Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
File: c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa (raw, json)
Hash identifier: zxH2BjY1IlpGjJSm8piAr9RnbrXZ55odiTiP4pALG38=
Subject key identifier: 51:03:60:56:A5:97:12:8F:E8:5D:9D:70:D5:EE:02:58:7B:E8:39:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45187111077D69B65B21C5EEF50DD5E897A4CF2C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
Signing time: Sat 28 Feb 2026 05:50:43 +0000
ROA not before: Sat 28 Feb 2026 05:50:43 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:18:71:11:07:7d:69:b6:5b:21:c5:ee:f5:0d:d5:e8:97:a4:cf:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:43 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f2c415239d3a972d3c27d275bea31e0ceac01617f073b3d5744b31af5e4a9729, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:24:fe:fd:a9:b9:25:d2:fc:3e:a6:46:a8:55:
7a:7c:3b:bc:f9:c9:0e:96:52:d6:ef:39:19:f5:dd:
f9:38:a8:7c:7e:6a:20:c9:bf:ef:a9:5e:d6:99:e1:
fc:1c:7c:58:b7:7f:cf:73:e8:6a:39:c5:6e:85:29:
8f:62:74:80:d0:7b:53:76:17:f0:1a:17:ab:a5:bb:
ef:12:98:df:31:53:2e:f0:07:7c:5d:a4:1e:0d:b3:
e8:52:41:53:48:50:8e:cd:f5:b3:a2:dd:fe:30:6c:
54:04:c7:dd:ef:b7:ed:25:62:ac:3f:89:82:07:9f:
12:51:94:49:55:b3:0a:5e:1f:6c:85:92:81:37:f6:
09:6f:f7:68:af:c7:3d:b4:bf:6a:15:38:75:71:f9:
d4:58:d6:ab:c8:8a:1e:14:a5:40:9f:0e:5a:11:b0:
4c:d9:f5:c0:3b:6e:19:99:44:63:ff:22:21:2c:e1:
ee:3c:24:8e:c2:bd:b6:57:46:b6:97:2b:b4:6b:10:
92:61:55:9c:8a:aa:13:dc:bf:09:92:a6:95:fe:a1:
3f:4b:ff:4f:eb:38:b7:5b:1e:b2:c0:04:08:ca:b3:
66:6e:ba:5d:74:13:f1:72:20:0d:b3:0e:96:8d:c0:
17:60:33:32:f5:ec:7e:e1:0f:4e:28:a1:b0:47:bc:
f1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:03:60:56:A5:97:12:8F:E8:5D:9D:70:D5:EE:02:58:7B:E8:39:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/40
Signature Algorithm: sha256WithRSAEncryption
57:a5:00:6f:eb:58:ff:f6:10:70:dd:af:5f:9c:0f:25:d7:1e:
56:d2:35:ac:6e:45:c3:70:16:4b:ec:60:9b:80:37:5f:97:85:
87:3b:32:9a:2d:eb:4e:12:2c:04:e1:4d:9b:63:35:94:f5:55:
10:8f:19:5d:7c:96:dd:fb:8a:a5:70:c3:18:a6:b5:ee:c0:d3:
98:ff:9b:00:af:c5:69:e8:ae:4c:f5:e2:75:55:dc:8e:92:5f:
3f:88:6d:46:75:cb:e9:b9:03:4d:8f:85:3f:59:dc:e0:87:b9:
a2:2e:7f:7b:da:3c:48:38:29:17:c1:60:49:d4:c1:93:10:43:
98:8c:cd:f2:bf:97:bd:ba:8d:69:90:1f:4f:1b:a5:e4:7b:5b:
81:e7:76:da:20:7f:a4:42:a1:1a:e6:40:48:cf:7d:e8:5d:e9:
ff:7a:e0:55:12:52:56:2f:c9:ca:c1:57:83:0d:6f:1b:d0:25:
09:a9:52:2d:5e:0d:ce:23:ff:1d:d3:f9:2a:6a:09:e0:e3:ea:
a6:4f:9d:3a:5f:d6:d6:3a:f8:00:58:fd:38:5f:8b:17:56:1a:
fd:86:f9:92:81:9e:d3:74:d7:cf:de:57:48:57:58:7d:ef:de:
41:65:26:9c:4e:d1:24:aa:18:25:d0:3a:3c:0a:33:a1:98:e1:
4a:cf:ea:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURRhxEQd9abZbIcXu9Q3V6JekzywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwNDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyYzQxNTIzOWQzYTk3MmQzYzI3ZDI3NWJlYTMxZTBjZWFjMDE2MTdmMDcz
YjNkNTc0NGIzMWFmNWU0YTk3MjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOck/v2puSXS/D6mRqhVenw7vPnJDpZS1u85GfXd+TiofH5qIMm/76le1pnh
/Bx8WLd/z3PoajnFboUpj2J0gNB7U3YX8BoXq6W77xKY3zFTLvAHfF2kHg2z6FJB
U0hQjs31s6Ld/jBsVATH3e+37SVirD+JggefElGUSVWzCl4fbIWSgTf2CW/3aK/H
PbS/ahU4dXH51FjWq8iKHhSlQJ8OWhGwTNn1wDtuGZlEY/8iISzh7jwkjsK9tldG
tpcrtGsQkmFVnIqqE9y/CZKmlf6hP0v/T+s4t1sessAECMqzZm66XXQT8XIgDbMO
lo3AF2AzMvXsfuEPTiihsEe88V8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRA2BW
pZcSj+hdnXDV7gJYe+g5IjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkyNTY1MzYtMGU5YS00MTc1LThhYzctYTBmYjk5MWViZmY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HbA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXpQBv61j/9hBw3a9fnA8l1x5W0jWsbkXDcBZL
7GCbgDdfl4WHOzKaLetOEiwE4U2bYzWU9VUQjxldfJbd+4qlcMMYprXuwNOY/5sA
r8Vp6K5M9eJ1VdyOkl8/iG1GdcvpuQNNj4U/Wdzgh7miLn972jxIOCkXwWBJ1MGT
EEOYjM3yv5e9uo1pkB9PG6Xke1uB53baIH+kQqEa5kBIz33oXen/euBVElJWL8nK
wVeDDW8b0CUJqVItXg3OI/8d0/kqagng4+qmT506X9bWOvgAWP04X4sXVhr9hvmS
gZ7TdNfP3ldIV1h9795BZSacTtEkqhgl0Do8CjOhmOFKz+qi
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:05 2026 by rpki-client