Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
File: c153f994-19fd-4682-b6f7-f4e92e6144ea.roa (raw, json)
Hash identifier: pddy4VkBue6daUVSnXO21w889uhnqcZ32ONEa+qmoKA=
Subject key identifier: 28:A7:23:68:15:E7:F1:B3:C4:2D:CB:04:10:18:03:81:2E:13:11:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D289FA3316E04E8A890C137B649F53B0B8E0ED3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
Signing time: Sat 28 Feb 2026 05:20:25 +0000
ROA not before: Sat 28 Feb 2026 05:20:25 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:28:9f:a3:31:6e:04:e8:a8:90:c1:37:b6:49:f5:3b:0b:8e:0e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:25 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c6c512a71c10d206440e95cdc5130719a54bf056f5d74e9615b765ea707d71ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f3:bd:1c:da:a9:ef:d6:22:7f:33:8a:88:c9:
46:a6:76:d2:a8:27:dd:d7:cc:6e:b2:47:ee:96:18:
0c:ba:4e:b7:7f:6f:d4:17:59:81:56:d5:43:a0:e4:
73:b0:0d:5e:12:c1:db:56:ad:be:a3:59:91:a5:23:
31:d7:29:da:96:83:29:6d:b6:9c:04:3c:b3:f5:d5:
b0:df:40:2e:f5:f8:42:48:72:4e:47:f2:3d:7f:7d:
7c:b6:a4:df:f4:f1:17:36:96:84:b4:8c:a2:64:e2:
45:53:4a:f7:f1:52:cc:bf:f7:47:73:4e:ae:82:8c:
06:cd:c8:e7:21:18:12:b8:28:e3:10:7a:ac:17:4b:
80:da:89:50:7b:40:c6:bd:b4:23:49:c3:e4:1e:c6:
eb:d4:a0:9b:82:5d:b6:87:53:de:9a:b9:3f:ce:3c:
10:a9:16:2f:73:37:ce:95:0f:f0:f3:64:9f:b8:3b:
d1:97:38:b9:00:21:33:41:45:ed:78:7b:24:f1:ca:
aa:d6:83:ba:7f:db:44:86:24:2f:7e:8c:9e:9a:ee:
27:47:ff:2a:77:4f:2c:95:af:99:6a:5d:02:d3:a8:
58:3a:ad:d9:7d:00:63:ca:23:1b:70:6d:28:ae:a5:
f7:14:ce:1f:d3:8a:5f:41:4e:3e:d3:6f:76:4f:ad:
2f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A7:23:68:15:E7:F1:B3:C4:2D:CB:04:10:18:03:81:2E:13:11:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:c00::/38
Signature Algorithm: sha256WithRSAEncryption
83:30:83:34:01:9c:da:64:29:c3:58:08:d6:20:09:6a:cf:3a:
6d:c2:83:d8:61:9f:80:f8:f1:7a:f6:75:21:e9:41:ab:6d:12:
cb:69:a3:7b:5a:68:14:60:5a:54:05:b7:08:2c:aa:59:f1:42:
f3:ca:bc:fb:86:14:0c:c9:ac:4c:22:7e:77:06:2a:8f:d9:fe:
31:7f:d2:25:2c:9e:5d:12:a0:2d:af:38:4b:01:3f:55:58:da:
a1:54:e2:09:9b:e4:a8:fa:9c:de:0c:26:9d:ee:81:8c:c4:1c:
a2:ee:a5:71:51:40:5c:c5:52:75:bd:3b:0c:a4:c4:cc:b5:07:
7a:11:be:91:e2:18:e0:0d:78:25:2d:0c:ea:20:d9:d4:da:3c:
31:e8:69:6c:8d:3b:0b:65:d5:d6:16:9b:53:5f:a8:8d:a0:18:
87:05:39:2b:9b:d1:1b:6b:90:3b:bb:e7:42:5a:c1:00:53:81:
66:8a:c4:c0:d4:55:ac:a0:1e:9c:1d:ac:e8:61:01:9a:01:6e:
86:4c:ee:6a:14:6b:7c:cd:b4:05:e8:e6:fe:3f:09:72:81:49:
ac:ba:d6:1a:65:cd:af:b4:25:d1:75:2f:68:b8:5c:1f:78:dd:
48:fc:0b:c5:a7:7c:b8:f7:7d:65:24:56:49:04:7d:8a:e3:9a:
7b:38:58:ce
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHSifozFuBOiokME3tkn1OwuODtMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMjVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2YzUxMmE3MWMxMGQyMDY0NDBlOTVjZGM1MTMwNzE5YTU0YmYwNTZmNWQ3
NGU5NjE1Yjc2NWVhNzA3ZDcxZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPzvRzaqe/WIn8ziojJRqZ20qgn3dfMbrJH7pYYDLpOt39v1BdZgVbVQ6Dk
c7ANXhLB21atvqNZkaUjMdcp2paDKW22nAQ8s/XVsN9ALvX4QkhyTkfyPX99fLak
3/TxFzaWhLSMomTiRVNK9/FSzL/3R3NOroKMBs3I5yEYErgo4xB6rBdLgNqJUHtA
xr20I0nD5B7G69Sgm4JdtodT3pq5P848EKkWL3M3zpUP8PNkn7g70Zc4uQAhM0FF
7Xh7JPHKqtaDun/bRIYkL36MnpruJ0f/KndPLJWvmWpdAtOoWDqt2X0AY8ojG3Bt
KK6l9xTOH9OKX0FOPtNvdk+tLxUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQopyNo
Fefxs8QtywQQGAOBLhMRPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE1M2Y5OTQtMTlmZC00NjgyLWI2ZjctZjRlOTJlNjE0NGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwM
MA0GCSqGSIb3DQEBCwUAA4IBAQCDMIM0AZzaZCnDWAjWIAlqzzptwoPYYZ+A+PF6
9nUh6UGrbRLLaaN7WmgUYFpUBbcILKpZ8ULzyrz7hhQMyaxMIn53BiqP2f4xf9Il
LJ5dEqAtrzhLAT9VWNqhVOIJm+So+pzeDCad7oGMxByi7qVxUUBcxVJ1vTsMpMTM
tQd6Eb6R4hjgDXglLQzqINnU2jwx6GlsjTsLZdXWFptTX6iNoBiHBTkrm9Eba5A7
u+dCWsEAU4FmisTA1FWsoB6cHazoYQGaAW6GTO5qFGt8zbQF6Ob+PwlygUmsutYa
Zc2vtCXRdS9ouFwfeN1I/AvFp3y4931lJFZJBH2K45p7OFjO
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:31 2026 by rpki-client