Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
File: b0fb422a-c1ce-4269-b503-2c8145fc798a.roa (raw, json)
Hash identifier: QPmAPsqglB0qbCP8dOwmH5kFilZ4aVMRs8TJ3+hQpvs=
Subject key identifier: 23:A4:92:D9:0E:6C:16:EB:BE:A2:9C:C7:B9:6B:B9:14:B4:D2:FD:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32EDAFEA98D127849CEB7B77AF64CE14A04774D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
Signing time: Sat 28 Feb 2026 06:10:11 +0000
ROA not before: Sat 28 Feb 2026 06:10:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:ed:af:ea:98:d1:27:84:9c:eb:7b:77:af:64:ce:14:a0:47:74:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=3fb7ea7f8a86fc7d8fd0c7091bdde368e64586245fa37636887610563d2decae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ab:79:30:29:1a:b0:1b:b7:03:ac:8c:d2:05:
1c:c9:5a:43:32:81:b7:15:55:22:69:a9:a2:d7:be:
71:d2:59:48:03:ea:ff:ce:bc:4c:9e:1b:95:79:e6:
0b:81:da:db:27:e9:24:92:2d:e7:81:17:cf:96:af:
f7:81:d9:cf:d3:61:32:50:53:d1:fe:f3:68:64:d6:
de:3b:c4:5c:7c:68:aa:77:96:8b:99:6b:1c:c7:1b:
bd:c2:ba:3b:ee:24:3b:1f:b5:4e:2f:5c:08:18:a8:
d0:e9:76:f7:ae:de:2d:f2:88:3a:ac:aa:f7:1d:77:
01:73:b6:d8:2a:61:6d:7f:7e:f5:7c:67:08:b1:d5:
3b:34:78:72:b9:08:0e:e7:82:04:fa:db:30:d5:ba:
54:8d:5d:1f:63:de:6a:09:57:1f:6b:ce:96:f8:20:
58:19:46:9e:9d:32:89:89:80:a3:8f:87:5b:d7:f2:
d4:c5:8b:f6:c6:e1:1f:a7:26:08:a0:48:35:5b:3e:
63:fe:53:39:f2:29:ef:d6:13:b1:1c:a3:37:9e:e4:
7e:0b:27:0e:3e:dd:4a:9e:f0:5a:eb:a6:1e:1e:55:
ee:c7:d3:a2:47:4a:24:f6:50:8d:b7:97:f2:0a:6e:
d1:ab:7d:0b:d0:6d:2a:14:d3:7a:49:a5:0e:83:6c:
ed:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A4:92:D9:0E:6C:16:EB:BE:A2:9C:C7:B9:6B:B9:14:B4:D2:FD:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a020::/48
Signature Algorithm: sha256WithRSAEncryption
84:8c:39:29:3d:5d:1c:40:4b:7d:d5:9c:13:6e:3a:e3:dd:e2:
6d:e7:48:a5:e9:b8:05:c4:0b:89:9b:11:10:a4:67:82:cc:45:
4a:70:9e:19:60:2b:4b:41:8d:62:d2:a0:d5:5c:31:61:ef:2a:
04:5f:fe:61:3b:2d:e5:2c:1b:65:65:f0:5f:30:36:1e:d9:93:
e7:ee:45:e8:06:c6:e0:a6:62:57:25:11:14:0b:1d:dc:2d:1f:
b4:01:59:a1:2b:b8:29:af:74:30:a4:6f:ff:91:7b:b7:0d:6c:
fa:2b:26:9d:16:b6:21:51:db:9d:b9:00:2e:4d:d9:db:79:cd:
d8:8e:dc:11:76:98:8b:e9:23:23:cf:73:11:82:e1:7c:51:08:
5c:5a:62:6a:ab:74:d5:82:76:b0:b3:73:9f:09:8a:fd:49:27:
34:68:ad:65:55:31:e6:39:b1:b2:f6:4f:d2:c4:28:a0:4b:df:
10:4f:2d:86:58:4c:47:68:f5:c2:f8:da:01:98:d4:7a:d3:82:
26:75:57:11:e2:17:e6:41:f2:19:a5:52:41:73:e4:24:e4:f5:
5b:de:17:7d:6e:38:39:2c:18:11:91:d0:d4:e7:ba:6d:7c:72:
fd:1e:55:fd:ea:d2:be:7a:da:b5:8a:cb:9e:27:66:34:c9:ac:
df:5c:cc:42
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMu2v6pjRJ4Sc63t3r2TOFKBHdNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmYjdlYTdmOGE4NmZjN2Q4ZmQwYzcwOTFiZGRlMzY4ZTY0NTg2MjQ1ZmEz
NzYzNjg4NzYxMDU2M2QyZGVjYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALereTApGrAbtwOsjNIFHMlaQzKBtxVVImmpote+cdJZSAPq/868TJ4blXnm
C4Ha2yfpJJIt54EXz5av94HZz9NhMlBT0f7zaGTW3jvEXHxoqneWi5lrHMcbvcK6
O+4kOx+1Ti9cCBio0Ol2967eLfKIOqyq9x13AXO22CphbX9+9XxnCLHVOzR4crkI
DueCBPrbMNW6VI1dH2PeaglXH2vOlvggWBlGnp0yiYmAo4+HW9fy1MWL9sbhH6cm
CKBINVs+Y/5TOfIp79YTsRyjN57kfgsnDj7dSp7wWuumHh5V7sfTokdKJPZQjbeX
8gpu0at9C9BtKhTTekmlDoNs7S0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQjpJLZ
DmwW676inMe5a7kUtNL9BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBmYjQyMmEtYzFjZS00MjY5LWI1MDMtMmM4MTQ1ZmM3OThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
IDANBgkqhkiG9w0BAQsFAAOCAQEAhIw5KT1dHEBLfdWcE246493ibedIpem4BcQL
iZsREKRngsxFSnCeGWArS0GNYtKg1VwxYe8qBF/+YTst5SwbZWXwXzA2HtmT5+5F
6AbG4KZiVyURFAsd3C0ftAFZoSu4Ka90MKRv/5F7tw1s+ismnRa2IVHbnbkALk3Z
23nN2I7cEXaYi+kjI89zEYLhfFEIXFpiaqt01YJ2sLNznwmK/UknNGitZVUx5jmx
svZP0sQooEvfEE8thlhMR2j1wvjaAZjUetOCJnVXEeIX5kHyGaVSQXPkJOT1W94X
fW44OSwYEZHQ1Oe6bXxy/R5V/erSvnratYrLnidmNMms31zMQg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:46:16 2026 by rpki-client