Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
File: 99404275-57dd-4a36-8c29-529ab06d1d00.roa (raw, json)
Hash identifier: epGWsLOzMj32St6GaePxM2i5vWQsr/RJXUruNBoOyaM=
Subject key identifier: 1D:36:E9:3E:BD:C1:48:94:6F:FC:09:72:43:71:A0:25:12:96:9D:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CE7BAE9D1D4CDCBB1BC20B18198593F798BEAD2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
Signing time: Sat 28 Feb 2026 06:10:28 +0000
ROA not before: Sat 28 Feb 2026 06:10:28 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:e7:ba:e9:d1:d4:cd:cb:b1:bc:20:b1:81:98:59:3f:79:8b:ea:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:28 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=201ae3707516ed950d94c6711a780f3a1e98e4b676e1b5c7d9cd49a818d5abef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2d:ac:5b:01:20:cd:21:0f:ea:2d:10:fd:fa:
51:88:9a:a6:66:99:e5:7f:0f:b0:f3:a8:9c:57:27:
db:2c:d0:d4:8a:a2:0b:3e:8e:bb:a8:b6:7a:a1:a4:
5e:b5:e7:57:dc:a2:9f:5b:33:0b:01:1f:3d:cb:c8:
bb:03:aa:74:5a:96:a3:0f:a3:a3:1e:fb:ec:9b:56:
47:8f:29:72:aa:3c:97:60:78:b3:a3:9f:51:27:4d:
25:c6:72:5c:d0:fd:2b:30:a9:96:41:4a:c6:c0:0c:
c8:55:be:31:46:a0:bb:72:31:03:80:fc:ca:fc:b3:
23:a8:e7:ca:9c:fb:a0:58:28:d8:3e:83:81:02:ea:
7b:34:66:1a:ae:4f:b3:b3:4f:96:48:9c:a5:dc:32:
4d:fb:58:b3:01:4b:9b:8c:fa:e4:24:85:fa:ae:10:
5c:8b:c9:dc:99:77:a5:e7:62:8e:b6:45:1d:14:0d:
23:22:75:de:c8:0c:dd:e9:fc:a6:a6:0c:68:68:46:
e9:26:4d:3f:65:e8:0c:35:c3:3a:e9:16:44:6f:10:
d1:57:c6:f7:1b:12:90:4e:d5:7e:c8:ab:fb:51:80:
57:cf:92:fe:cc:22:52:0e:73:b6:1a:30:07:c8:85:
df:2b:9f:ed:43:e1:8e:dc:b2:c5:bd:a7:39:0f:02:
2f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:36:E9:3E:BD:C1:48:94:6F:FC:09:72:43:71:A0:25:12:96:9D:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:b000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:44:bb:75:b0:bc:e6:65:bf:1e:5b:c3:89:a8:c2:0d:a9:72:
cb:bd:d2:ef:a7:80:56:b9:bb:d2:e2:14:6b:18:40:85:9f:ed:
c7:ef:2d:03:6a:fd:60:69:46:2a:50:60:c3:e4:4d:d7:f1:1c:
72:c1:46:6d:eb:d5:de:1d:fd:d8:43:15:40:05:48:de:c0:bd:
9e:37:d4:cb:e0:75:d5:7f:0e:06:33:ed:27:c6:61:28:ac:fd:
11:54:ec:1f:80:d9:59:33:37:fd:ba:4b:86:a1:f3:fe:31:eb:
f4:a8:59:06:86:21:1b:51:8d:2e:81:31:89:d7:b7:ab:56:c1:
3a:d1:8e:41:f7:bc:bb:25:92:35:e0:83:6d:61:b1:14:0c:00:
db:6a:18:f1:33:42:e7:1f:8c:82:70:f1:96:50:8e:59:de:3b:
59:91:26:80:b7:56:a1:17:4c:2f:89:fe:17:6e:46:f8:c3:ec:
bd:80:25:4f:0a:b3:80:cd:f4:92:f5:77:0a:4b:59:09:c3:09:
16:11:0f:37:96:f5:40:6d:ef:a4:fa:92:ea:87:df:ca:ef:21:
42:05:2e:8d:7b:28:79:9a:06:a2:ce:98:c7:86:cd:25:6a:c0:
de:a6:28:02:23:87:88:99:1b:cb:69:98:96:87:21:86:0b:5d:
ff:8d:f1:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHOe66dHUzcuxvCCxgZhZP3mL6tIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMjhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwMWFlMzcwNzUxNmVkOTUwZDk0YzY3MTFhNzgwZjNhMWU5OGU0YjY3NmUx
YjVjN2Q5Y2Q0OWE4MThkNWFiZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUtrFsBIM0hD+otEP36UYiapmaZ5X8PsPOonFcn2yzQ1IqiCz6Ou6i2eqGk
XrXnV9yin1szCwEfPcvIuwOqdFqWow+jox777JtWR48pcqo8l2B4s6OfUSdNJcZy
XND9KzCplkFKxsAMyFW+MUagu3IxA4D8yvyzI6jnypz7oFgo2D6DgQLqezRmGq5P
s7NPlkicpdwyTftYswFLm4z65CSF+q4QXIvJ3Jl3pedijrZFHRQNIyJ13sgM3en8
pqYMaGhG6SZNP2XoDDXDOukWRG8Q0VfG9xsSkE7Vfsir+1GAV8+S/swiUg5zthow
B8iF3yuf7UPhjtyyxb2nOQ8CLz8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdNuk+
vcFIlG/8CXJDcaAlEpad+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk0MDQyNzUtNTdkZC00YTM2LThjMjktNTI5YWIwNmQxZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqw
MA0GCSqGSIb3DQEBCwUAA4IBAQCMRLt1sLzmZb8eW8OJqMINqXLLvdLvp4BWubvS
4hRrGECFn+3H7y0Dav1gaUYqUGDD5E3X8RxywUZt69XeHf3YQxVABUjewL2eN9TL
4HXVfw4GM+0nxmEorP0RVOwfgNlZMzf9ukuGofP+Mev0qFkGhiEbUY0ugTGJ17er
VsE60Y5B97y7JZI14INtYbEUDADbahjxM0LnH4yCcPGWUI5Z3jtZkSaAt1ahF0wv
if4Xbkb4w+y9gCVPCrOAzfSS9XcKS1kJwwkWEQ83lvVAbe+k+pLqh9/K7yFCBS6N
eyh5mgaizpjHhs0lasDepigCI4eImRvLaZiWhyGGC13/jfEH
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:05:31 2026 by rpki-client