Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
File: be609ec8-2ad0-42f7-9159-0a3ece35241f.roa (raw, json)
Hash identifier: PIhqowGKi8MZofsm+6foXHwxYFVyeOUpiPI2MUU1zhk=
Subject key identifier: 06:58:D1:76:F8:24:12:18:11:30:56:A3:7E:44:D9:9E:2B:3C:C1:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21D8005174FB78806E1AEE407C5DC25F41FB66EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
Signing time: Thu 26 Feb 2026 02:10:09 +0000
ROA not before: Thu 26 Feb 2026 02:10:09 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:d8:00:51:74:fb:78:80:6e:1a:ee:40:7c:5d:c2:5f:41:fb:66:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:10:09 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=ac09b0489cd387d18f82cf354548c2ef802b2d5ac452706f491de653adb2dc6d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4e:7f:41:51:23:c1:1e:dc:73:fa:92:0b:4b:
61:cd:8d:7b:cf:f3:82:0b:bf:54:f5:0c:e0:d6:20:
7f:26:70:c9:68:91:c7:2f:f6:da:aa:06:f1:2e:93:
65:c5:62:82:d0:c6:5e:ce:f1:c4:b0:9d:cd:64:61:
d0:fd:96:b7:86:5f:9a:a4:63:e8:56:dc:45:e0:fa:
17:8c:80:60:bb:51:dc:61:22:1c:0d:d8:41:dc:74:
ae:98:bf:97:dc:53:74:0f:91:1c:9e:17:94:10:5b:
57:e1:1c:18:b5:01:de:9c:5e:e6:d2:28:c3:ed:d0:
43:72:f2:81:25:f8:c7:73:65:8f:5f:0d:f1:45:85:
7e:2b:86:54:f6:ca:f5:6b:8a:08:0c:f9:a9:d5:ef:
b3:d3:06:75:0a:c8:8b:86:2a:21:a0:d5:19:f8:e7:
17:45:51:c9:2a:61:a5:b2:be:22:f8:72:23:b2:46:
df:47:7a:92:9b:b9:26:5f:5d:d3:ee:10:12:4c:bd:
56:40:74:b1:6c:60:43:f2:7f:1f:6b:e8:4c:e4:d6:
8a:af:b6:1b:e6:37:5e:96:7b:6d:d6:6e:ab:68:ee:
26:c4:40:34:ec:0f:2f:8e:81:e9:93:54:34:56:7d:
da:0d:51:b0:30:13:c7:d3:f2:f5:aa:96:97:9d:c6:
4e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:58:D1:76:F8:24:12:18:11:30:56:A3:7E:44:D9:9E:2B:3C:C1:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:800::/40
Signature Algorithm: sha256WithRSAEncryption
41:aa:44:d6:b8:cb:39:dc:b5:13:41:fb:54:b6:98:e4:17:a8:
e2:36:bd:92:29:fd:5b:d2:7c:e0:17:26:f1:2d:3a:37:09:17:
40:4b:07:6a:55:5f:f8:ab:79:18:08:a3:ff:bf:ce:1c:81:53:
01:9e:f8:ea:50:9a:de:09:67:d3:50:22:30:c5:8f:fc:43:cf:
52:92:21:cd:ce:12:b2:11:85:a1:1b:70:8a:48:6a:ed:0e:70:
20:d9:fe:bd:0b:fe:d9:fc:97:32:81:05:a8:84:8e:2c:09:de:
32:6c:25:0a:00:87:00:b7:97:c5:65:86:80:82:30:ea:fd:e1:
3e:50:90:94:69:a0:6a:23:0a:3b:4b:7d:ad:5c:19:34:da:8d:
64:87:b7:2f:83:e0:4b:77:82:97:c5:61:9d:22:fc:ae:92:34:
bc:68:fa:ef:f5:06:63:32:45:37:c3:1d:01:5c:b7:45:97:20:
23:40:b4:76:02:21:d9:8f:7e:95:01:8c:33:64:ce:09:c5:ca:
41:84:a1:4a:db:ab:a6:c3:25:55:08:20:ca:a9:d6:ae:1b:14:
0d:85:a1:bb:19:52:a7:fd:05:98:de:ba:bb:85:ef:f8:96:3d:
f5:e1:fb:74:33:2d:d4:ac:5c:a2:53:17:95:f0:35:e5:6f:52:
b8:e6:62:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIdgAUXT7eIBuGu5AfF3CX0H7ZuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjEwMDlaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMDliMDQ4OWNkMzg3ZDE4ZjgyY2YzNTQ1NDhjMmVmODAyYjJkNWFjNDUy
NzA2ZjQ5MWRlNjUzYWRiMmRjNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOxOf0FRI8Ee3HP6kgtLYc2Ne8/zggu/VPUM4NYgfyZwyWiRxy/22qoG8S6T
ZcVigtDGXs7xxLCdzWRh0P2Wt4ZfmqRj6FbcReD6F4yAYLtR3GEiHA3YQdx0rpi/
l9xTdA+RHJ4XlBBbV+EcGLUB3pxe5tIow+3QQ3LygSX4x3Nlj18N8UWFfiuGVPbK
9WuKCAz5qdXvs9MGdQrIi4YqIaDVGfjnF0VRySphpbK+IvhyI7JG30d6kpu5Jl9d
0+4QEky9VkB0sWxgQ/J/H2voTOTWiq+2G+Y3XpZ7bdZuq2juJsRANOwPL46B6ZNU
NFZ92g1RsDATx9Py9aqWl53GTtcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGWNF2
+CQSGBEwVqN+RNmeKzzB5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MDllYzgtMmFkMC00MmY3LTkxNTktMGEzZWNlMzUyNDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAI
MA0GCSqGSIb3DQEBCwUAA4IBAQBBqkTWuMs53LUTQftUtpjkF6jiNr2SKf1b0nzg
FybxLTo3CRdASwdqVV/4q3kYCKP/v84cgVMBnvjqUJreCWfTUCIwxY/8Q89SkiHN
zhKyEYWhG3CKSGrtDnAg2f69C/7Z/JcygQWohI4sCd4ybCUKAIcAt5fFZYaAgjDq
/eE+UJCUaaBqIwo7S32tXBk02o1kh7cvg+BLd4KXxWGdIvyukjS8aPrv9QZjMkU3
wx0BXLdFlyAjQLR2AiHZj36VAYwzZM4JxcpBhKFK26umwyVVCCDKqdauGxQNhaG7
GVKn/QWY3rq7he/4lj314ft0My3UrFyiUxeV8DXlb1K45mKh
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:41 2026 by rpki-client