Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
File: a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa (raw, json)
Hash identifier: d+9G2rSeFKM8nX/2JdISJvT8uL00xGkGwziJpDde/mc=
Subject key identifier: 66:58:EC:F1:0B:98:86:07:7C:02:3C:32:5A:17:8A:FA:1B:07:4A:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54C998C37595519315703BFA06BAB5C0C3C4B32A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
Signing time: Fri 20 Feb 2026 01:50:37 +0000
ROA not before: Fri 20 Feb 2026 01:50:37 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:c9:98:c3:75:95:51:93:15:70:3b:fa:06:ba:b5:c0:c3:c4:b3:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:37 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=3bd4552c4a365e82c1b13c8a97f6fd5a96a778fa3fc1cd805553396d91fdca92, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bf:7d:d9:a1:46:50:c9:9c:b9:cb:2e:4f:a2:
d5:62:cf:4a:b0:cc:f3:b2:c5:fa:ca:5f:13:d6:6b:
da:80:7b:36:02:9f:ab:57:6a:ab:13:54:f3:bb:7a:
48:1e:15:29:98:50:6a:50:37:f5:be:69:13:f4:35:
a6:6e:37:9b:ed:bd:cc:bf:57:72:58:18:50:c6:5b:
cf:9c:5d:41:0f:d0:bf:b1:66:66:d4:ab:3b:17:9b:
f5:e2:7d:11:3b:bc:36:44:76:f8:e4:ed:1c:29:2f:
bb:75:37:29:a3:44:30:7b:de:02:2c:b5:11:2a:8e:
f1:e2:2f:8e:39:16:97:f3:03:ff:c7:15:a6:90:d9:
fc:a9:1f:a4:20:19:f8:c8:95:f6:27:e2:03:83:f4:
86:64:e5:b8:2a:0d:7e:76:09:10:21:eb:52:df:3c:
a4:52:b3:01:f7:f3:98:40:1b:b4:32:46:6e:d2:50:
21:74:54:fb:9a:1f:4b:ea:3e:a6:32:57:01:7b:ff:
01:f9:66:3b:3b:f9:a0:d6:33:e0:c6:3a:7a:cf:73:
3d:13:f2:39:8d:1a:2d:12:04:89:88:3e:1c:b9:e5:
6d:1e:b4:07:ab:32:0d:06:7c:a6:6c:4b:2a:b1:31:
e5:b0:49:4e:76:6d:78:f6:af:5c:de:9e:d0:9d:f0:
8f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:58:EC:F1:0B:98:86:07:7C:02:3C:32:5A:17:8A:FA:1B:07:4A:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/48
Signature Algorithm: sha256WithRSAEncryption
a1:76:75:e0:39:3e:95:15:ee:70:8b:58:ca:85:5a:00:d3:ac:
40:d5:2e:d2:43:f0:46:6e:17:94:9e:ab:98:33:69:72:44:47:
0f:af:91:a3:97:e0:50:ab:70:5f:42:af:37:f0:63:23:52:14:
09:f3:99:93:e7:e3:89:24:b6:fe:70:6b:aa:73:f8:0c:6e:29:
ad:d2:3e:87:f0:3a:47:92:26:7a:0c:62:77:02:b5:68:38:4c:
fe:cd:4d:83:dc:37:4e:b7:b4:67:67:2d:6d:9f:76:96:db:b3:
ea:99:59:2a:50:a6:96:e8:57:66:6a:f2:60:77:41:f9:76:11:
6c:85:69:27:f9:e9:68:1a:1d:10:f2:f9:62:b4:9c:2e:3e:94:
48:24:6e:2b:b7:9d:23:20:1a:24:bf:26:aa:0b:e1:be:fc:e2:
af:78:7e:09:89:00:32:67:83:eb:69:d3:6a:1e:2c:ce:fe:ff:
d8:50:34:a4:e3:bc:8e:16:62:67:fe:c0:37:86:71:b3:3f:f5:
d1:15:f6:19:44:6f:d8:5a:07:3e:9d:aa:bc:3e:70:40:49:63:
6d:5d:27:0a:a0:27:ba:bc:8a:12:d6:11:91:57:1d:81:87:a6:
c5:16:5c:4b:14:a6:06:6a:b8:ae:7d:d1:57:bc:6a:b3:44:59:
49:11:21:1c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVMmYw3WVUZMVcDv6Brq1wMPEsyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMzdaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiZDQ1NTJjNGEzNjVlODJjMWIxM2M4YTk3ZjZmZDVhOTZhNzc4ZmEzZmMx
Y2Q4MDU1NTMzOTZkOTFmZGNhOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALO/fdmhRlDJnLnLLk+i1WLPSrDM87LF+spfE9Zr2oB7NgKfq1dqqxNU87t6
SB4VKZhQalA39b5pE/Q1pm43m+29zL9XclgYUMZbz5xdQQ/Qv7FmZtSrOxeb9eJ9
ETu8NkR2+OTtHCkvu3U3KaNEMHveAiy1ESqO8eIvjjkWl/MD/8cVppDZ/KkfpCAZ
+MiV9ifiA4P0hmTluCoNfnYJECHrUt88pFKzAffzmEAbtDJGbtJQIXRU+5ofS+o+
pjJXAXv/AflmOzv5oNYz4MY6es9zPRPyOY0aLRIEiYg+HLnlbR60B6syDQZ8pmxL
KrEx5bBJTnZtePavXN6e0J3wj+UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRmWOzx
C5iGB3wCPDJaF4r6GwdK0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc5NzVhYmUtMGNkOC00NTkwLWI1OGItNzAzZmE1ZjRiZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYg
ADANBgkqhkiG9w0BAQsFAAOCAQEAoXZ14Dk+lRXucItYyoVaANOsQNUu0kPwRm4X
lJ6rmDNpckRHD6+Ro5fgUKtwX0KvN/BjI1IUCfOZk+fjiSS2/nBrqnP4DG4prdI+
h/A6R5ImegxidwK1aDhM/s1Ng9w3Tre0Z2ctbZ92ltuz6plZKlCmluhXZmryYHdB
+XYRbIVpJ/npaBodEPL5YrScLj6USCRuK7edIyAaJL8mqgvhvvzir3h+CYkAMmeD
62nTah4szv7/2FA0pOO8jhZiZ/7AN4Zxsz/10RX2GURv2FoHPp2qvD5wQEljbV0n
CqAnuryKEtYRkVcdgYemxRZcSxSmBmq4rn3RV7xqs0RZSREhHA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:40 2026 by rpki-client