Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
File: b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa (raw, json)
Hash identifier: bsviHEFHNCClftQcLNDLIj1qiKtu6IN1YUk+SU/yVHs=
Subject key identifier: D6:82:45:79:49:A1:15:E7:9C:6D:D4:8B:7A:48:F6:4C:DA:65:22:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C8C853893ED5A173285D473B2F347DD53B83596
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
Signing time: Sat 28 Feb 2026 05:41:23 +0000
ROA not before: Sat 28 Feb 2026 05:41:23 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:8c:85:38:93:ed:5a:17:32:85:d4:73:b2:f3:47:dd:53:b8:35:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:23 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=11ea29bf7b4c0c87e2ed7103c9924b67efb94d7614720f5131a8e33970c727e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d2:0b:f1:30:4b:32:10:f4:50:34:4d:07:37:
c3:06:69:41:51:e7:90:b1:9b:07:34:9d:fe:de:b2:
ff:de:01:99:1f:76:4d:0f:13:f5:4f:87:5c:c4:aa:
65:38:25:0b:76:4d:84:37:9e:81:e4:7e:a0:8f:82:
fe:b6:6a:b9:2a:cb:ed:f8:71:98:37:b8:17:33:60:
07:3e:ad:4b:2c:ce:69:47:7d:a0:80:f3:5e:c6:e5:
e0:53:01:84:e8:fc:19:23:c8:50:94:1a:70:d7:c3:
1d:f9:43:40:ac:43:35:aa:d8:2b:73:4e:0c:70:d2:
c1:f7:d9:dd:15:04:78:c2:cc:ef:dd:76:e3:93:98:
80:18:07:8f:9b:98:c9:18:e0:d1:dd:0c:b9:32:09:
cc:bb:e7:8f:c3:e9:29:78:ce:31:1e:6c:d0:2c:2e:
de:d5:5f:00:b3:c3:38:2b:10:02:98:ee:f9:ea:58:
8f:c9:5d:1f:7a:96:c0:7f:05:25:07:54:95:eb:44:
2d:88:56:25:fc:d9:9e:d7:24:c4:e3:f7:29:b8:84:
d6:72:b1:32:3d:c3:cf:08:37:de:ec:f7:2d:6a:21:
4c:41:21:24:a7:1d:65:6b:b5:ce:7c:97:03:04:da:
83:ec:c0:00:21:51:ca:71:47:a0:9e:77:e1:28:4e:
1a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:82:45:79:49:A1:15:E7:9C:6D:D4:8B:7A:48:F6:4C:DA:65:22:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:400::/38
Signature Algorithm: sha256WithRSAEncryption
39:9d:db:51:42:9a:8c:46:df:3e:13:74:76:d7:78:bb:46:73:
e3:35:8e:c2:68:e0:d9:e4:d6:67:ca:cd:06:6e:a5:34:d7:03:
a5:ca:7b:10:d4:a7:06:8c:e3:38:bf:60:c6:90:fb:87:e8:8a:
0d:3c:d8:4b:f9:30:3c:be:4c:34:60:2d:7f:96:9c:22:e9:33:
f7:29:e4:de:92:c6:c3:ef:cd:a0:27:88:1c:cb:b1:85:91:4f:
0f:8f:91:4c:af:71:60:15:4d:b4:3b:e7:4d:4d:e4:2e:04:55:
b2:24:40:ff:89:0e:bd:f4:89:b8:a4:09:77:51:1a:4f:d0:eb:
cb:76:37:38:04:62:a7:cc:55:bb:d9:33:82:cb:fb:3c:23:1f:
f6:62:3b:f8:03:74:09:a6:96:e7:72:51:3b:4a:64:25:22:07:
b7:92:fd:b6:54:8e:b4:69:1b:55:b3:90:9e:5e:33:a9:1e:e9:
0c:1b:06:1c:01:aa:09:53:84:a6:f0:59:93:59:bb:c0:89:7c:
48:03:ab:86:61:35:d9:2e:12:95:ff:87:bf:64:50:6a:3b:c1:
ab:66:4f:d5:a4:6d:d8:44:4b:d5:ba:80:4b:7b:a4:27:e4:09:
cb:3e:cb:e2:cb:62:f5:08:f6:bd:56:7d:03:b3:44:a7:32:c3:
0a:96:d4:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXIyFOJPtWhcyhdRzsvNH3VO4NZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDExZWEyOWJmN2I0YzBjODdlMmVkNzEwM2M5OTI0YjY3ZWZiOTRkNzYxNDcy
MGY1MTMxYThlMzM5NzBjNzI3ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfSC/EwSzIQ9FA0TQc3wwZpQVHnkLGbBzSd/t6y/94BmR92TQ8T9U+HXMSq
ZTglC3ZNhDeegeR+oI+C/rZquSrL7fhxmDe4FzNgBz6tSyzOaUd9oIDzXsbl4FMB
hOj8GSPIUJQacNfDHflDQKxDNarYK3NODHDSwffZ3RUEeMLM791245OYgBgHj5uY
yRjg0d0MuTIJzLvnj8PpKXjOMR5s0Cwu3tVfALPDOCsQApju+epYj8ldH3qWwH8F
JQdUletELYhWJfzZntckxOP3KbiE1nKxMj3Dzwg33uz3LWohTEEhJKcdZWu1znyX
AwTag+zAACFRynFHoJ534ShOGv8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWgkV5
SaEV55xt1It6SPZM2mUiYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjcyYTk1NDAtNTFlZi00ZGNjLWE1ZTItMjQxNzI0OWExYWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIE
MA0GCSqGSIb3DQEBCwUAA4IBAQA5ndtRQpqMRt8+E3R213i7RnPjNY7CaODZ5NZn
ys0GbqU01wOlynsQ1KcGjOM4v2DGkPuH6IoNPNhL+TA8vkw0YC1/lpwi6TP3KeTe
ksbD782gJ4gcy7GFkU8Pj5FMr3FgFU20O+dNTeQuBFWyJED/iQ699Im4pAl3URpP
0OvLdjc4BGKnzFW72TOCy/s8Ix/2Yjv4A3QJppbnclE7SmQlIge3kv22VI60aRtV
s5CeXjOpHukMGwYcAaoJU4Sm8FmTWbvAiXxIA6uGYTXZLhKV/4e/ZFBqO8GrZk/V
pG3YREvVuoBLe6Qn5AnLPsviy2L1CPa9Vn0Ds0SnMsMKltSi
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:44 2026 by rpki-client