Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
File: 9902e563-fe64-4a01-9616-0424a53839fb.roa (raw, json)
Hash identifier: I1rDsX3ZT2r26HTIi0CJDMbV8Il8Hj2U+onKhVyCimg=
Subject key identifier: D0:61:05:53:53:DB:8E:DF:DB:15:3B:16:5D:4B:0C:3F:A4:32:5D:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5578A5089169BE41B06A471FC218103F3B3BEC06
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
Signing time: Sat 28 Feb 2026 05:50:13 +0000
ROA not before: Sat 28 Feb 2026 05:50:13 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:78:a5:08:91:69:be:41:b0:6a:47:1f:c2:18:10:3f:3b:3b:ec:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:13 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c6d631a78fcdcf38bc3f6f9bf7f02515e5f35e118ee9e363809196442cc17eb6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ec:05:5d:80:f9:8b:f7:8e:02:bb:33:e6:91:
9f:c5:72:5a:ae:be:d4:99:ad:dd:6b:c7:bc:13:0d:
2f:50:02:97:c3:a4:1e:a3:3d:4e:14:f8:25:e6:dc:
91:a3:99:2a:f2:fa:1b:fb:a0:6c:49:f7:e4:52:37:
56:3a:9e:9f:87:0f:9a:4c:62:42:56:2d:dd:4b:fc:
f9:de:cd:07:c4:96:cd:bb:ad:bb:c4:3d:8e:59:74:
c9:7e:ff:0b:49:9f:0a:63:82:b0:c1:a4:8f:76:bb:
f5:b5:14:9e:5c:fa:c4:d8:f4:1d:5f:7c:df:58:c0:
54:b0:3a:af:ed:6d:73:03:3d:58:b1:04:7f:c9:5b:
06:c0:59:7b:7a:8b:35:ae:c9:6e:f7:fc:09:ea:9e:
0b:11:37:d2:04:9a:41:d9:0a:4a:df:09:c1:dd:83:
bd:78:2f:4e:02:d1:64:5e:d3:40:30:2d:3b:bd:86:
ca:8c:13:7b:dc:2d:18:44:0a:6b:7a:b2:87:03:ec:
bc:3e:3b:cd:ea:f8:e3:23:3f:3e:17:7c:72:c4:32:
63:df:aa:4b:f2:01:2e:eb:83:98:51:80:db:82:9b:
a6:f5:c8:b1:84:6a:fb:a0:d1:cb:f7:19:11:ef:d8:
63:40:53:26:78:bc:07:24:f2:d8:8a:6e:08:e4:e5:
98:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:61:05:53:53:DB:8E:DF:DB:15:3B:16:5D:4B:0C:3F:A4:32:5D:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
ba:10:39:7c:d5:9b:e8:a3:5d:7e:9e:36:90:2d:3f:0b:0f:98:
bc:e4:92:3b:11:c5:31:f4:6f:d6:01:52:4a:71:9f:22:ff:b7:
31:3d:c5:5e:f1:a7:05:f9:c7:f0:6e:49:06:1d:13:c5:6e:5e:
43:1e:f6:5e:9f:97:96:d2:e8:07:d8:df:0e:4c:a2:33:5c:8c:
ba:e6:35:2b:34:29:ba:df:82:d1:77:cf:cf:76:f9:c7:46:f9:
68:4e:03:d3:28:3a:16:f2:55:60:df:b1:3d:23:75:b7:f0:54:
d5:a0:3b:f6:41:09:b4:0f:8b:88:84:d0:07:be:41:6c:44:91:
ee:ad:72:c4:57:5a:5b:b8:50:dd:75:98:8e:14:41:82:26:79:
de:d4:49:81:e3:61:1a:2c:d1:f7:79:bb:f3:1f:1e:a7:44:36:
6d:06:ca:ed:7c:b5:b4:b4:3a:f5:77:a2:e1:44:eb:f6:cb:83:
b2:55:7d:1b:25:ce:52:ca:3f:f1:27:a5:5a:d6:f5:48:b2:38:
6a:de:14:90:5a:dc:89:d1:5a:7a:7a:8b:a1:ef:6e:74:bb:91:
9b:d3:d9:09:95:3d:dc:53:67:ae:dd:e6:55:8d:ec:20:93:f5:
c7:ac:12:fe:50:8e:df:34:da:27:76:3a:ac:c7:3b:1d:85:a2:
ed:08:b5:19
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVXilCJFpvkGwakcfwhgQPzs77AYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwMTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2ZDYzMWE3OGZjZGNmMzhiYzNmNmY5YmY3ZjAyNTE1ZTVmMzVlMTE4ZWU5
ZTM2MzgwOTE5NjQ0MmNjMTdlYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzsBV2A+Yv3jgK7M+aRn8VyWq6+1Jmt3WvHvBMNL1ACl8OkHqM9ThT4Jebc
kaOZKvL6G/ugbEn35FI3Vjqen4cPmkxiQlYt3Uv8+d7NB8SWzbutu8Q9jll0yX7/
C0mfCmOCsMGkj3a79bUUnlz6xNj0HV9831jAVLA6r+1tcwM9WLEEf8lbBsBZe3qL
Na7Jbvf8CeqeCxE30gSaQdkKSt8Jwd2DvXgvTgLRZF7TQDAtO72GyowTe9wtGEQK
a3qyhwPsvD47zer44yM/Phd8csQyY9+qS/IBLuuDmFGA24KbpvXIsYRq+6DRy/cZ
Ee/YY0BTJni8ByTy2IpuCOTlmLkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTQYQVT
U9uO39sVOxZdSww/pDJdZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkwMmU1NjMtZmU2NC00YTAxLTk2MTYtMDQyNGE1MzgzOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
wDANBgkqhkiG9w0BAQsFAAOCAQEAuhA5fNWb6KNdfp42kC0/Cw+YvOSSOxHFMfRv
1gFSSnGfIv+3MT3FXvGnBfnH8G5JBh0TxW5eQx72Xp+XltLoB9jfDkyiM1yMuuY1
KzQput+C0XfPz3b5x0b5aE4D0yg6FvJVYN+xPSN1t/BU1aA79kEJtA+LiITQB75B
bESR7q1yxFdaW7hQ3XWYjhRBgiZ53tRJgeNhGizR93m78x8ep0Q2bQbK7Xy1tLQ6
9Xei4UTr9suDslV9GyXOUso/8SelWtb1SLI4at4UkFrcidFaenqLoe9udLuRm9PZ
CZU93FNnrt3mVY3sIJP1x6wS/lCO3zTaJ3Y6rMc7HYWi7Qi1GQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:38:20 2026 by rpki-client