Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
File: ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa (raw, json)
Hash identifier: xv5VzRFNYEBWLtuW7JXs4ZU40o2um1IypYP5DPeiVzk=
Subject key identifier: 62:66:77:24:D0:95:9A:F9:8F:40:53:3A:08:5D:12:23:5C:66:77:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FBD813477637E92EA603B930DCDB21E2D2939BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
Signing time: Sat 28 Feb 2026 05:51:30 +0000
ROA not before: Sat 28 Feb 2026 05:51:30 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:bd:81:34:77:63:7e:92:ea:60:3b:93:0d:cd:b2:1e:2d:29:39:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:30 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=52f02775474352cd028c3233088153bf577b6041eb896b60078dba3461fd083b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:c8:be:5c:5d:f0:53:c3:ae:ce:01:de:bd:
fb:ad:68:0b:20:bd:a3:c7:46:9c:1c:3a:4b:21:9b:
58:8a:d6:b6:82:be:8b:28:ee:77:81:f4:68:a0:9a:
87:b5:3e:ed:85:42:a3:dd:0a:af:5e:30:40:96:b1:
0a:c5:0d:6e:26:83:e7:ef:dc:39:6c:37:4e:d3:5c:
d8:19:64:31:25:76:df:4f:d3:4e:84:65:23:96:f4:
48:b5:32:91:e3:6a:26:7f:d8:74:dd:3d:ca:3c:d2:
61:8f:5e:ba:10:66:df:cd:10:d4:7a:f5:b5:35:60:
14:42:b8:6f:54:81:73:04:8a:3c:37:b1:39:18:b6:
47:15:ff:31:8d:aa:1b:04:48:ae:35:3d:79:83:9c:
f0:3f:f0:cc:bc:2f:77:e6:a7:f6:69:84:a1:17:00:
97:86:9c:cf:e8:6b:6c:68:13:6b:ae:a0:ec:10:91:
fd:82:71:7b:fd:55:b6:77:d1:36:80:d9:4b:f1:ef:
3e:2b:f6:eb:73:03:c7:2c:0a:b7:38:87:e7:81:96:
db:c7:ae:b8:6a:cc:78:0a:ce:b7:c5:35:3c:64:da:
d0:2c:16:ca:e0:52:3c:20:c0:2b:49:c4:73:c0:96:
bf:57:27:59:be:6c:b7:c6:6c:9d:df:aa:0c:53:0d:
a3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:66:77:24:D0:95:9A:F9:8F:40:53:3A:08:5D:12:23:5C:66:77:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:800::/38
Signature Algorithm: sha256WithRSAEncryption
35:10:88:f1:bd:5f:74:7e:7c:78:80:d3:1e:4f:24:52:3e:ee:
8f:aa:5b:b5:b1:90:99:f9:90:a4:29:c6:a1:16:5c:68:0f:d7:
62:b0:cc:6b:f6:a1:26:ae:f0:55:a3:fa:a3:29:f8:10:2f:2b:
d1:3a:a2:be:4b:90:be:ed:27:ec:38:85:97:45:b4:ee:da:65:
bb:08:ed:eb:81:51:33:9d:9a:1e:f1:d3:b6:3c:fb:3c:37:48:
a4:ea:39:3c:e7:c4:5d:e3:f1:73:14:02:13:de:40:ce:7f:57:
8d:d0:64:e3:a3:80:23:72:20:c6:15:c9:e2:f8:a0:ff:3a:05:
dc:fd:43:79:f2:ce:e6:7b:b7:a5:0b:e1:e1:35:fe:f4:9d:cd:
0f:16:4b:fa:ec:97:fe:7f:88:2a:0f:27:35:83:d3:f8:96:00:
66:e9:1a:de:de:a6:51:14:a1:43:83:fc:58:35:26:9b:63:3e:
ef:2f:78:39:f0:d4:31:ea:7f:28:81:e8:dd:fc:5c:bc:f4:6f:
60:83:29:2f:75:36:6a:f5:5d:85:81:4f:18:ee:d2:28:79:2c:
85:38:39:32:0a:4f:03:2b:8f:a4:d2:2e:35:c7:82:25:81:03:
d1:d5:31:6e:75:36:b6:26:33:b3:ff:8a:94:27:15:bd:99:8e:
61:c5:ca:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf72BNHdjfpLqYDuTDc2yHi0pOb0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMzBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyZjAyNzc1NDc0MzUyY2QwMjhjMzIzMzA4ODE1M2JmNTc3YjYwNDFlYjg5
NmI2MDA3OGRiYTM0NjFmZDA4M2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxNyL5cXfBTw67OAd69+61oCyC9o8dGnBw6SyGbWIrWtoK+iyjud4H0aKCa
h7U+7YVCo90Kr14wQJaxCsUNbiaD5+/cOWw3TtNc2BlkMSV230/TToRlI5b0SLUy
keNqJn/YdN09yjzSYY9euhBm380Q1Hr1tTVgFEK4b1SBcwSKPDexORi2RxX/MY2q
GwRIrjU9eYOc8D/wzLwvd+an9mmEoRcAl4acz+hrbGgTa66g7BCR/YJxe/1VtnfR
NoDZS/HvPiv263MDxywKtziH54GW28euuGrMeArOt8U1PGTa0CwWyuBSPCDAK0nE
c8CWv1cnWb5st8Zsnd+qDFMNoxcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRiZnck
0JWa+Y9AUzoIXRIjXGZ3sjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEwZTY5OTMtZTliZC00NGMwLWFhNDgtNDc2NTcwOGU1ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEI
MA0GCSqGSIb3DQEBCwUAA4IBAQA1EIjxvV90fnx4gNMeTyRSPu6Pqlu1sZCZ+ZCk
KcahFlxoD9disMxr9qEmrvBVo/qjKfgQLyvROqK+S5C+7SfsOIWXRbTu2mW7CO3r
gVEznZoe8dO2PPs8N0ik6jk858Rd4/FzFAIT3kDOf1eN0GTjo4AjciDGFcni+KD/
OgXc/UN58s7me7elC+HhNf70nc0PFkv67Jf+f4gqDyc1g9P4lgBm6Rre3qZRFKFD
g/xYNSabYz7vL3g58NQx6n8ogejd/Fy89G9ggykvdTZq9V2FgU8Y7tIoeSyFODky
Ck8DK4+k0i41x4IlgQPR1TFudTa2JjOz/4qUJxW9mY5hxcoB
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:11:35 2026 by rpki-client