Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
File: aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa (raw, json)
Hash identifier: xHvEu4ZBz7t9ZggNf2362WMaiN1XriW4/GawKtcP0w8=
Subject key identifier: 79:6C:9C:DF:EE:9F:F6:52:C5:65:3B:86:1A:F0:6C:F0:4D:B2:B7:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C7CD9D438CF904AAB0629A75C48556CA7392080
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
Signing time: Sat 28 Feb 2026 05:40:15 +0000
ROA not before: Sat 28 Feb 2026 05:40:15 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:7c:d9:d4:38:cf:90:4a:ab:06:29:a7:5c:48:55:6c:a7:39:20:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:15 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=735490f23307e1808e190f2f3ec4c104ab69b77a6a090f3c963934e3f5fb384a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:9e:34:e2:3a:71:ec:9e:bf:a4:9a:d2:85:c4:
8a:e1:5b:2f:f4:ad:64:b1:3a:85:ee:56:af:a4:25:
4b:eb:4f:18:d4:94:4a:20:db:c8:de:2d:49:68:02:
c0:39:b4:59:1d:c0:44:38:44:07:f2:6e:56:8a:3f:
fd:91:06:7b:65:d1:5b:4e:6c:0d:a2:65:7d:35:83:
9f:ed:04:b0:8f:0d:2b:bb:6c:01:00:6e:2c:f1:0e:
04:71:5b:62:27:f7:0a:85:de:a4:11:61:c8:71:7c:
91:55:8f:5c:19:5e:59:04:65:fc:9c:5d:af:e5:86:
8d:5b:1c:e5:63:fa:07:d3:9b:27:65:42:aa:71:7b:
70:94:9b:0c:74:2f:3a:3b:3b:be:09:99:90:ae:fa:
d1:c8:ad:d4:a4:0d:4a:7a:43:59:87:fc:c4:05:b6:
16:94:60:b7:2a:b2:28:a2:fc:48:28:b0:d3:b6:7a:
a0:e1:3b:da:b3:07:9b:95:b3:82:e7:38:55:44:56:
6a:37:ff:d5:80:09:41:2a:ec:69:f8:d2:ee:ca:af:
d7:0e:f4:94:a1:6d:28:cb:7f:32:04:16:e4:a6:68:
0b:9d:7f:8c:ac:52:a7:79:9a:f2:ba:60:2a:f3:78:
52:e5:57:d6:da:71:fc:98:d6:1a:28:e6:a9:22:30:
08:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:6C:9C:DF:EE:9F:F6:52:C5:65:3B:86:1A:F0:6C:F0:4D:B2:B7:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9080::/48
Signature Algorithm: sha256WithRSAEncryption
45:ad:69:89:8f:eb:f6:95:1b:23:34:2b:bf:19:fa:e5:e7:cc:
79:c3:7c:ea:bf:37:70:3a:a1:69:1a:46:e1:1d:1c:04:98:cf:
06:67:a7:8f:c7:75:a3:02:e1:19:19:87:be:60:27:cc:4a:b4:
0b:12:d3:13:eb:ea:d8:1e:a7:b1:0c:14:b8:20:00:3e:52:18:
57:a4:cd:71:d6:a7:8c:57:bc:8e:02:dc:05:c2:07:d3:59:0b:
a1:29:1d:cf:bd:50:bb:4a:f9:3a:3d:2d:0c:e9:bd:4c:09:06:
14:45:b8:5b:90:0b:e7:2b:10:40:85:ad:9e:e8:e8:43:9f:9e:
50:4e:b1:9e:ca:03:63:61:71:11:dc:ad:1b:3d:e5:3f:31:95:
91:04:8a:b2:e6:96:6c:bc:74:28:e8:2a:aa:8c:89:a4:68:e5:
1f:db:55:50:03:49:b6:f2:0c:70:f0:ef:ba:22:f5:3b:37:84:
b9:21:38:db:e6:6e:c0:a0:ee:7e:24:aa:02:4b:50:bd:22:32:
19:aa:db:5d:84:85:3a:bc:aa:83:5f:22:a7:08:05:af:cb:d9:
b6:21:71:50:04:5c:8b:e5:f7:2a:ba:4b:4c:28:f5:34:6f:3f:
c7:ae:6b:ed:33:c2:e6:e9:b9:6a:2b:4b:b9:ba:a3:d5:d5:b9:
6a:1b:50:e0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDHzZ1DjPkEqrBimnXEhVbKc5IIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwMTVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDczNTQ5MGYyMzMwN2UxODA4ZTE5MGYyZjNlYzRjMTA0YWI2OWI3N2E2YTA5
MGYzYzk2MzkzNGUzZjVmYjM4NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOaeNOI6ceyev6Sa0oXEiuFbL/StZLE6he5Wr6QlS+tPGNSUSiDbyN4tSWgC
wDm0WR3ARDhEB/JuVoo//ZEGe2XRW05sDaJlfTWDn+0EsI8NK7tsAQBuLPEOBHFb
Yif3CoXepBFhyHF8kVWPXBleWQRl/Jxdr+WGjVsc5WP6B9ObJ2VCqnF7cJSbDHQv
Ojs7vgmZkK760cit1KQNSnpDWYf8xAW2FpRgtyqyKKL8SCiw07Z6oOE72rMHm5Wz
guc4VURWajf/1YAJQSrsafjS7sqv1w70lKFtKMt/MgQW5KZoC51/jKxSp3ma8rpg
KvN4UuVX1tpx/JjWGijmqSIwCLsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR5bJzf
7p/2UsVlO4Ya8GzwTbK3OTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWZmNTI1NzUtODg4Ny00NGY3LThiN2YtNDRmYmU0ZGRjZDRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
gDANBgkqhkiG9w0BAQsFAAOCAQEARa1piY/r9pUbIzQrvxn65efMecN86r83cDqh
aRpG4R0cBJjPBmenj8d1owLhGRmHvmAnzEq0CxLTE+vq2B6nsQwUuCAAPlIYV6TN
cdanjFe8jgLcBcIH01kLoSkdz71Qu0r5Oj0tDOm9TAkGFEW4W5AL5ysQQIWtnujo
Q5+eUE6xnsoDY2FxEdytGz3lPzGVkQSKsuaWbLx0KOgqqoyJpGjlH9tVUANJtvIM
cPDvuiL1OzeEuSE42+ZuwKDufiSqAktQvSIyGarbXYSFOryqg18ipwgFr8vZtiFx
UARci+X3KrpLTCj1NG8/x65r7TPC5um5aitLubqj1dW5ahtQ4A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:51:05 2026 by rpki-client