GCSqGSIb3DQEBCwUAA4IBAQA7jjmQ+XLjyWl9dSZKdi5pfMbrEQqpEBWNMSZN
WGvjkMXLIyISGkjZTV39P3EIBGYrDkTp9dBvxLU8QOVNfhRM9047Yg1dLz3AKFhr
QeUWuxfYhYF+aykvJJIv3g1EgtOnAAiLG6lT2ccVtIsZ7eDeV25kOVkpG2KFX1pl
5hBoNXLoF/9elvV/Nz5poCNhE7jDeJjL34gKH5ThO6KhdUwFfTF0SOBQS63PIn4E
uFifhqguFA+R1j9ytoJirUkwDuAIVkMwSfXAqZxoq9fRuh/8ad8XAmqOEvc7O9NL
0ZGPM62FuEYrp2HFq34ST3cGSFu1cALYNGac68KG5m5JI/5W
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:40 2026 by rpki-client