Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa
File: 975dfb4d-ef39-4371-9678-ff7909080d1e.roa (raw, json)
Hash identifier: jAZq+OeEp+J3Y8yNn5CC3zYC8OXpWIQN5wAmjaFBXbg=
Subject key identifier: 4A:45:D1:F9:DA:0A:BD:02:DE:9F:2B:F6:7B:90:6A:62:DB:AC:96:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1074DD3B6030F6DE7D6738CC28CB1BD3ABBE62FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa
Signing time: Sat 28 Feb 2026 05:40:14 +0000
ROA not before: Sat 28 Feb 2026 05:40:14 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:74:dd:3b:60:30:f6:de:7d:67:38:cc:28:cb:1b:d3:ab:be:62:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:14 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f342542372382190cfb87d66a7737b6f58cf7889967af209089ec6b5660ae19c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:39:bc:f8:70:1c:13:2c:0c:39:85:26:0b:d8:
e4:94:01:97:9c:9a:e4:10:86:3f:12:23:d4:03:cd:
3f:68:1d:7b:24:96:55:9c:cb:81:dd:0b:89:3e:09:
f6:68:79:ce:bb:0e:e8:f3:a6:6a:72:8f:e0:9d:67:
8a:7f:70:f4:43:7d:9c:40:4e:3a:59:d7:d9:39:52:
5a:67:6b:89:6d:27:18:e7:77:b5:61:93:19:26:8a:
1c:1e:68:f2:d3:b8:c7:10:18:f1:06:f9:ad:3d:62:
22:0f:b8:6d:f3:ae:3c:91:66:77:43:f5:8c:15:49:
48:68:8f:98:90:57:3d:e0:11:3d:ad:34:ab:65:23:
5c:d5:92:20:70:82:93:24:0e:8a:87:7a:e2:f5:c4:
56:62:ab:46:94:47:48:78:28:8c:fc:34:18:6d:c6:
e4:c1:7a:8a:13:19:b9:3a:78:5e:5a:83:1c:6f:91:
78:76:d7:6e:cc:b3:8b:e0:e1:45:b1:1c:d6:29:74:
4a:f4:bc:f4:60:1d:d4:94:57:36:42:58:39:f0:a3:
4c:63:ea:4c:75:d3:11:1f:86:2b:ea:66:19:06:e9:
aa:14:3b:f1:78:a7:83:07:c2:6a:79:e3:1e:96:38:
b1:75:0d:0b:c4:e0:bb:60:85:4d:f3:76:ea:c7:4b:
c3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:45:D1:F9:DA:0A:BD:02:DE:9F:2B:F6:7B:90:6A:62:DB:AC:96:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b080::/48
Signature Algorithm: sha256WithRSAEncryption
99:d4:e2:a9:10:55:f7:d7:40:4e:19:55:3f:f4:0e:91:ce:56:
27:3f:16:1c:d0:af:86:38:30:90:72:ed:a6:35:23:d4:9a:ce:
81:c1:5c:16:80:f5:45:52:95:79:ae:61:f1:4c:8d:30:f0:9d:
d7:c9:8f:e1:0a:5a:bc:c6:f0:39:a1:bb:22:7e:6a:30:6c:b2:
33:01:38:f1:b3:72:e2:8b:14:83:55:19:34:aa:37:22:1a:94:
a4:95:61:9e:fd:ed:6c:1b:c6:1f:fc:36:fb:c2:ef:79:24:82:
c8:83:f0:f9:59:b7:5e:dd:7c:ab:b9:e5:82:5f:00:c0:9e:88:
71:b5:f9:0e:a8:6e:b9:57:3b:4a:e3:ee:0a:1b:f5:82:68:7b:
23:54:84:08:aa:bb:74:75:fc:ef:7b:9b:ca:fb:5e:b7:ec:1f:
da:9f:c1:5c:6f:14:ed:67:b7:a0:3c:d0:f6:93:02:ad:1a:81:
3d:f4:c5:7b:81:08:c0:0a:04:91:26:0d:d4:3e:f9:5f:b1:a9:
2f:50:80:56:4f:b5:6c:9b:74:9a:7d:7d:77:a7:85:25:7a:8c:
6f:c6:24:ad:2f:e9:a3:f3:9a:b5:74:a6:37:47:eb:40:2e:3b:
60:bd:4f:79:c6:d2:b1:ec:1a:6a:70:64:86:6b:61:c8:4f:60:
e3:32:fb:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEHTdO2Aw9t59ZzjMKMsb06u+YvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwMTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNDI1NDIzNzIzODIxOTBjZmI4N2Q2NmE3NzM3YjZmNThjZjc4ODk5Njdh
ZjIwOTA4OWVjNmI1NjYwYWUxOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKY5vPhwHBMsDDmFJgvY5JQBl5ya5BCGPxIj1APNP2gdeySWVZzLgd0LiT4J
9mh5zrsO6POmanKP4J1nin9w9EN9nEBOOlnX2TlSWmdriW0nGOd3tWGTGSaKHB5o
8tO4xxAY8Qb5rT1iIg+4bfOuPJFmd0P1jBVJSGiPmJBXPeARPa00q2UjXNWSIHCC
kyQOiod64vXEVmKrRpRHSHgojPw0GG3G5MF6ihMZuTp4XlqDHG+ReHbXbsyzi+Dh
RbEc1il0SvS89GAd1JRXNkJYOfCjTGPqTHXTER+GK+pmGQbpqhQ78XingwfCannj
HpY4sXUNC8Tgu2CFTfN26sdLwzkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKRdH5
2gq9At6fK/Z7kGpi26yWjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc1ZGZiNGQtZWYzOS00MzcxLTk2NzgtZmY3OTA5MDgwZDFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKw
gDANBgkqhkiG9w0BAQsFAAOCAQEAmdTiqRBV99dAThlVP/QOkc5WJz8WHNCvhjgw
kHLtpjUj1JrOgcFcFoD1RVKVea5h8UyNMPCd18mP4QpavMbwOaG7In5qMGyyMwE4
8bNy4osUg1UZNKo3IhqUpJVhnv3tbBvGH/w2+8LveSSCyIPw+Vm3Xt18q7nlgl8A
wJ6IcbX5DqhuuVc7SuPuChv1gmh7I1SECKq7dHX873ubyvtet+wf2p/BXG8U7We3
oDzQ9pMCrRqBPfTFe4EIwAoEkSYN1D75X7GpL1CAVk+1bJt0mn19d6eFJXqMb8Yk
rS/po/OatXSmN0frQC47YL1PecbSsewaanBkhmthyE9g4zL7aQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:46 2026 by rpki-client