Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
File: bed4158d-91b8-4ba5-81d9-75a65b550b92.roa (raw, json)
Hash identifier: 3gzM2GwsrcMsZDIxyK+cYG4OQ7XCE/BELIEO6h27Ye8=
Subject key identifier: 18:C9:93:50:11:AF:C9:33:E1:AE:98:EF:FE:FE:39:B4:51:7E:BC:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1999CA08374BB19129248DC119E5378D489917D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
Signing time: Sat 28 Feb 2026 05:10:35 +0000
ROA not before: Sat 28 Feb 2026 05:10:35 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:99:ca:08:37:4b:b1:91:29:24:8d:c1:19:e5:37:8d:48:99:17:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:35 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b5945c797b2a935c7c2696b448d37c945f4fffb00300c3c2518e4010a7cf0147, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:82:1a:0a:6b:ba:8a:7a:58:37:69:3d:1b:bb:
f4:e0:d3:b9:6f:23:56:af:87:84:cf:41:33:16:6d:
6c:09:9d:36:9a:b2:13:85:57:5e:03:ce:30:2f:30:
ec:29:a0:96:9a:33:4f:b4:79:f9:6b:86:66:73:0b:
77:fe:a3:e4:b5:37:15:d4:2d:16:a0:64:70:2b:ab:
62:67:d4:b3:af:a1:53:f2:d5:61:69:5f:32:f9:15:
d7:14:c0:94:0a:83:ff:e4:25:d4:5c:c4:ef:20:9d:
3c:09:e3:11:63:fb:e2:74:8f:44:f1:d6:16:bb:69:
55:c1:78:db:87:f2:5a:a5:55:53:2f:a1:fa:e9:4b:
04:49:38:fe:1f:a6:e9:3e:fc:88:95:c2:9d:32:42:
87:cf:7c:af:f0:a1:51:a5:3f:cb:be:d2:06:df:e9:
4f:5a:35:7e:bc:ca:92:14:ae:f3:5d:66:3f:9c:3a:
c4:9e:90:1f:ec:99:a9:11:3c:4e:57:f8:f5:1a:84:
35:db:e7:b7:7b:49:37:be:c2:75:fe:a2:a2:a7:9c:
e9:ba:af:3b:a6:e2:85:33:32:8c:fe:ce:c4:87:d1:
d6:43:25:73:78:17:a3:b1:ba:d8:7b:eb:53:c5:3c:
c6:ae:4f:eb:72:e1:34:2d:b9:54:9f:96:14:43:f5:
b8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C9:93:50:11:AF:C9:33:E1:AE:98:EF:FE:FE:39:B4:51:7E:BC:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
24:e2:3a:fa:3d:14:17:1e:dd:8b:22:54:90:3d:a7:ec:15:e4:
d0:c8:54:9a:be:58:89:d4:04:3f:01:8c:7f:31:34:18:e4:af:
2c:da:0f:62:8d:8d:20:8d:45:70:76:4c:09:8b:46:ef:df:89:
a3:78:79:30:e2:97:84:ba:9c:07:a8:af:27:4c:9e:cc:77:b7:
b3:a2:d9:6e:2a:a0:5b:10:e5:34:aa:23:dc:47:f0:3d:ff:d5:
fc:3a:1b:d1:1b:88:53:e7:00:a5:28:57:75:ee:86:e8:3e:b1:
ba:72:76:d6:08:50:2f:73:a5:70:ee:f0:0f:a7:f2:fc:cc:1f:
fc:4d:e2:88:aa:17:ac:88:d8:ed:d2:08:d3:c4:b6:65:08:a6:
33:44:b0:ea:c4:98:f9:56:14:bf:bc:3c:ea:85:1d:18:e6:cd:
51:0d:a9:d2:f5:ab:17:ec:c3:59:bd:77:8f:c6:01:27:c5:66:
6e:34:04:f2:b5:59:d0:3c:11:ca:0f:c6:4e:7e:f0:63:71:60:
9c:df:ae:8a:95:48:47:fd:5f:36:ee:eb:fb:49:48:bf:b5:17:
e4:85:48:56:0f:f3:a3:69:81:3e:92:5a:bb:6a:7f:40:20:fe:
2e:be:dd:de:04:8e:fe:3f:88:f8:e2:6a:5c:16:30:ed:46:c8:
06:27:9d:88
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGZnKCDdLsZEpJI3BGeU3jUiZF9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMzVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1OTQ1Yzc5N2IyYTkzNWM3YzI2OTZiNDQ4ZDM3Yzk0NWY0ZmZmYjAwMzAw
YzNjMjUxOGU0MDEwYTdjZjAxNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+CGgpruop6WDdpPRu79ODTuW8jVq+HhM9BMxZtbAmdNpqyE4VXXgPOMC8w
7CmglpozT7R5+WuGZnMLd/6j5LU3FdQtFqBkcCurYmfUs6+hU/LVYWlfMvkV1xTA
lAqD/+Ql1FzE7yCdPAnjEWP74nSPRPHWFrtpVcF424fyWqVVUy+h+ulLBEk4/h+m
6T78iJXCnTJCh898r/ChUaU/y77SBt/pT1o1frzKkhSu811mP5w6xJ6QH+yZqRE8
Tlf49RqENdvnt3tJN77Cdf6ioqec6bqvO6bihTMyjP7OxIfR1kMlc3gXo7G62Hvr
U8U8xq5P63LhNC25VJ+WFEP1uAECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQYyZNQ
Ea/JM+GumO/+/jm0UX68ujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmVkNDE1OGQtOTFiOC00YmE1LTgxZDktNzVhNjViNTUwYjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
wDANBgkqhkiG9w0BAQsFAAOCAQEAJOI6+j0UFx7diyJUkD2n7BXk0MhUmr5YidQE
PwGMfzE0GOSvLNoPYo2NII1FcHZMCYtG79+Jo3h5MOKXhLqcB6ivJ0yezHe3s6LZ
biqgWxDlNKoj3EfwPf/V/Dob0RuIU+cApShXde6G6D6xunJ21ghQL3OlcO7wD6fy
/Mwf/E3iiKoXrIjY7dII08S2ZQimM0Sw6sSY+VYUv7w86oUdGObNUQ2p0vWrF+zD
Wb13j8YBJ8VmbjQE8rVZ0DwRyg/GTn7wY3FgnN+uipVIR/1fNu7r+0lIv7UX5IVI
Vg/zo2mBPpJau2p/QCD+Lr7d3gSO/j+I+OJqXBYw7UbIBiediA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:51 2026 by rpki-client