Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
File: c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa (raw, json)
Hash identifier: fZxe0e8U1o6CiMNQkjAp7JtxoTHLibP59vZ09dWiOz4=
Subject key identifier: 96:7A:97:8A:29:4B:D8:22:CB:72:B7:63:3D:04:08:70:11:C9:E1:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26CE23AF5EF999AAD85FDFA229BDE93A34DD43AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
Signing time: Sat 28 Feb 2026 06:01:09 +0000
ROA not before: Sat 28 Feb 2026 06:01:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:ce:23:af:5e:f9:99:aa:d8:5f:df:a2:29:bd:e9:3a:34:dd:43:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7459c7324f9e3bb32b8736457bc4b8d6ada5cdacf31cc011c4fbb72b1782da46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:63:27:82:62:f2:96:3a:92:ad:30:47:88:30:
77:7b:67:fb:d3:b7:3c:81:5a:8a:d5:2f:49:02:fd:
6e:70:ef:b5:51:61:ed:ac:51:dd:7b:38:af:80:3b:
f3:2c:4d:82:dd:b6:6d:c3:d8:7d:dd:f8:19:63:7d:
8e:66:bd:51:a6:01:bb:d7:c8:cc:87:9a:e4:ce:21:
5d:3a:73:bc:b6:82:de:16:7f:59:e7:f9:59:38:d5:
2e:40:0a:51:55:db:7b:aa:3e:ae:86:04:3f:8e:3c:
9a:f6:ba:2b:cc:44:b9:0e:00:78:3c:55:10:29:ee:
7c:be:32:88:26:6c:97:38:3b:f2:e9:bc:3f:a0:8d:
07:b5:30:64:b8:c6:c4:a2:7b:01:47:00:d5:ec:d5:
85:bb:f7:9d:be:b9:b2:07:ac:a4:8b:75:c0:2a:59:
37:74:56:0b:72:cc:d5:73:3b:99:5d:34:83:09:56:
3d:46:65:72:a9:fe:e2:99:e8:27:1b:c0:ed:1f:df:
c0:52:26:3d:01:cd:d6:54:7f:a3:0e:ea:a4:b0:31:
f0:8d:39:97:35:60:4b:9b:16:1f:09:48:e4:7b:ff:
df:cf:cf:42:8c:bd:66:91:90:17:69:1e:f0:e2:e4:
2e:54:51:4c:cf:71:da:ee:1c:c6:8f:34:cd:e7:0e:
8d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7A:97:8A:29:4B:D8:22:CB:72:B7:63:3D:04:08:70:11:C9:E1:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:62:bb:67:2f:4d:78:d4:66:35:3f:9d:5f:ee:51:e5:60:9c:
2f:82:59:98:7d:dd:4f:87:e4:46:31:77:95:bc:6d:52:4c:57:
75:7a:12:80:63:32:f9:18:2e:c6:78:5b:4a:17:1e:03:76:f8:
ce:ed:07:29:2a:b3:cb:1b:61:db:9e:76:0c:9c:fc:8a:11:6d:
4b:ad:6c:5a:33:31:87:43:90:3d:d8:40:f8:5b:d6:f6:09:4c:
75:a1:41:76:05:36:9d:ff:21:af:bd:09:34:89:7e:25:3e:4c:
44:ba:31:0a:11:75:9d:08:be:14:fa:f6:31:87:9e:ac:5a:c1:
97:24:ee:7e:67:39:5c:cc:f8:ce:a3:82:f8:0c:29:51:da:18:
3d:f5:18:f6:c0:2a:c2:8b:67:b2:80:b5:34:0d:5a:8f:1b:5b:
de:0a:2d:41:76:de:9e:00:a2:b2:10:fa:41:b4:fe:29:36:2c:
48:bc:db:29:db:23:59:cf:37:6e:1b:1e:00:40:b6:da:4f:86:
6a:b7:af:b6:59:36:c3:a9:e3:48:d7:d3:9f:f8:fc:44:10:2f:
01:27:a8:7d:4f:1f:45:8c:6e:a7:0d:f5:ef:d0:b1:ac:5e:29:
09:1b:ea:0b:02:75:07:ca:a7:db:0e:5b:c0:f2:b2:16:9b:3f:
8a:72:f7:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJs4jr175marYX9+iKb3pOjTdQ6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0NTljNzMyNGY5ZTNiYjMyYjg3MzY0NTdiYzRiOGQ2YWRhNWNkYWNmMzFj
YzAxMWM0ZmJiNzJiMTc4MmRhNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtjJ4Ji8pY6kq0wR4gwd3tn+9O3PIFaitUvSQL9bnDvtVFh7axR3Xs4r4A7
8yxNgt22bcPYfd34GWN9jma9UaYBu9fIzIea5M4hXTpzvLaC3hZ/Wef5WTjVLkAK
UVXbe6o+roYEP448mva6K8xEuQ4AeDxVECnufL4yiCZslzg78um8P6CNB7UwZLjG
xKJ7AUcA1ezVhbv3nb65sgespIt1wCpZN3RWC3LM1XM7mV00gwlWPUZlcqn+4pno
JxvA7R/fwFImPQHN1lR/ow7qpLAx8I05lzVgS5sWHwlI5Hv/38/PQoy9ZpGQF2ke
8OLkLlRRTM9x2u4cxo80zecOjYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSWepeK
KUvYIstyt2M9BAhwEcnhtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzNmNGIwZTAtZGY2ZC00ODFhLThkNzUtNzcwOWU1NDVkMWU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIg
MA0GCSqGSIb3DQEBCwUAA4IBAQCsYrtnL0141GY1P51f7lHlYJwvglmYfd1Ph+RG
MXeVvG1STFd1ehKAYzL5GC7GeFtKFx4DdvjO7QcpKrPLG2HbnnYMnPyKEW1LrWxa
MzGHQ5A92ED4W9b2CUx1oUF2BTad/yGvvQk0iX4lPkxEujEKEXWdCL4U+vYxh56s
WsGXJO5+ZzlczPjOo4L4DClR2hg99Rj2wCrCi2eygLU0DVqPG1veCi1Bdt6eAKKy
EPpBtP4pNixIvNsp2yNZzzduGx4AQLbaT4Zqt6+2WTbDqeNI19Of+PxEEC8BJ6h9
Tx9FjG6nDfXv0LGsXikJG+oLAnUHyqfbDlvA8rIWmz+KcveU
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:43:57 2026 by rpki-client