Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
File: c8af18fc-ae06-42ae-9533-a5516ea722d4.roa (raw, json)
Hash identifier: WEWFI6uyittE8LrPJ73TrBO9erDv2ohgSSausuIcD/0=
Subject key identifier: 4E:AC:94:F7:7B:11:F5:B7:2A:E0:A4:68:12:20:C9:3E:BA:7A:1B:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20BDE2F0DB4DAFE6F43D94B04CFC2B6584410CCA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
Signing time: Sat 28 Feb 2026 06:00:32 +0000
ROA not before: Sat 28 Feb 2026 06:00:32 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:bd:e2:f0:db:4d:af:e6:f4:3d:94:b0:4c:fc:2b:65:84:41:0c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:32 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=464d33bc600cf408607a622a715dde2892a6ce046a4c3ff405548d706defb42d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5a:98:e1:ec:5e:1b:aa:84:92:ea:d0:5c:7a:
33:e0:ef:a9:03:3a:76:12:b2:c5:d6:6c:bc:9c:f9:
78:86:1a:0a:51:2d:99:d7:2a:3d:a9:de:1e:ca:04:
a9:a2:b0:95:d5:fb:2a:91:ac:1b:15:87:13:20:09:
ea:9a:bd:ee:b3:d4:d2:ef:6d:90:80:b0:02:fb:89:
e9:5a:61:70:80:b3:c8:32:5b:d2:05:79:a7:fa:07:
97:9c:28:8e:85:ec:f0:35:53:31:af:2b:7e:dd:d1:
47:38:fb:54:00:d5:dc:67:e6:8f:f9:8c:2d:51:79:
51:b9:0e:32:ae:1c:60:eb:88:d6:0f:d2:7e:c9:f2:
15:10:36:56:60:8e:6c:46:41:64:03:0d:6a:63:4b:
e0:d2:e7:7f:17:7e:6d:6c:a4:cc:33:d6:bc:d8:34:
3a:42:f6:a4:2b:e1:09:67:66:7f:94:53:db:04:41:
a6:6b:d8:9f:a2:3a:b8:90:29:84:f3:83:d0:f8:d3:
6e:3a:30:41:18:fc:66:0d:4b:03:4b:73:fc:46:e6:
08:7f:52:d3:91:18:7e:23:b5:ca:6a:67:e6:73:ec:
cf:e2:ec:d6:c9:37:a1:54:7b:24:0e:3f:ea:c6:e1:
b5:ed:3a:75:d9:00:51:ef:cc:2a:94:96:f7:9c:61:
49:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AC:94:F7:7B:11:F5:B7:2A:E0:A4:68:12:20:C9:3E:BA:7A:1B:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9080::/48
Signature Algorithm: sha256WithRSAEncryption
a3:0f:cc:03:42:e5:a7:79:22:20:11:e0:af:54:9c:b9:7a:15:
90:f6:8a:5f:29:a7:2b:88:2a:1a:78:81:a0:f7:10:47:0f:5f:
c5:fd:6e:df:b1:96:28:a7:7d:9f:34:e4:20:18:db:f2:3b:6c:
75:7b:a6:fe:4d:e0:3c:73:80:41:67:00:9a:1e:8d:25:23:1e:
16:41:ed:47:d4:53:c0:9a:dd:d3:71:a3:c9:55:56:83:e5:1b:
17:fb:48:3d:9f:e8:de:23:45:79:fc:19:60:38:85:42:2e:e3:
7e:2b:24:d5:71:b5:8d:84:15:b1:c9:74:b0:1d:df:e2:23:d9:
02:9d:0c:b8:30:86:89:16:d8:50:df:6f:69:97:1d:a8:c1:e8:
aa:e7:99:e6:96:7c:57:a8:fc:90:23:16:5b:a3:23:82:15:3f:
e6:71:a1:a9:86:de:fe:c8:23:fc:f9:57:ed:18:a4:85:47:34:
2f:7a:16:62:03:09:9e:90:f9:32:0e:60:09:ac:b5:70:f1:0a:
4a:50:7d:27:57:e4:a7:38:f3:ec:00:e0:a5:04:dc:1a:83:4d:
ce:d4:84:80:0a:ff:f2:c0:b8:9c:e1:99:48:4a:ce:a3:26:73:
92:30:03:a0:cf:22:e8:51:76:e5:e8:45:15:77:30:62:8c:f8:
2f:75:64:9e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIL3i8NtNr+b0PZSwTPwrZYRBDMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwMzJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2NGQzM2JjNjAwY2Y0MDg2MDdhNjIyYTcxNWRkZTI4OTJhNmNlMDQ2YTRj
M2ZmNDA1NTQ4ZDcwNmRlZmI0MmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOdamOHsXhuqhJLq0Fx6M+DvqQM6dhKyxdZsvJz5eIYaClEtmdcqPaneHsoE
qaKwldX7KpGsGxWHEyAJ6pq97rPU0u9tkICwAvuJ6VphcICzyDJb0gV5p/oHl5wo
joXs8DVTMa8rft3RRzj7VADV3Gfmj/mMLVF5UbkOMq4cYOuI1g/SfsnyFRA2VmCO
bEZBZAMNamNL4NLnfxd+bWykzDPWvNg0OkL2pCvhCWdmf5RT2wRBpmvYn6I6uJAp
hPOD0PjTbjowQRj8Zg1LA0tz/EbmCH9S05EYfiO1ympn5nPsz+Ls1sk3oVR7JA4/
6sbhte06ddkAUe/MKpSW95xhSSkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBROrJT3
exH1tyrgpGgSIMk+unob3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzhhZjE4ZmMtYWUwNi00MmFlLTk1MzMtYTU1MTZlYTcyMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAow/MA0Llp3kiIBHgr1ScuXoVkPaKXymnK4gq
GniBoPcQRw9fxf1u37GWKKd9nzTkIBjb8jtsdXum/k3gPHOAQWcAmh6NJSMeFkHt
R9RTwJrd03GjyVVWg+UbF/tIPZ/o3iNFefwZYDiFQi7jfisk1XG1jYQVscl0sB3f
4iPZAp0MuDCGiRbYUN9vaZcdqMHoqueZ5pZ8V6j8kCMWW6MjghU/5nGhqYbe/sgj
/PlX7RikhUc0L3oWYgMJnpD5Mg5gCay1cPEKSlB9J1fkpzjz7ADgpQTcGoNNztSE
gAr/8sC4nOGZSErOoyZzkjADoM8i6FF25ehFFXcwYoz4L3Vkng==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:39 2026 by rpki-client