Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
File: c768f15e-576e-48c0-91d4-8446a6be70a8.roa (raw, json)
Hash identifier: uYLnPi+yxdwB5nnxr96dPenNm3LJehTeEJQrrW7wCiw=
Subject key identifier: B4:EF:4C:2B:5D:88:1C:07:66:99:6A:E6:A0:9A:31:5C:93:23:FC:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A72F3DD90B996A155A0AE320DA4C521588E67DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
Signing time: Sat 28 Feb 2026 06:10:56 +0000
ROA not before: Sat 28 Feb 2026 06:10:56 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:72:f3:dd:90:b9:96:a1:55:a0:ae:32:0d:a4:c5:21:58:8e:67:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:56 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2532bd13bbfd854625df344c354ee24dc3388ffae07ccb12b2cbad5faa1eb0d6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:76:c9:11:15:fa:78:14:73:67:01:21:48:1c:
02:13:6c:0d:ab:c4:14:63:62:2f:92:0d:fb:ec:d8:
c7:8d:b5:d5:43:a1:49:7f:aa:01:4c:e3:5d:03:0f:
f3:02:89:3b:7a:63:01:fd:72:03:aa:dc:d8:8e:ca:
7a:42:a2:99:4d:c8:d1:dd:ed:83:3a:ca:25:25:ea:
6d:76:b9:eb:6c:88:93:99:55:2c:70:a7:b4:96:22:
3d:e7:12:f3:d9:6a:ec:3d:28:5c:88:ad:41:1d:cd:
30:41:5f:e0:ea:33:f6:c7:40:14:cc:65:af:6e:ca:
57:05:3a:73:ad:1f:cd:30:b5:b2:a1:43:4b:29:17:
48:98:fb:dd:cf:83:1f:d5:37:a1:15:cc:fd:98:13:
09:1d:c2:f8:61:73:be:8c:d8:c6:69:1a:f4:a6:86:
50:67:20:11:dd:38:a6:bb:cf:5a:cb:bf:a1:14:59:
26:12:06:3b:87:30:90:f5:62:7f:e9:a8:94:a8:c6:
70:9c:79:1c:18:d9:e7:29:5c:78:47:eb:d1:5f:91:
ed:16:c5:2e:2c:36:c7:6a:d3:2e:22:82:fa:e5:28:
9c:7d:b4:2c:9e:54:e4:26:9a:97:cf:43:1a:0f:41:
1d:0f:80:ad:64:d8:47:69:66:e0:8e:2e:70:b3:92:
38:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:EF:4C:2B:5D:88:1C:07:66:99:6A:E6:A0:9A:31:5C:93:23:FC:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:e000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:73:a1:b7:3a:04:cf:83:a6:34:70:20:64:2e:47:07:30:3d:
77:22:8c:63:47:38:29:ad:83:b6:0b:2a:47:1a:48:cc:cf:be:
c2:98:1b:88:cf:e2:dc:79:84:0b:9c:5f:87:a6:00:4e:fe:a2:
95:73:85:86:a9:65:10:f8:97:64:b5:a9:d7:5a:58:06:05:5a:
e1:e6:b7:21:7b:fc:37:44:d5:91:01:99:7e:07:ce:14:81:0a:
59:bd:17:6b:34:db:be:8b:6e:c2:e5:9b:15:b5:e7:29:5b:0c:
06:bd:d4:77:98:91:6c:a2:c0:5f:d0:fe:a9:60:c3:aa:56:6e:
38:ce:14:bb:96:33:6c:10:8c:0f:41:a7:38:50:fe:77:06:ca:
e1:33:1a:42:0d:f0:43:ef:9f:9b:8f:2d:ec:0f:e6:be:61:4d:
b1:0a:4d:4f:e5:ba:be:22:29:13:e5:ed:b3:fe:ab:25:af:0b:
ad:ed:65:83:94:5a:22:32:16:85:ca:ad:6d:6e:da:07:7d:56:
3a:22:16:8b:fb:94:9c:99:0c:7f:46:7e:f1:21:81:cd:31:59:
3c:12:14:6a:da:5b:fa:0a:8c:ef:b9:9a:bc:bd:c2:c0:9d:df:
77:0f:d6:f3:7c:46:da:bd:24:0b:36:25:9e:bb:1d:ee:25:80:
ca:6f:f1:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGnLz3ZC5lqFVoK4yDaTFIViOZ94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNTZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1MzJiZDEzYmJmZDg1NDYyNWRmMzQ0YzM1NGVlMjRkYzMzODhmZmFlMDdj
Y2IxMmIyY2JhZDVmYWExZWIwZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZ2yREV+ngUc2cBIUgcAhNsDavEFGNiL5IN++zYx4211UOhSX+qAUzjXQMP
8wKJO3pjAf1yA6rc2I7KekKimU3I0d3tgzrKJSXqbXa562yIk5lVLHCntJYiPecS
89lq7D0oXIitQR3NMEFf4Ooz9sdAFMxlr27KVwU6c60fzTC1sqFDSykXSJj73c+D
H9U3oRXM/ZgTCR3C+GFzvozYxmka9KaGUGcgEd04prvPWsu/oRRZJhIGO4cwkPVi
f+molKjGcJx5HBjZ5ylceEfr0V+R7RbFLiw2x2rTLiKC+uUonH20LJ5U5Caal89D
Gg9BHQ+ArWTYR2lm4I4ucLOSOBcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS070wr
XYgcB2aZauagmjFckyP8xzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc2OGYxNWUtNTc2ZS00OGMwLTkxZDQtODQ0NmE2YmU3MGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLg
MA0GCSqGSIb3DQEBCwUAA4IBAQC6c6G3OgTPg6Y0cCBkLkcHMD13IoxjRzgprYO2
CypHGkjMz77CmBuIz+LceYQLnF+HpgBO/qKVc4WGqWUQ+JdktanXWlgGBVrh5rch
e/w3RNWRAZl+B84UgQpZvRdrNNu+i27C5ZsVtecpWwwGvdR3mJFsosBf0P6pYMOq
Vm44zhS7ljNsEIwPQac4UP53BsrhMxpCDfBD75+bjy3sD+a+YU2xCk1P5bq+IikT
5e2z/qslrwut7WWDlFoiMhaFyq1tbtoHfVY6IhaL+5ScmQx/Rn7xIYHNMVk8EhRq
2lv6CozvuZq8vcLAnd93D9bzfEbavSQLNiWeux3uJYDKb/FU
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:20 2026 by rpki-client