Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
File: c3736673-707b-4dfc-aca4-88dcbb52a94d.roa (raw, json)
Hash identifier: GcSyGSk9UIcitY5dd5hbF+/DF3qSEYSTsS6AJbuxOe4=
Subject key identifier: 87:CD:EB:46:B1:95:B5:21:C0:6F:AA:58:9D:08:79:FE:9E:57:76:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7560A28B14569EC62186CA2D722864DC43D2FAB5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
Signing time: Thu 26 Feb 2026 02:00:08 +0000
ROA not before: Thu 26 Feb 2026 02:00:08 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:60:a2:8b:14:56:9e:c6:21:86:ca:2d:72:28:64:dc:43:d2:fa:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:00:08 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=99e568fd9448da562e8381ca3cf8e6eeafe2dc7920d0091425353d5d973623dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4a:f4:2c:73:4a:29:03:30:0d:9d:33:4b:af:
2a:48:67:87:db:92:81:e7:34:32:ab:34:53:9f:01:
dc:45:69:7d:b5:c6:20:23:9e:5c:00:83:27:d4:5b:
2e:92:e6:77:15:71:59:f0:97:a5:f2:2f:b1:a7:4d:
4a:34:0f:b0:35:c9:96:6d:25:b8:dd:dc:3b:03:12:
da:cc:15:c8:f7:6e:41:85:d2:e3:70:01:5b:26:ec:
a7:d8:46:06:86:06:e0:8a:60:6a:09:c1:8b:ac:af:
cf:dc:33:e1:67:3d:f8:2e:e3:ee:09:b6:e7:25:a9:
35:0c:49:1c:be:7a:27:67:f1:cd:52:d0:c4:c6:e9:
52:db:4b:c8:a3:af:f4:7e:02:51:4f:22:fb:e0:be:
95:d8:9b:b5:a8:fd:76:63:81:08:77:af:8c:ff:de:
0b:53:a1:e9:1d:18:8a:c6:25:67:6d:38:00:01:a0:
1e:26:26:64:62:60:a2:6a:fb:3a:ec:95:c7:8c:69:
76:8c:9c:79:74:48:2b:16:57:56:f0:49:55:4f:5d:
1b:49:1c:83:62:03:01:53:e1:3e:21:ed:d2:4c:c1:
fb:32:71:3f:21:12:e1:3d:0e:91:88:76:55:6b:40:
d6:9a:22:34:1d:c4:9a:62:0e:65:93:59:d9:6a:49:
c3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:CD:EB:46:B1:95:B5:21:C0:6F:AA:58:9D:08:79:FE:9E:57:76:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:800::/40
Signature Algorithm: sha256WithRSAEncryption
a2:d5:24:b1:f9:b8:07:25:e7:b8:b7:bf:73:bc:58:78:92:d8:
a1:34:68:a8:de:31:f1:71:9a:e8:a7:ef:c3:de:7b:ca:e1:ab:
00:8e:34:c3:8c:ee:cb:de:4f:a8:68:21:bf:d5:e0:fb:13:ee:
38:44:a6:db:05:02:31:c2:d0:ec:27:3c:4f:a9:e7:82:81:1e:
09:61:a4:6c:df:d2:6d:ca:a3:fa:7f:2c:50:af:e5:71:0f:aa:
cb:df:ab:8a:30:0e:83:53:33:82:7c:f7:d1:e2:44:f5:18:fe:
d3:d8:b8:5a:87:46:b1:32:b8:1c:2d:df:3c:49:e9:ef:fc:5a:
91:19:c8:20:1b:41:05:53:b0:ee:75:d5:ce:12:89:3e:08:5a:
0e:33:18:ab:d9:5e:b3:c8:95:04:1d:74:ce:48:1b:f8:3e:71:
2d:c5:73:56:98:9c:9a:b5:23:b2:0e:78:f9:a3:8a:45:d8:7c:
9d:db:58:71:18:98:6b:19:0f:1f:ab:8a:d0:3a:17:44:77:42:
2c:dd:01:52:22:c9:5e:a9:1f:69:1c:ee:4c:cf:bb:fb:95:a6:
a2:68:0a:79:9b:e3:97:31:68:ee:71:c2:cb:62:00:22:50:d6:
c5:a8:b4:c9:5c:45:34:c3:6a:96:90:85:8b:40:c0:52:9e:9e:
ef:07:d1:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdWCiixRWnsYhhsotcihk3EPS+rUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjAwMDhaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5ZTU2OGZkOTQ0OGRhNTYyZTgzODFjYTNjZjhlNmVlYWZlMmRjNzkyMGQw
MDkxNDI1MzUzZDVkOTczNjIzZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpK9CxzSikDMA2dM0uvKkhnh9uSgec0Mqs0U58B3EVpfbXGICOeXACDJ9Rb
LpLmdxVxWfCXpfIvsadNSjQPsDXJlm0luN3cOwMS2swVyPduQYXS43ABWybsp9hG
BoYG4IpgagnBi6yvz9wz4Wc9+C7j7gm25yWpNQxJHL56J2fxzVLQxMbpUttLyKOv
9H4CUU8i++C+ldibtaj9dmOBCHevjP/eC1Oh6R0YisYlZ204AAGgHiYmZGJgomr7
OuyVx4xpdoyceXRIKxZXVvBJVU9dG0kcg2IDAVPhPiHt0kzB+zJxPyES4T0OkYh2
VWtA1poiNB3EmmIOZZNZ2WpJwxcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHzetG
sZW1IcBvqlidCHn+nld2jDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM3MzY2NzMtNzA3Yi00ZGZjLWFjYTQtODhkY2JiNTJhOTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HgI
MA0GCSqGSIb3DQEBCwUAA4IBAQCi1SSx+bgHJee4t79zvFh4ktihNGio3jHxcZro
p+/D3nvK4asAjjTDjO7L3k+oaCG/1eD7E+44RKbbBQIxwtDsJzxPqeeCgR4JYaRs
39JtyqP6fyxQr+VxD6rL36uKMA6DUzOCfPfR4kT1GP7T2Lhah0axMrgcLd88Senv
/FqRGcggG0EFU7DuddXOEok+CFoOMxir2V6zyJUEHXTOSBv4PnEtxXNWmJyatSOy
Dnj5o4pF2Hyd21hxGJhrGQ8fq4rQOhdEd0Is3QFSIsleqR9pHO5Mz7v7laaiaAp5
m+OXMWjuccLLYgAiUNbFqLTJXEU0w2qWkIWLQMBSnp7vB9Ho
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:29 2026 by rpki-client