Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5f344a4-fbcf-4285-a32d-8dce04a2290e.roa
File: a5f344a4-fbcf-4285-a32d-8dce04a2290e.roa (raw, json)
Hash identifier: WXuIzj20SeGSWbWVNbnyxZaIrSAaysR7oiX/HInvAGQ=
Subject key identifier: 2A:7F:06:0C:8B:30:9C:55:7D:D8:A2:FB:3C:61:16:3F:20:92:E8:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CAFEC1C0E10E6DE2C93DB3AD515DCF1EDBDAFD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5f344a4-fbcf-4285-a32d-8dce04a2290e.roa
Signing time: Tue 24 Feb 2026 00:40:08 +0000
ROA not before: Tue 24 Feb 2026 00:40:08 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:af:ec:1c:0e:10:e6:de:2c:93:db:3a:d5:15:dc:f1:ed:bd:af:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 00:40:08 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=cf7c9d18d80d3e0a0bf956110a33cae0766737a1a9f13329f81effc1f34832dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8f:c9:1d:43:8f:a2:79:76:96:ab:9e:b4:17:
aa:8d:15:16:76:9e:c9:00:51:3e:da:64:7e:bf:35:
1d:61:8a:14:86:37:cc:50:71:d3:3a:37:0f:91:0b:
49:46:2a:d1:ff:5c:77:e1:44:88:99:94:1b:de:57:
1d:f2:97:3b:f5:35:91:eb:4e:03:fd:05:92:67:8a:
14:3b:39:bd:55:d8:19:bf:c1:a9:34:5c:23:d6:7a:
5f:bf:0e:b0:75:71:d8:e8:20:ef:95:56:b2:91:f7:
7b:d9:9f:a0:4f:88:38:b1:07:4b:2f:1e:45:28:48:
20:41:bc:97:83:e0:8d:27:b6:db:6b:d9:5c:72:4c:
e5:57:ae:76:1e:2d:c1:fe:c0:fa:51:08:83:b9:42:
70:82:89:03:18:12:0e:2a:7a:3c:a2:45:c0:20:ea:
e5:da:ad:8d:21:8a:17:49:14:7d:c2:cc:5f:a9:eb:
03:d3:09:da:4d:e4:8b:e7:76:a4:ba:c5:7c:8b:fc:
8d:b8:92:87:1a:78:bf:a4:d0:52:df:3f:f3:7c:df:
22:93:b6:af:6f:6e:8c:2d:ce:5d:38:7a:1e:47:d9:
51:fc:eb:39:6f:71:61:9f:3a:ad:ae:5a:ec:fb:ea:
d0:d3:ee:fa:85:e0:da:d4:2e:70:5a:15:7b:b8:df:
a4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7F:06:0C:8B:30:9C:55:7D:D8:A2:FB:3C:61:16:3F:20:92:E8:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5f344a4-fbcf-4285-a32d-8dce04a2290e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e000::/40
Signature Algorithm: sha256WithRSAEncryption
94:23:10:ad:4b:11:42:80:15:4c:d1:e0:5c:52:bb:e5:08:50:
36:64:5d:2f:02:08:9c:bb:7e:a8:74:21:f6:5a:9c:04:28:4b:
ee:c1:d4:0f:7b:27:8d:ed:22:a2:cc:6e:9f:0d:f5:95:ee:de:
62:ed:7f:48:d4:51:73:42:d3:ad:59:99:98:38:43:24:34:1e:
5a:29:46:4d:0a:ae:74:f0:b1:d5:3d:df:3a:ba:8e:8c:7c:1b:
9a:07:19:4c:4f:78:ef:3c:2b:c3:e1:16:e1:e5:73:5d:58:f9:
97:c4:03:0a:d9:ff:a2:31:2c:72:b9:4e:9e:32:59:d6:d3:f7:
10:fc:aa:d1:bd:c9:80:2a:b6:a0:be:a4:4b:6b:3b:e6:03:9e:
7e:bb:1e:4e:33:78:21:77:eb:aa:f9:4f:8e:45:4c:4c:87:da:
e2:89:cd:79:fb:db:62:43:02:e0:a6:06:3a:64:66:7e:43:74:
45:0c:30:f2:d9:5d:84:ec:55:f0:46:80:cc:4a:36:a9:d7:ba:
6e:38:e7:6b:2b:66:39:49:43:3e:4a:87:29:38:bf:de:84:12:
ae:6a:43:08:ac:de:61:5c:47:8b:cd:11:41:bc:01:e4:47:c7:
21:53:4b:23:49:b7:a1:91:b2:35:5b:24:7f:af:44:a6:42:1c:
d9:ef:cf:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULK/sHA4Q5t4sk9s61RXc8e29r9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwMDQwMDhaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmN2M5ZDE4ZDgwZDNlMGEwYmY5NTYxMTBhMzNjYWUwNzY2NzM3YTFhOWYx
MzMyOWY4MWVmZmMxZjM0ODMyZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqPyR1Dj6J5dparnrQXqo0VFnaeyQBRPtpkfr81HWGKFIY3zFBx0zo3D5EL
SUYq0f9cd+FEiJmUG95XHfKXO/U1ketOA/0FkmeKFDs5vVXYGb/BqTRcI9Z6X78O
sHVx2Ogg75VWspH3e9mfoE+IOLEHSy8eRShIIEG8l4PgjSe222vZXHJM5Veudh4t
wf7A+lEIg7lCcIKJAxgSDip6PKJFwCDq5dqtjSGKF0kUfcLMX6nrA9MJ2k3ki+d2
pLrFfIv8jbiShxp4v6TQUt8/83zfIpO2r29ujC3OXTh6HkfZUfzrOW9xYZ86ra5a
7Pvq0NPu+oXg2tQucFoVe7jfpCsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQqfwYM
izCcVX3Yovs8YRY/IJLo9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTVmMzQ0YTQtZmJjZi00Mjg1LWEzMmQtOGRjZTA0YTIyOTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DXg
MA0GCSqGSIb3DQEBCwUAA4IBAQCUIxCtSxFCgBVM0eBcUrvlCFA2ZF0vAgicu36o
dCH2WpwEKEvuwdQPeyeN7SKizG6fDfWV7t5i7X9I1FFzQtOtWZmYOEMkNB5aKUZN
Cq508LHVPd86uo6MfBuaBxlMT3jvPCvD4Rbh5XNdWPmXxAMK2f+iMSxyuU6eMlnW
0/cQ/KrRvcmAKragvqRLazvmA55+ux5OM3ghd+uq+U+ORUxMh9riic15+9tiQwLg
pgY6ZGZ+Q3RFDDDy2V2E7FXwRoDMSjap17puOOdrK2Y5SUM+SocpOL/ehBKuakMI
rN5hXEeLzRFBvAHkR8chU0sjSbehkbI1WyR/r0SmQhzZ78/A
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:40 2026 by rpki-client