Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bbc59b63-5d58-4e68-8e95-c972a0df4b68.roa
File: bbc59b63-5d58-4e68-8e95-c972a0df4b68.roa (raw, json)
Hash identifier: SC5SQKV5//RmPF7+vNLlHuaUQ8wI+j7Zvax3FwKTD0k=
Subject key identifier: B9:79:F6:90:74:E0:DA:74:7B:62:B1:D3:3E:70:09:C7:34:DC:2C:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 509E51FA05992D0EC2F4F7BCF0426FC76ADF0FA2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bbc59b63-5d58-4e68-8e95-c972a0df4b68.roa
Signing time: Tue 17 Feb 2026 21:36:51 +0000
ROA not before: Tue 17 Feb 2026 21:36:51 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:9e:51:fa:05:99:2d:0e:c2:f4:f7:bc:f0:42:6f:c7:6a:df:0f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 21:36:51 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=5b2fffc42bfa6926074e104ef0e1a3c7472e55802b9421e4e5413abba0ed8db3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e6:c9:80:b6:c0:dc:09:69:24:f5:29:37:c6:
19:d0:3e:c7:48:62:a4:bb:3b:8b:3f:88:d9:08:ef:
9b:f3:c1:12:4c:d0:58:97:0f:f3:8c:6e:49:c6:6f:
48:93:74:e1:1f:8b:5f:5e:e5:33:ba:32:9b:38:df:
83:05:5d:5e:09:e2:13:a1:6d:ec:45:d2:ea:ee:b1:
07:52:a3:4d:93:14:93:ed:46:6d:3e:70:cc:8f:5b:
2b:99:14:db:75:72:a1:5f:fd:1a:1b:e7:18:2b:dd:
eb:a5:33:8e:7e:36:68:10:7c:28:de:0b:c1:c2:2d:
82:43:e4:d1:1d:15:e5:c7:b9:fc:50:77:4f:18:c5:
67:a4:ff:e8:dd:f6:1d:a2:51:63:1c:b8:33:82:58:
d6:b5:72:b8:54:53:67:c9:d6:21:fb:f1:86:09:0e:
67:73:05:a4:b3:01:11:5a:9f:78:24:f0:d8:5f:74:
0e:ff:11:d0:ad:f5:f8:4b:c7:04:6e:fd:bd:c8:57:
c1:e8:05:6a:04:78:b1:6a:64:1b:b1:4e:c6:3e:70:
db:b3:e8:4c:6f:58:50:4a:7c:bd:e9:ae:61:29:2b:
0d:c0:ad:c6:e6:b1:94:39:4c:9a:14:24:3f:30:41:
2d:ef:fd:8c:82:2e:30:be:11:f9:92:70:4d:38:b1:
7f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:79:F6:90:74:E0:DA:74:7B:62:B1:D3:3E:70:09:C7:34:DC:2C:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bbc59b63-5d58-4e68-8e95-c972a0df4b68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:800::/40
Signature Algorithm: sha256WithRSAEncryption
31:fd:d1:81:90:72:7c:81:2c:77:71:bc:41:00:10:08:39:e5:
4a:9c:8f:cf:6a:a7:2f:9c:ad:c0:82:54:e2:8f:70:37:da:29:
c0:f3:07:99:58:ad:27:73:e8:4f:13:9d:83:0f:aa:bf:20:3a:
99:f5:37:df:76:f8:c4:2e:ae:e4:48:6c:d4:7a:49:ec:22:dc:
34:0d:d7:7b:9f:02:e5:6b:4a:7c:3f:33:ac:6f:29:57:f1:d9:
6a:cd:e5:80:5b:9d:0c:3d:e8:9e:d4:54:8b:28:87:e3:98:b9:
bb:f6:57:12:3a:1e:8d:81:b3:f9:6b:aa:17:fa:bf:60:4b:7a:
ac:dd:d5:ec:e8:55:72:34:33:71:19:1c:5a:36:b4:98:de:fd:
97:d9:c7:81:0f:89:d4:41:79:1b:bf:58:b9:93:f5:68:f6:57:
54:f6:53:41:ae:3f:d2:a5:29:fb:a7:3b:de:59:be:ec:e6:0c:
34:5f:4f:dd:54:3d:7b:23:5c:98:15:c5:a2:f5:a7:40:f3:25:
d4:d4:39:93:85:8d:4c:e5:4d:ac:76:6e:db:a6:c0:7e:0a:a5:
88:51:bb:34:56:01:91:20:2a:8f:c7:7b:a6:72:14:ac:64:65:
1c:7c:6f:dd:25:2d:2f:7b:86:84:8a:1f:ab:4e:aa:2b:a6:9d:
7b:ce:06:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUJ5R+gWZLQ7C9Pe88EJvx2rfD6IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcyMTM2NTFaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDViMmZmZmM0MmJmYTY5MjYwNzRlMTA0ZWYwZTFhM2M3NDcyZTU1ODAyYjk0
MjFlNGU1NDEzYWJiYTBlZDhkYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHmyYC2wNwJaST1KTfGGdA+x0hipLs7iz+I2Qjvm/PBEkzQWJcP84xuScZv
SJN04R+LX17lM7oymzjfgwVdXgniE6Ft7EXS6u6xB1KjTZMUk+1GbT5wzI9bK5kU
23VyoV/9GhvnGCvd66Uzjn42aBB8KN4LwcItgkPk0R0V5ce5/FB3TxjFZ6T/6N32
HaJRYxy4M4JY1rVyuFRTZ8nWIfvxhgkOZ3MFpLMBEVqfeCTw2F90Dv8R0K31+EvH
BG79vchXwegFagR4sWpkG7FOxj5w27PoTG9YUEp8vemuYSkrDcCtxuaxlDlMmhQk
PzBBLe/9jIIuML4R+ZJwTTixfzMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5efaQ
dODadHtisdM+cAnHNNws4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmJjNTliNjMtNWQ1OC00ZTY4LThlOTUtYzk3MmEwZGY0YjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAI
MA0GCSqGSIb3DQEBCwUAA4IBAQAx/dGBkHJ8gSx3cbxBABAIOeVKnI/PaqcvnK3A
glTij3A32inA8weZWK0nc+hPE52DD6q/IDqZ9TffdvjELq7kSGzUeknsItw0Ddd7
nwLla0p8PzOsbylX8dlqzeWAW50MPeie1FSLKIfjmLm79lcSOh6NgbP5a6oX+r9g
S3qs3dXs6FVyNDNxGRxaNrSY3v2X2ceBD4nUQXkbv1i5k/Vo9ldU9lNBrj/SpSn7
pzveWb7s5gw0X0/dVD17I1yYFcWi9adA8yXU1DmThY1M5U2sdm7bpsB+CqWIUbs0
VgGRICqPx3umchSsZGUcfG/dJS0ve4aEih+rTqorpp17zgYj
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:35:24 2026 by rpki-client