Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
File: b7f51085-242e-4975-929d-5a48b9aa7650.roa (raw, json)
Hash identifier: d5hYNHZELOKg3IecfgHeGuFXluDUG1TYPr9B4aaNa0A=
Subject key identifier: 19:7A:E5:16:28:5F:F1:DC:A9:B0:5A:0E:E7:3F:3D:A7:08:F3:BB:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 369C53B5ABE396A71AEC32D0AA8DC107CCAD1B4E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
Signing time: Tue 24 Feb 2026 00:40:12 +0000
ROA not before: Tue 24 Feb 2026 00:40:12 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:9c:53:b5:ab:e3:96:a7:1a:ec:32:d0:aa:8d:c1:07:cc:ad:1b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 00:40:12 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=6a7a2572894fff3dadff3d2cb59b405a879f4b9427c9516725477a7fb66fca72, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a7:bb:0c:e8:c2:56:6c:67:d8:68:0f:e0:5e:
3a:5e:36:a0:c9:e3:71:75:2c:3e:30:8f:e3:96:76:
72:8c:bb:a2:15:35:88:f8:c3:19:dc:df:44:fa:68:
19:10:87:31:71:fe:a6:de:cb:5f:c9:ce:e5:f8:e3:
0a:03:5b:5e:62:e3:9c:05:63:21:ca:e4:bd:9d:09:
4b:33:d2:a9:d8:2b:ff:68:17:20:28:8f:eb:71:7b:
e9:1a:a3:0a:a9:2e:5f:9b:98:e4:3c:c2:c4:e8:61:
13:e9:ea:8e:57:63:ad:6b:da:88:11:c5:a9:6f:91:
e4:35:bd:bd:bc:ed:53:fa:73:1c:25:14:90:49:ae:
51:ba:05:18:69:89:d0:46:d2:22:6d:a2:8f:02:8b:
31:1a:f7:f7:60:58:75:8b:1f:27:91:21:19:ef:33:
3d:47:c5:f1:da:4f:5a:f5:d3:25:ea:c5:24:c9:97:
6f:8a:96:8c:15:a3:3e:38:19:78:0c:f8:de:a9:5e:
f0:82:de:76:63:e1:b1:85:20:92:7b:5c:03:2e:96:
28:ba:11:d5:4a:7f:0e:e6:d8:f3:2a:12:5b:f9:e8:
42:67:b1:64:4c:5f:4c:f8:0c:a6:3f:d6:fe:28:2b:
a2:8e:c0:b0:52:f3:9c:15:14:c3:e4:98:ba:e6:cf:
c1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7A:E5:16:28:5F:F1:DC:A9:B0:5A:0E:E7:3F:3D:A7:08:F3:BB:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:5000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:b2:ca:de:20:29:3f:37:c3:14:5f:d6:a2:8a:37:d5:19:6e:
47:e2:2e:d3:6d:60:37:25:47:98:d7:81:79:34:f7:7d:e4:8f:
a4:3e:51:23:cf:7d:07:7e:ee:27:44:1c:7a:34:fa:b2:82:ce:
0f:4f:db:4c:30:cd:b2:4d:b3:91:1c:c1:dc:d3:55:59:8e:ea:
e6:32:fb:4a:19:95:98:e4:00:f9:cb:0d:a0:42:31:0a:c3:fe:
22:e2:33:4c:8d:d7:98:fa:a5:0d:4e:3a:48:6a:10:45:ea:1b:
17:97:62:6c:f7:20:5d:8b:4f:84:7c:38:87:08:3e:22:a9:e3:
51:f6:b8:46:7e:4b:ff:32:a1:ba:c8:a2:78:28:95:e0:5a:ac:
28:3c:2e:d6:68:57:9f:73:da:39:15:15:b8:3c:88:db:10:a9:
8f:97:50:d2:d0:53:c7:1d:78:06:0b:8a:be:b1:73:8b:f3:5c:
76:d7:a9:4c:c1:53:b5:20:f1:b1:1f:c6:09:1f:32:e6:d1:54:
20:7a:b1:79:fb:c4:cb:1e:ce:3d:1b:9d:82:19:3b:af:55:af:
de:9b:75:51:b5:2a:24:fc:ad:76:0c:6a:11:00:69:85:4f:12:
53:18:89:f7:1a:8d:f2:4e:72:e4:15:5f:6e:57:3c:75:7d:c4:
e0:9e:51:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNpxTtavjlqca7DLQqo3BB8ytG04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwMDQwMTJaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhN2EyNTcyODk0ZmZmM2RhZGZmM2QyY2I1OWI0MDVhODc5ZjRiOTQyN2M5
NTE2NzI1NDc3YTdmYjY2ZmNhNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOnuwzowlZsZ9hoD+BeOl42oMnjcXUsPjCP45Z2coy7ohU1iPjDGdzfRPpo
GRCHMXH+pt7LX8nO5fjjCgNbXmLjnAVjIcrkvZ0JSzPSqdgr/2gXICiP63F76Rqj
CqkuX5uY5DzCxOhhE+nqjldjrWvaiBHFqW+R5DW9vbztU/pzHCUUkEmuUboFGGmJ
0EbSIm2ijwKLMRr392BYdYsfJ5EhGe8zPUfF8dpPWvXTJerFJMmXb4qWjBWjPjgZ
eAz43qle8ILedmPhsYUgkntcAy6WKLoR1Up/DubY8yoSW/noQmexZExfTPgMpj/W
/igroo7AsFLznBUUw+SYuubPwYcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZeuUW
KF/x3KmwWg7nPz2nCPO7jDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdmNTEwODUtMjQyZS00OTc1LTkyOWQtNWE0OGI5YWE3NjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC6ssreICk/N8MUX9aiijfVGW5H4i7TbWA3JUeY
14F5NPd95I+kPlEjz30Hfu4nRBx6NPqygs4PT9tMMM2yTbORHMHc01VZjurmMvtK
GZWY5AD5yw2gQjEKw/4i4jNMjdeY+qUNTjpIahBF6hsXl2Js9yBdi0+EfDiHCD4i
qeNR9rhGfkv/MqG6yKJ4KJXgWqwoPC7WaFefc9o5FRW4PIjbEKmPl1DS0FPHHXgG
C4q+sXOL81x216lMwVO1IPGxH8YJHzLm0VQgerF5+8TLHs49G52CGTuvVa/em3VR
tSok/K12DGoRAGmFTxJTGIn3Go3yTnLkFV9uVzx1fcTgnlEQ
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:34 2026 by rpki-client