Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
File: ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa (raw, json)
Hash identifier: T/Nwyr7uI0z4in1oryqGHMVHnb29ijF1Qkta0AXm3xA=
Subject key identifier: C3:15:63:B2:4B:A1:FA:9A:07:82:1D:18:73:C4:0D:93:D5:B8:6A:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D8F8A877ED0A94683B9810946E38B013AFBA1F0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
Signing time: Sat 28 Feb 2026 05:41:30 +0000
ROA not before: Sat 28 Feb 2026 05:41:30 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:8f:8a:87:7e:d0:a9:46:83:b9:81:09:46:e3:8b:01:3a:fb:a1:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:30 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=0095a30fe4cbf67c7197b1046b57fce1f8ba12acd1cd8b6d017cc35961971440, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:68:66:38:f3:c3:60:60:8b:6a:4a:98:b3:22:
8e:f2:28:9b:f9:ca:3a:99:11:6c:94:15:62:6b:38:
f7:1a:38:a1:63:02:4c:4d:5f:4a:dd:fc:b9:3a:05:
a1:db:bd:f6:fa:18:aa:3a:e8:13:c5:00:f2:31:e9:
eb:31:f0:e7:55:54:a5:94:df:49:ed:40:27:1a:71:
5e:a9:d7:1c:de:6c:08:fa:cc:fc:45:f6:53:97:7e:
de:c8:9a:27:41:0b:fc:50:a6:b2:79:f7:06:dd:31:
c0:91:1a:fb:28:2b:2a:9f:02:cf:bc:03:d8:ae:c1:
30:11:6a:05:dc:77:0f:54:73:76:d5:c2:21:d4:68:
60:f0:d3:7a:20:0f:4c:e2:6d:26:9d:6b:16:d9:39:
20:57:4a:46:6e:1c:4b:b1:06:32:9d:bc:1b:3d:d2:
bd:54:b8:a1:c4:05:ae:36:51:e5:d1:cb:1c:15:e6:
d5:d8:6c:2f:19:2c:07:15:ab:d2:a9:a2:dd:ab:ef:
9e:d7:44:b5:b6:73:ee:24:c6:23:bc:39:90:e7:33:
b7:bb:70:4b:8e:01:8a:cb:76:8b:26:7c:0e:03:5d:
60:9b:b3:4a:f4:5e:d3:30:38:1d:e5:ca:a7:02:9b:
28:8c:c9:ea:30:96:08:a3:d1:99:e4:3f:d7:d2:81:
ca:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:15:63:B2:4B:A1:FA:9A:07:82:1D:18:73:C4:0D:93:D5:B8:6A:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
26:60:78:a6:a1:89:fa:0f:af:e4:45:62:60:ab:0e:c7:0c:f2:
a4:d4:3e:3e:75:f6:30:aa:37:13:0e:94:04:47:46:bd:a2:1f:
54:77:7e:b0:a6:2b:5a:8e:77:7b:f9:10:2c:f0:90:50:98:f9:
70:28:d6:10:34:a3:d0:f9:f9:33:eb:71:c2:14:ff:79:e8:39:
55:71:67:5f:9e:08:73:45:9c:c6:66:46:1b:98:4c:3a:a8:93:
5f:c8:2f:72:93:2c:55:3a:b9:40:7d:17:aa:31:8b:dd:11:f6:
96:58:c3:4f:b2:40:1e:ee:3c:11:02:18:f0:13:ff:f3:7b:04:
2e:47:ee:34:70:89:9f:a0:41:63:91:4c:55:a5:20:b8:39:3c:
04:31:f4:13:5f:c7:f9:1d:94:c3:f5:4e:2d:35:e0:fe:ba:7d:
21:ab:c7:be:5f:3d:9e:69:88:23:92:f7:74:50:e0:75:a1:f1:
94:e8:f5:80:88:e4:f7:b1:e7:82:4f:1c:01:42:29:78:79:8b:
1b:43:27:6e:1b:07:84:e2:c0:b1:eb:51:b4:28:51:b5:03:ba:
72:1d:41:71:54:e0:54:30:f8:ae:6f:6d:8c:6b:20:01:1e:e4:
54:7b:2a:a5:ac:20:a9:f0:b5:e9:50:72:25:9f:ce:95:2d:87:
df:78:ae:51
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXY+Kh37QqUaDuYEJRuOLATr7ofAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMzBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwOTVhMzBmZTRjYmY2N2M3MTk3YjEwNDZiNTdmY2UxZjhiYTEyYWNkMWNk
OGI2ZDAxN2NjMzU5NjE5NzE0NDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFoZjjzw2Bgi2pKmLMijvIom/nKOpkRbJQVYms49xo4oWMCTE1fSt38uToF
odu99voYqjroE8UA8jHp6zHw51VUpZTfSe1AJxpxXqnXHN5sCPrM/EX2U5d+3sia
J0EL/FCmsnn3Bt0xwJEa+ygrKp8Cz7wD2K7BMBFqBdx3D1RzdtXCIdRoYPDTeiAP
TOJtJp1rFtk5IFdKRm4cS7EGMp28Gz3SvVS4ocQFrjZR5dHLHBXm1dhsLxksBxWr
0qmi3avvntdEtbZz7iTGI7w5kOczt7twS44Bist2iyZ8DgNdYJuzSvRe0zA4HeXK
pwKbKIzJ6jCWCKPRmeQ/19KByt8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDFWOy
S6H6mgeCHRhzxA2T1bhqWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzZjRkMTEtZGM2Yi00YTgyLWJlNjEtNjhmMWQ3ODM4ZjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAmYHimoYn6D6/kRWJgqw7HDPKk1D4+dfYwqjcT
DpQER0a9oh9Ud36wpitajnd7+RAs8JBQmPlwKNYQNKPQ+fkz63HCFP956DlVcWdf
nghzRZzGZkYbmEw6qJNfyC9ykyxVOrlAfReqMYvdEfaWWMNPskAe7jwRAhjwE//z
ewQuR+40cImfoEFjkUxVpSC4OTwEMfQTX8f5HZTD9U4tNeD+un0hq8e+Xz2eaYgj
kvd0UOB1ofGU6PWAiOT3seeCTxwBQil4eYsbQyduGweE4sCx61G0KFG1A7pyHUFx
VOBUMPiub22MayABHuRUeyqlrCCp8LXpUHIln86VLYffeK5R
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:52 2026 by rpki-client