Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
File: aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa (raw, json)
Hash identifier: o6CX2GaN1PoYH+b+uVNwgvypP+UDrfFmXvbyhYCFRRs=
Subject key identifier: DD:51:80:1C:35:F7:8B:DC:D0:4E:A2:B9:2B:FC:84:F9:30:49:3B:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 130D36671B620C4BA1C9BAA72D88C5463C36F23F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
Signing time: Sat 28 Feb 2026 05:41:29 +0000
ROA not before: Sat 28 Feb 2026 05:41:29 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:0d:36:67:1b:62:0c:4b:a1:c9:ba:a7:2d:88:c5:46:3c:36:f2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:29 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=d0dad722bf336476d3914c38db3611e309e4f21494aa39e6fbd306d21d735f5a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7d:1e:b3:72:02:e2:19:ea:26:d9:b1:e6:13:
3c:10:17:09:67:7c:0f:8f:91:60:6c:2f:08:a6:d4:
31:8d:d9:87:4d:4e:6a:81:fb:f8:5f:4d:1f:d1:48:
81:ec:c3:2e:eb:2b:bc:27:43:00:8b:c7:83:42:33:
aa:31:0d:93:74:23:e3:7c:4d:1f:48:ed:8c:39:9d:
8b:88:3e:87:6e:1d:b1:b7:87:35:3c:1c:66:97:3c:
79:7c:87:ff:a7:b4:97:0a:6a:d8:3d:22:6e:71:11:
db:75:3f:3f:a7:a2:27:dc:ec:fe:b2:b9:61:cb:18:
ce:56:4c:19:53:24:ba:06:c7:a0:10:bb:08:c6:21:
d5:e4:1c:b1:b2:02:75:11:da:c6:be:e5:2f:6e:5f:
a5:bb:20:f0:de:c7:7b:4f:c8:35:43:d1:ca:19:fe:
8c:a1:b6:82:a0:25:c9:c0:0d:54:b2:58:4e:95:37:
f8:65:38:61:f8:04:43:19:39:9c:8d:9d:0c:63:2f:
16:2c:87:55:6f:ce:db:08:60:36:4d:66:97:48:ac:
6a:e5:17:12:e2:f1:81:60:04:54:df:4f:b9:d3:21:
17:dc:f1:c4:28:47:1d:4c:07:36:6b:a6:0c:b8:0e:
31:66:e5:cb:ac:c2:04:5a:a4:6e:e4:ce:6b:ed:56:
77:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:51:80:1C:35:F7:8B:DC:D0:4E:A2:B9:2B:FC:84:F9:30:49:3B:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a080::/48
Signature Algorithm: sha256WithRSAEncryption
26:7f:58:72:2c:49:b2:23:a9:15:53:86:73:33:b9:b8:06:db:
1d:c0:50:8d:ec:81:6d:4d:e8:0e:47:8d:2e:01:6d:33:e6:fd:
1c:84:ea:c3:e7:89:02:47:b6:f7:c1:30:fe:7a:43:d9:80:9d:
f7:81:a5:f6:bb:cd:2b:ec:57:5d:65:88:d8:ae:54:04:20:f3:
a6:bf:d9:78:75:65:ad:3b:96:56:35:60:0b:9f:ef:8a:a3:91:
d0:37:0b:ee:bf:b7:12:fe:e4:98:86:76:b5:dd:da:1b:8d:0e:
e8:15:16:26:d2:de:dd:8a:f9:16:82:da:90:a5:ad:81:ac:c9:
17:8b:4d:0b:ad:11:ca:f5:4d:3f:6e:69:af:da:7b:43:85:dd:
55:b3:bd:ba:14:b8:9c:4b:93:71:43:37:94:e8:a6:db:0b:28:
c4:56:e5:97:91:87:77:56:a3:97:c5:97:f6:4d:25:f6:53:66:
2b:ba:0f:a3:be:c6:ca:77:8c:43:e1:39:65:1a:29:91:f3:0a:
f8:83:da:6b:9a:8f:f9:a8:e6:fd:35:73:a9:26:3d:bc:21:96:
e2:63:23:ff:d5:17:14:4e:87:dd:22:14:55:71:25:5a:6d:8b:
11:22:7f:84:5f:04:5c:e5:bb:67:61:5c:31:fb:c6:6f:fd:cd:
88:49:bd:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEw02ZxtiDEuhybqnLYjFRjw28j8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwZGFkNzIyYmYzMzY0NzZkMzkxNGMzOGRiMzYxMWUzMDllNGYyMTQ5NGFh
MzllNmZiZDMwNmQyMWQ3MzVmNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM19HrNyAuIZ6ibZseYTPBAXCWd8D4+RYGwvCKbUMY3Zh01OaoH7+F9NH9FI
gezDLusrvCdDAIvHg0IzqjENk3Qj43xNH0jtjDmdi4g+h24dsbeHNTwcZpc8eXyH
/6e0lwpq2D0ibnER23U/P6eiJ9zs/rK5YcsYzlZMGVMkugbHoBC7CMYh1eQcsbIC
dRHaxr7lL25fpbsg8N7He0/INUPRyhn+jKG2gqAlycANVLJYTpU3+GU4YfgEQxk5
nI2dDGMvFiyHVW/O2whgNk1ml0isauUXEuLxgWAEVN9PudMhF9zxxChHHUwHNmum
DLgOMWbly6zCBFqkbuTOa+1WdwECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTdUYAc
NfeL3NBOorkr/IT5MEk7dzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWFkZGYyZGUtZmEwNS00YzVkLThiNzctNThhM2QzMTJlMmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
gDANBgkqhkiG9w0BAQsFAAOCAQEAJn9YcixJsiOpFVOGczO5uAbbHcBQjeyBbU3o
DkeNLgFtM+b9HITqw+eJAke298Ew/npD2YCd94Gl9rvNK+xXXWWI2K5UBCDzpr/Z
eHVlrTuWVjVgC5/viqOR0DcL7r+3Ev7kmIZ2td3aG40O6BUWJtLe3Yr5FoLakKWt
gazJF4tNC60RyvVNP25pr9p7Q4XdVbO9uhS4nEuTcUM3lOim2wsoxFbll5GHd1aj
l8WX9k0l9lNmK7oPo77GyneMQ+E5ZRopkfMK+IPaa5qP+ajm/TVzqSY9vCGW4mMj
/9UXFE6H3SIUVXElWm2LESJ/hF8EXOW7Z2FcMfvGb/3NiEm91w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:33 2026 by rpki-client