Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
File: c575b6fa-c023-458f-85c8-9694aa053e43.roa (raw, json)
Hash identifier: XjCxfEZlqJfNyGWTYxBQYRg3L+1I3J2l32MwkavXrIU=
Subject key identifier: C1:6B:C6:91:3D:2E:E4:AE:14:E9:81:2B:E5:AA:3E:9E:12:4D:97:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6752998073E41F4640445E308FDD856813DCCA77
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
Signing time: Sat 28 Feb 2026 05:40:13 +0000
ROA not before: Sat 28 Feb 2026 05:40:13 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:52:99:80:73:e4:1f:46:40:44:5e:30:8f:dd:85:68:13:dc:ca:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:13 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4bc93ade00e8eb4de1aad200db8b45d52a606d8965ab47f23c7c33820995f499, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:48:28:94:db:c4:d4:59:a6:30:3b:51:2e:68:
cc:00:b8:7d:b4:04:91:14:84:0b:7e:26:7b:a8:e8:
f8:61:d9:9a:d6:9b:08:4a:c4:8c:b9:33:16:93:36:
07:fa:72:02:67:26:da:13:d7:ac:35:88:52:1f:48:
85:38:f7:54:53:ee:96:a2:08:5e:43:94:40:d6:8e:
25:81:70:b7:7b:29:6b:ad:91:d0:09:b7:fb:3c:c9:
10:44:1e:ae:55:5c:df:b7:76:f2:79:bc:05:3a:82:
5b:24:8d:4e:35:2b:a2:8f:c1:27:d9:41:71:0e:ca:
5f:b9:d9:47:93:2c:96:5f:ea:68:74:a8:2a:f4:ba:
d5:71:d8:f8:46:79:4f:25:fb:1c:32:2e:07:e7:ad:
79:a5:14:51:c6:24:fa:b7:03:e8:7f:7a:83:66:05:
53:c4:0d:07:db:2e:52:58:5c:a5:d3:6e:46:a1:f6:
db:fa:b5:5b:4a:b1:80:2b:cf:44:d5:4c:06:58:20:
b4:84:51:ce:ff:b6:6b:19:ce:2f:52:26:a4:2c:3b:
b7:fc:6d:83:ed:4b:d3:6d:cc:24:2b:0a:fd:00:07:
0f:08:ea:0d:72:18:10:31:d9:c2:99:b9:3d:45:d6:
67:11:80:c6:53:04:be:74:08:f3:26:f5:78:4e:b4:
f2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:6B:C6:91:3D:2E:E4:AE:14:E9:81:2B:E5:AA:3E:9E:12:4D:97:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4080::/48
Signature Algorithm: sha256WithRSAEncryption
04:35:d4:e3:b3:3d:d4:01:31:ce:6b:4d:2d:41:f6:b4:74:4f:
9d:ba:13:95:6f:f9:fb:91:7f:2e:90:6a:c5:1e:b8:2f:dc:45:
30:f9:f7:92:97:fb:e7:f9:12:51:5d:3a:aa:69:c7:ee:59:91:
38:aa:b6:7c:d8:6c:7f:0e:84:2a:d0:1f:85:19:b7:f6:8d:72:
da:b7:10:c5:60:d9:38:8d:b4:98:c3:1a:2a:b9:3c:22:b3:f9:
3f:4c:00:f8:6c:8f:33:96:6e:c4:0b:26:ae:56:e2:24:f2:a1:
9c:a2:02:8f:12:b6:b0:d4:e9:29:8f:10:f2:c6:b0:d0:e6:49:
88:c9:90:fc:ae:fd:4c:63:d8:6c:09:d9:89:13:d9:38:da:f1:
5e:6d:1f:4b:c3:60:a0:be:7d:b7:a4:74:d1:49:20:b7:f7:e4:
a1:a1:71:bd:da:2d:3c:b0:af:32:92:cc:73:4e:68:a9:a3:cb:
b8:0d:b5:5f:9e:03:ed:88:fd:53:84:d5:86:79:5b:68:48:d4:
4c:2b:a3:e0:d5:0d:13:02:d1:f9:c7:da:76:1e:fb:68:29:63:
35:65:22:40:86:35:7d:fb:f6:4c:58:6b:ba:94:63:aa:ee:f6:
a0:5d:d3:b6:ed:92:5a:85:5b:08:78:8d:f1:e1:80:bd:2b:88:
5d:95:02:ff
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ1KZgHPkH0ZARF4wj92FaBPcyncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwMTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYzkzYWRlMDBlOGViNGRlMWFhZDIwMGRiOGI0NWQ1MmE2MDZkODk2NWFi
NDdmMjNjN2MzMzgyMDk5NWY0OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI1IKJTbxNRZpjA7US5ozAC4fbQEkRSEC34me6jo+GHZmtabCErEjLkzFpM2
B/pyAmcm2hPXrDWIUh9IhTj3VFPulqIIXkOUQNaOJYFwt3spa62R0Am3+zzJEEQe
rlVc37d28nm8BTqCWySNTjUroo/BJ9lBcQ7KX7nZR5Msll/qaHSoKvS61XHY+EZ5
TyX7HDIuB+eteaUUUcYk+rcD6H96g2YFU8QNB9suUlhcpdNuRqH22/q1W0qxgCvP
RNVMBlggtIRRzv+2axnOL1ImpCw7t/xtg+1L023MJCsK/QAHDwjqDXIYEDHZwpm5
PUXWZxGAxlMEvnQI8yb1eE608pUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTBa8aR
PS7krhTpgSvlqj6eEk2XFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzU3NWI2ZmEtYzAyMy00NThmLTg1YzgtOTY5NGFhMDUzZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
gDANBgkqhkiG9w0BAQsFAAOCAQEABDXU47M91AExzmtNLUH2tHRPnboTlW/5+5F/
LpBqxR64L9xFMPn3kpf75/kSUV06qmnH7lmROKq2fNhsfw6EKtAfhRm39o1y2rcQ
xWDZOI20mMMaKrk8IrP5P0wA+GyPM5ZuxAsmrlbiJPKhnKICjxK2sNTpKY8Q8saw
0OZJiMmQ/K79TGPYbAnZiRPZONrxXm0fS8NgoL59t6R00Ukgt/fkoaFxvdotPLCv
MpLMc05oqaPLuA21X54D7Yj9U4TVhnlbaEjUTCuj4NUNEwLR+cfadh77aCljNWUi
QIY1ffv2TFhrupRjqu72oF3Ttu2SWoVbCHiN8eGAvSuIXZUC/w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:47:47 2026 by rpki-client