Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b35b46ca-e9e4-4035-b6e5-e098ff8fe794.roa
File: b35b46ca-e9e4-4035-b6e5-e098ff8fe794.roa (raw, json)
Hash identifier: +zaxsy7asgNotg02yYqslfMfobmY44PmIHb75lTspck=
Subject key identifier: 69:5A:B6:1C:4B:91:54:7B:8C:85:32:81:80:1A:6D:87:E8:46:9C:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DFD5FBBB4CCCD043D3D0DA75C8633A655B2BCD4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b35b46ca-e9e4-4035-b6e5-e098ff8fe794.roa
Signing time: Fri 13 Feb 2026 15:21:03 +0000
ROA not before: Fri 13 Feb 2026 15:21:03 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:4020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:fd:5f:bb:b4:cc:cd:04:3d:3d:0d:a7:5c:86:33:a6:55:b2:bc:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:21:03 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=54640bb53aa47cf10a2d4b310b30cbf59772aa76d1740b09c771d63ee7d82f6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:98:98:09:a1:09:48:52:8b:06:0f:c2:69:e3:
4e:d8:8e:0b:24:f0:d5:c1:5d:37:f3:8c:43:4c:a6:
cc:82:73:61:4a:f3:98:41:a5:a5:de:7f:14:0b:28:
cb:f6:e8:38:a8:ad:37:85:31:cd:56:99:23:a8:a4:
6d:14:93:15:67:b5:10:17:17:a6:4c:39:54:4c:ae:
5f:d3:c1:1a:2b:5c:cb:47:a6:82:0a:c2:36:2d:22:
7d:8c:f0:ed:44:94:65:62:ac:60:21:8e:92:cb:7f:
ca:a2:c6:42:71:6f:eb:d9:4e:b0:8a:ea:9a:83:c1:
15:52:32:0e:d2:e1:a5:10:ab:1d:f2:6c:9c:ce:6a:
8a:b3:ec:98:d3:c1:af:7e:14:93:a9:9e:12:2b:51:
d3:dc:e0:73:a1:8d:d7:1f:b0:1d:91:d0:cf:44:77:
a5:1e:8d:19:a5:da:45:22:3c:ca:03:3b:b5:69:2d:
1c:4b:ea:27:15:e2:70:fc:ad:43:d3:ff:79:0f:82:
19:78:70:0c:c4:76:f0:64:22:e4:2a:71:20:9b:ce:
3a:a1:a8:2d:e9:41:5e:9c:00:cf:6e:f5:ba:4c:94:
2c:87:5d:ba:57:78:0a:b1:b9:2c:5e:cb:88:c8:db:
65:f0:6f:80:bd:bc:35:42:96:6b:b7:01:dc:e5:0b:
93:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:5A:B6:1C:4B:91:54:7B:8C:85:32:81:80:1A:6D:87:E8:46:9C:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b35b46ca-e9e4-4035-b6e5-e098ff8fe794.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:4020::/46
Signature Algorithm: sha256WithRSAEncryption
b5:ef:98:d8:0c:6f:75:9a:41:7b:4d:ac:81:ae:f3:ec:97:9a:
c9:0e:74:70:80:8d:74:8d:e6:9d:f7:ec:9c:c8:7b:b8:61:a6:
84:97:e4:b5:45:9f:42:90:7b:31:13:19:4e:f5:bb:c5:fc:05:
16:72:eb:78:38:27:3f:fb:7e:27:02:90:a9:45:d2:f8:41:8f:
c0:4c:25:ac:2c:4b:c0:ce:50:a1:05:c6:dc:46:3b:07:cc:56:
05:72:aa:72:21:f0:f2:65:75:65:04:3c:a9:5b:1f:9a:fe:d1:
58:c8:55:bb:0c:d1:f0:e8:93:f9:b0:66:a6:4e:f8:8e:3d:9e:
04:cf:bc:9d:b3:bb:04:76:e8:84:41:69:6f:d2:6a:b6:64:28:
bd:23:7b:b1:e2:b5:da:30:2e:c5:12:7c:25:61:9e:0e:c5:32:
ea:fe:fe:12:2c:94:ee:1c:d4:88:13:60:d9:a8:83:a4:06:7c:
58:d2:bc:3d:c4:a0:02:09:e7:4f:79:da:87:3a:2f:d4:5f:ab:
43:25:79:4b:aa:80:21:5e:b4:83:3c:8b:30:d1:d2:13:7c:ae:
45:85:33:16:c9:ed:32:77:03:41:76:17:2c:42:ef:41:d1:d6:
ec:3e:0b:f1:80:30:a0:27:d2:bc:d2:12:b2:3a:a5:80:1a:74:
dd:ee:db:b9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULf1fu7TMzQQ9PQ2nXIYzplWyvNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIxMDNaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NjQwYmI1M2FhNDdjZjEwYTJkNGIzMTBiMzBjYmY1OTc3MmFhNzZkMTc0
MGIwOWM3NzFkNjNlZTdkODJmNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGYmAmhCUhSiwYPwmnjTtiOCyTw1cFdN/OMQ0ymzIJzYUrzmEGlpd5/FAso
y/boOKitN4UxzVaZI6ikbRSTFWe1EBcXpkw5VEyuX9PBGitcy0emggrCNi0ifYzw
7USUZWKsYCGOkst/yqLGQnFv69lOsIrqmoPBFVIyDtLhpRCrHfJsnM5qirPsmNPB
r34Uk6meEitR09zgc6GN1x+wHZHQz0R3pR6NGaXaRSI8ygM7tWktHEvqJxXicPyt
Q9P/eQ+CGXhwDMR28GQi5CpxIJvOOqGoLelBXpwAz271ukyULIdduld4CrG5LF7L
iMjbZfBvgL28NUKWa7cB3OULkxMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpWrYc
S5FUe4yFMoGAGm2H6EacwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjM1YjQ2Y2EtZTllNC00MDM1LWI2ZTUtZTA5OGZmOGZlNzk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
IDANBgkqhkiG9w0BAQsFAAOCAQEAte+Y2AxvdZpBe02sga7z7JeayQ50cICNdI3m
nffsnMh7uGGmhJfktUWfQpB7MRMZTvW7xfwFFnLreDgnP/t+JwKQqUXS+EGPwEwl
rCxLwM5QoQXG3EY7B8xWBXKqciHw8mV1ZQQ8qVsfmv7RWMhVuwzR8OiT+bBmpk74
jj2eBM+8nbO7BHbohEFpb9JqtmQovSN7seK12jAuxRJ8JWGeDsUy6v7+EiyU7hzU
iBNg2aiDpAZ8WNK8PcSgAgnnT3nahzov1F+rQyV5S6qAIV60gzyLMNHSE3yuRYUz
FsntMncDQXYXLELvQdHW7D4L8YAwoCfSvNISsjqlgBp03e7buQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:41:25 2026 by rpki-client