Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
File: 9fb96617-2d2f-468d-b766-35c52d9f2681.roa (raw, json)
Hash identifier: 2NSH+iANc2DU4LLtp1CouBqpJyR/JqUk+VRYm0sRoz4=
Subject key identifier: 3F:CF:55:8D:34:C9:A5:95:27:1D:5C:BB:01:A2:2A:26:99:B6:E8:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FB57E9EBCD2955458756F1590E159B23DF13651
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
Signing time: Sat 28 Feb 2026 05:20:46 +0000
ROA not before: Sat 28 Feb 2026 05:20:46 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:b5:7e:9e:bc:d2:95:54:58:75:6f:15:90:e1:59:b2:3d:f1:36:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:46 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=8bfd1906c3f962f84ddc6a10f4c6116517f444e5a72bc04581a4d42dfe98e53e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c6:1e:76:4a:ea:93:38:9b:d8:6d:b7:85:40:
ff:3d:b7:0a:01:47:72:41:7b:87:4f:2d:08:e4:6e:
85:22:aa:86:89:0c:5d:b0:39:a5:95:96:b4:86:d0:
04:11:5c:54:0d:06:ec:43:a6:f4:f2:16:02:6b:96:
31:6d:3d:57:65:71:1f:c4:5a:e6:52:39:3f:0d:bf:
0c:d4:eb:55:7f:2b:9e:6d:91:33:35:ee:cc:f9:e6:
73:26:3b:a3:37:99:53:a9:3a:ea:4e:01:86:be:d1:
66:d6:96:06:71:b1:ba:00:d4:bd:92:bf:b0:aa:6c:
65:6c:8e:08:38:73:01:1e:08:bf:84:42:02:0b:37:
de:11:13:e7:6a:80:50:06:6f:86:b0:c8:17:f4:e9:
64:54:f5:4f:0c:f9:b9:f8:77:b0:8f:77:0c:ce:d7:
2e:de:21:be:ad:e7:93:43:d4:45:3f:bd:ea:80:a3:
6f:a6:38:9f:89:07:17:08:28:d1:98:24:18:7e:f1:
83:6a:45:b5:6b:d7:48:00:de:f6:e9:07:c7:c5:f4:
14:00:dc:08:c7:0d:7f:df:e1:b4:c9:42:7e:c2:24:
d8:c0:1f:30:5a:f9:f4:21:33:30:e6:cc:18:cd:65:
38:a4:d1:12:6c:70:f2:68:a5:1f:14:85:60:fd:cd:
4d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:CF:55:8D:34:C9:A5:95:27:1D:5C:BB:01:A2:2A:26:99:B6:E8:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:800::/38
Signature Algorithm: sha256WithRSAEncryption
57:18:97:cd:72:e3:bc:9a:86:c3:6d:f7:a5:52:06:1e:d4:7d:
a2:45:56:be:e1:d1:44:4d:ab:3d:eb:4d:06:42:34:8c:71:ec:
20:88:c5:7d:c8:dd:dd:30:7a:60:6b:67:21:64:2f:5d:f4:53:
a7:a8:b1:a5:cf:f5:c1:bf:1a:b2:fd:cf:76:7d:6a:c1:4f:ea:
6e:68:6c:e2:10:db:97:0f:c9:6c:62:14:09:57:38:2c:65:eb:
f3:fa:2e:92:6e:6b:47:1b:97:da:ba:87:fc:48:80:d3:04:03:
45:b5:ef:99:16:c8:86:e4:6f:fd:76:06:83:a8:81:48:2e:db:
56:c9:48:23:cd:d0:10:c5:68:64:f6:45:06:70:0e:b9:02:48:
d6:4e:df:a2:e2:a8:b5:15:be:7e:21:bc:97:53:ac:c3:b2:ce:
97:ab:5d:58:e0:46:ae:f3:e6:7d:b7:e5:8c:ef:57:66:e7:0d:
ba:c2:4c:37:b9:00:17:80:41:f1:cd:34:a0:41:38:0d:f6:16:
19:61:a0:8f:e2:fd:38:86:35:ce:70:ff:c5:fd:73:7c:e3:f8:
3e:c4:04:3b:4d:78:1a:92:56:e1:6a:84:4f:3f:0f:bd:44:01:
ff:0d:26:c9:ae:45:44:d3:2c:f2:1d:f3:3a:69:86:aa:ba:66:
ba:f8:a2:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX7V+nrzSlVRYdW8VkOFZsj3xNlEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiZmQxOTA2YzNmOTYyZjg0ZGRjNmExMGY0YzYxMTY1MTdmNDQ0ZTVhNzJi
YzA0NTgxYTRkNDJkZmU5OGU1M2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPGHnZK6pM4m9htt4VA/z23CgFHckF7h08tCORuhSKqhokMXbA5pZWWtIbQ
BBFcVA0G7EOm9PIWAmuWMW09V2VxH8Ra5lI5Pw2/DNTrVX8rnm2RMzXuzPnmcyY7
ozeZU6k66k4Bhr7RZtaWBnGxugDUvZK/sKpsZWyOCDhzAR4Iv4RCAgs33hET52qA
UAZvhrDIF/TpZFT1Twz5ufh3sI93DM7XLt4hvq3nk0PURT+96oCjb6Y4n4kHFwgo
0ZgkGH7xg2pFtWvXSADe9ukHx8X0FADcCMcNf9/htMlCfsIk2MAfMFr59CEzMObM
GM1lOKTREmxw8milHxSFYP3NTdUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/z1WN
NMmllScdXLsBoiommbbowjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZiOTY2MTctMmQyZi00NjhkLWI3NjYtMzVjNTJkOWYyNjgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUI
MA0GCSqGSIb3DQEBCwUAA4IBAQBXGJfNcuO8mobDbfelUgYe1H2iRVa+4dFETas9
600GQjSMcewgiMV9yN3dMHpga2chZC9d9FOnqLGlz/XBvxqy/c92fWrBT+puaGzi
ENuXD8lsYhQJVzgsZevz+i6SbmtHG5fauof8SIDTBANFte+ZFsiG5G/9dgaDqIFI
LttWyUgjzdAQxWhk9kUGcA65AkjWTt+i4qi1Fb5+IbyXU6zDss6Xq11Y4Eau8+Z9
t+WM71dm5w26wkw3uQAXgEHxzTSgQTgN9hYZYaCP4v04hjXOcP/F/XN84/g+xAQ7
TXgaklbhaoRPPw+9RAH/DSbJrkVE0yzyHfM6aYaquma6+KJX
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:32:05 2026 by rpki-client