Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
File: c7743543-1a04-47c2-8128-1b90de9136a9.roa (raw, json)
Hash identifier: KY0y7ieVLVlRVUsDVrVsa2Ut1bLV2ZquY+6D8PNu/S8=
Subject key identifier: D1:02:03:5D:2C:98:7D:5B:4E:0C:CF:7C:08:5D:B6:46:A7:68:F9:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 798CB53794B5ABF12C0B7B5C76A80399BD31C19E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
Signing time: Sat 28 Feb 2026 05:51:02 +0000
ROA not before: Sat 28 Feb 2026 05:51:02 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:8c:b5:37:94:b5:ab:f1:2c:0b:7b:5c:76:a8:03:99:bd:31:c1:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:02 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=97459184f52a06507094a018ac021419de7487636634a7e54e139ac24f0da599, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9d:8d:5c:6a:a1:c0:21:e2:34:b1:f4:11:7b:
b7:42:56:e2:16:bd:08:ba:a5:bc:0e:92:a9:f2:fa:
aa:e6:07:a8:a8:a3:29:f7:5d:0a:57:ce:f5:0c:50:
e0:c1:5f:85:5c:1a:d1:ef:a0:0d:8d:4b:23:97:89:
7a:2d:12:49:2f:28:8a:8e:cb:c5:db:fa:fa:fb:88:
c0:8b:a4:47:eb:42:77:ea:5c:83:e2:b1:b4:82:e7:
57:f0:eb:3c:9e:89:44:27:aa:27:71:27:67:0a:cd:
44:58:8f:e7:1e:68:e0:7e:33:91:b1:3f:86:c4:7e:
db:2d:33:1e:d4:0f:f1:43:4d:4f:d2:a7:ce:9b:3e:
11:dc:a8:eb:e8:32:4c:c6:13:2b:5e:4b:c1:98:93:
30:c2:03:9f:d9:28:8c:55:be:89:1c:49:88:e7:d5:
65:d1:ee:e3:33:4d:46:c0:54:ab:2a:7e:52:24:41:
35:86:a0:02:52:72:0b:ae:f1:70:b3:27:ac:27:a0:
f6:63:d2:7e:dc:c4:81:7c:0c:a6:f7:09:11:07:30:
1c:bc:f4:7b:56:43:e6:fa:8c:3b:90:b1:f1:ff:b7:
62:d8:51:d3:95:e5:7d:e4:d5:f0:51:1f:09:e3:b2:
c7:d7:83:ea:13:67:70:8c:85:70:27:56:4a:1f:ee:
f2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:02:03:5D:2C:98:7D:5B:4E:0C:CF:7C:08:5D:B6:46:A7:68:F9:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8090::/48
Signature Algorithm: sha256WithRSAEncryption
5d:2f:46:26:b2:09:7a:8b:c1:64:64:8e:50:76:3b:7c:80:5a:
67:6c:a5:85:03:bc:23:21:8b:a9:ea:ff:0c:df:4a:1d:b7:9a:
01:5b:4d:97:4f:8e:6d:e4:fa:fa:56:64:cd:f9:7c:9d:39:11:
08:c8:53:97:83:4a:d5:81:fe:21:67:77:22:19:d3:50:00:47:
e8:92:98:48:b2:da:fd:94:61:dd:3d:2c:e4:b2:69:c7:9e:a2:
8a:02:32:05:aa:cd:5a:18:8c:50:6b:7b:4f:e6:8b:19:63:a7:
66:9d:43:c0:3e:7b:94:08:2b:52:1c:fa:ad:36:76:8b:98:67:
63:d0:b8:54:b6:44:16:d2:16:30:70:f4:29:47:29:a1:e9:14:
0c:72:d3:e2:4d:40:2f:4b:12:8c:f5:69:eb:a5:1d:ee:31:56:
2d:a3:ff:2c:20:a7:7c:88:4a:8d:73:56:8f:8c:58:71:9e:0b:
a4:90:50:cf:64:79:07:78:64:df:ed:3d:7a:e9:c9:7d:5e:55:
c5:cc:69:3c:b0:d7:0d:92:66:23:29:e8:4e:b4:d8:41:71:90:
35:bd:d4:0d:26:ea:3e:21:c4:2a:23:2e:e4:46:b6:7a:94:b8:
60:99:93:4d:40:13:2b:5a:c3:98:8c:d3:fd:7f:04:80:50:84:
6f:e3:2e:6d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeYy1N5S1q/EsC3tcdqgDmb0xwZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMDJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3NDU5MTg0ZjUyYTA2NTA3MDk0YTAxOGFjMDIxNDE5ZGU3NDg3NjM2NjM0
YTdlNTRlMTM5YWMyNGYwZGE1OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOdjVxqocAh4jSx9BF7t0JW4ha9CLqlvA6SqfL6quYHqKijKfddClfO9QxQ
4MFfhVwa0e+gDY1LI5eJei0SSS8oio7Lxdv6+vuIwIukR+tCd+pcg+KxtILnV/Dr
PJ6JRCeqJ3EnZwrNRFiP5x5o4H4zkbE/hsR+2y0zHtQP8UNNT9Knzps+Edyo6+gy
TMYTK15LwZiTMMIDn9kojFW+iRxJiOfVZdHu4zNNRsBUqyp+UiRBNYagAlJyC67x
cLMnrCeg9mPSftzEgXwMpvcJEQcwHLz0e1ZD5vqMO5Cx8f+3YthR05XlfeTV8FEf
CeOyx9eD6hNncIyFcCdWSh/u8n8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTRAgNd
LJh9W04Mz3wIXbZGp2j58zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc3NDM1NDMtMWEwNC00N2MyLTgxMjgtMWI5MGRlOTEzNmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
kDANBgkqhkiG9w0BAQsFAAOCAQEAXS9GJrIJeovBZGSOUHY7fIBaZ2ylhQO8IyGL
qer/DN9KHbeaAVtNl0+ObeT6+lZkzfl8nTkRCMhTl4NK1YH+IWd3IhnTUABH6JKY
SLLa/ZRh3T0s5LJpx56iigIyBarNWhiMUGt7T+aLGWOnZp1DwD57lAgrUhz6rTZ2
i5hnY9C4VLZEFtIWMHD0KUcpoekUDHLT4k1AL0sSjPVp66Ud7jFWLaP/LCCnfIhK
jXNWj4xYcZ4LpJBQz2R5B3hk3+09eunJfV5VxcxpPLDXDZJmIynoTrTYQXGQNb3U
DSbqPiHEKiMu5Ea2epS4YJmTTUATK1rDmIzT/X8EgFCEb+MubQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:02:05 2026 by rpki-client