Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa
File: a6c61029-f559-411c-89fd-a1970cac6bc1.roa (raw, json)
Hash identifier: H5ggbCrHF+X4V9sHuhBlZr98NruffXyjOgp5XIgfvL0=
Subject key identifier: 01:03:18:EF:0B:C9:3C:64:95:58:32:C0:8F:CA:B0:DA:99:8C:AE:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DBAB69A8B653C49190A7E3F718A1A73E444E47A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa
Signing time: Sat 28 Feb 2026 06:21:03 +0000
ROA not before: Sat 28 Feb 2026 06:21:03 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:ba:b6:9a:8b:65:3c:49:19:0a:7e:3f:71:8a:1a:73:e4:44:e4:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:03 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=39f003ac02d6d5c1dc9492704993c744f84c367ac50fd0cf71385515e7d7677e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:45:f7:e2:ba:cb:01:a3:fc:dd:23:16:9e:
7c:62:18:4b:7b:a2:68:60:3a:6d:f2:5f:9c:6a:d1:
7b:ee:8b:9b:2a:e4:76:70:28:6a:13:d0:3f:a4:44:
52:7c:5f:3e:2e:98:5f:87:d0:93:11:f5:98:c6:8e:
7b:00:23:c1:56:75:21:9f:4f:94:b8:b0:51:23:bd:
05:e4:42:c4:47:14:b2:6c:8a:8a:e5:04:99:7e:06:
2b:5c:53:bc:98:2a:d5:ac:44:54:1d:d1:c6:54:08:
7e:7e:7e:d2:52:d0:f6:4e:a8:83:c3:d5:73:e2:b6:
c1:8b:85:56:cd:5c:bd:54:a4:0e:02:1c:3a:e9:80:
76:49:75:67:36:96:fe:17:9a:18:de:bf:6a:98:72:
d9:ab:9b:15:5c:d5:b4:42:98:e6:7c:70:26:a6:2b:
a4:ee:15:dc:94:e4:97:ec:f8:e2:03:83:45:0f:70:
c2:58:90:18:93:09:c0:3e:e8:c4:76:5b:46:73:d0:
1f:fc:da:5b:d5:4b:c0:da:f0:a7:96:e6:5b:bf:0a:
90:a8:64:10:94:d3:c1:d4:a0:1b:29:bc:2a:3a:d5:
bb:92:07:f1:06:3c:45:84:95:d8:20:e9:6c:a4:2a:
f5:5e:1c:1a:5e:57:e3:03:8e:2f:70:56:e2:cb:1c:
16:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:03:18:EF:0B:C9:3C:64:95:58:32:C0:8F:CA:B0:DA:99:8C:AE:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:9000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:4a:db:c5:17:45:50:a8:61:44:b6:89:b7:f1:f7:f2:f7:fc:
fd:01:69:00:79:89:f3:11:6f:19:de:20:14:98:a8:83:fa:87:
7a:28:bf:8c:4c:1c:61:ba:b3:48:c1:78:3f:49:d9:1e:5d:d2:
75:f6:64:e1:27:8b:9c:e2:63:74:24:1a:29:73:7f:65:b3:a9:
51:b4:a5:5f:fb:21:f1:6f:29:28:9a:7b:ef:fb:a1:a4:13:ef:
c6:e2:e9:32:7b:e4:1e:80:70:f7:99:e0:0f:b4:c3:0b:94:e9:
42:e2:0c:31:41:22:ca:32:3b:7c:1d:d0:fa:4c:47:3b:a2:e3:
c2:74:8d:01:9e:07:ca:c0:6f:d2:bf:35:23:4d:4a:b0:22:e5:
a2:92:af:1d:1c:e6:59:4e:fb:ab:0e:05:2f:98:94:34:45:ce:
1c:9b:7e:5d:20:33:a4:ea:58:b8:c1:19:f5:46:48:8d:78:80:
5b:19:22:1f:62:1d:2c:65:22:17:a8:ae:f2:0f:c2:01:1a:cf:
8b:5e:7d:0f:a9:2c:52:0b:cf:1a:e9:8c:2f:43:80:d0:3b:98:
21:ab:dc:04:81:1a:cf:ab:8e:12:24:45:f3:cc:a0:7c:31:25:
b7:49:68:25:3b:df:db:09:ec:8f:83:08:6d:2f:23:55:6b:7e:
d1:ff:7d:7b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTbq2motlPEkZCn4/cYoac+RE5HowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5ZjAwM2FjMDJkNmQ1YzFkYzk0OTI3MDQ5OTNjNzQ0Zjg0YzM2N2FjNTBm
ZDBjZjcxMzg1NTE1ZTdkNzY3N2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRdRffiussBo/zdIxaefGIYS3uiaGA6bfJfnGrRe+6LmyrkdnAoahPQP6RE
UnxfPi6YX4fQkxH1mMaOewAjwVZ1IZ9PlLiwUSO9BeRCxEcUsmyKiuUEmX4GK1xT
vJgq1axEVB3RxlQIfn5+0lLQ9k6og8PVc+K2wYuFVs1cvVSkDgIcOumAdkl1ZzaW
/heaGN6/aphy2aubFVzVtEKY5nxwJqYrpO4V3JTkl+z44gODRQ9wwliQGJMJwD7o
xHZbRnPQH/zaW9VLwNrwp5bmW78KkKhkEJTTwdSgGym8KjrVu5IH8QY8RYSV2CDp
bKQq9V4cGl5X4wOOL3BW4sscFikCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQBAxjv
C8k8ZJVYMsCPyrDamYyuQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZjNjEwMjktZjU1OS00MTFjLTg5ZmQtYTE5NzBjYWM2YmMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA8StvFF0VQqGFEtom38ffy9/z9AWkAeYnzEW8Z
3iAUmKiD+od6KL+MTBxhurNIwXg/SdkeXdJ19mThJ4uc4mN0JBopc39ls6lRtKVf
+yHxbykomnvv+6GkE+/G4ukye+QegHD3meAPtMMLlOlC4gwxQSLKMjt8HdD6TEc7
ouPCdI0BngfKwG/SvzUjTUqwIuWikq8dHOZZTvurDgUvmJQ0Rc4cm35dIDOk6li4
wRn1RkiNeIBbGSIfYh0sZSIXqK7yD8IBGs+LXn0PqSxSC88a6YwvQ4DQO5ghq9wE
gRrPq44SJEXzzKB8MSW3SWglO9/bCeyPgwhtLyNVa37R/317
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:07:23 2026 by rpki-client