Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
File: caeeaf61-b927-4d38-b398-1efb2c05d49e.roa (raw, json)
Hash identifier: eNUOIpoJ9MWH/va+Hv2t0SiYpf3+sNPGZpA8vXM9XQo=
Subject key identifier: 7D:E1:A8:A5:B6:11:8B:56:B7:70:15:C5:27:99:AF:90:30:3F:97:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4267353E2941BE89CB5B6343E5CD354B02BF8470
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
Signing time: Thu 26 Feb 2026 02:10:08 +0000
ROA not before: Thu 26 Feb 2026 02:10:08 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:67:35:3e:29:41:be:89:cb:5b:63:43:e5:cd:35:4b:02:bf:84:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:10:08 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=7512e0e86fcc644dddd2ac7db420210041f9c7b4d1326f1d9785b9ff0b211dd9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0a:75:3f:09:05:77:2e:f9:7d:25:13:4f:06:
f2:b4:69:3a:ff:aa:4b:a4:3d:36:5f:da:9e:dd:38:
7d:33:83:d7:b8:86:46:69:87:6d:cc:f2:87:83:7f:
92:b1:eb:a6:ea:5c:9f:e7:e5:2e:db:27:db:86:af:
37:9c:cd:e3:12:ec:de:d5:c0:77:1f:29:2f:15:32:
32:bf:f2:c9:fa:88:71:3f:d2:a5:86:0b:66:e4:44:
2f:6f:81:1e:dd:69:a9:67:72:ef:08:4f:1e:f8:a5:
b9:a9:ec:af:47:f8:84:83:77:dd:c5:41:d9:f2:d5:
79:ba:55:c8:78:cd:86:fc:b1:99:78:c4:4b:8e:c3:
57:1f:b4:9d:54:2a:1e:ff:2d:75:e2:37:f5:49:00:
e7:0c:96:86:8d:41:5f:74:79:6f:29:30:96:5e:c2:
6a:b4:6b:ba:78:62:66:75:d9:6e:15:ce:2d:3e:2c:
60:7c:49:54:70:f0:ef:b4:ce:b2:29:18:98:89:be:
cc:d8:79:10:89:5e:ae:58:8f:88:90:7b:1a:74:db:
f1:0d:d4:6e:68:ed:e9:53:a2:78:14:a9:b9:2f:4c:
99:10:b3:15:dc:3a:0b:0c:d0:4b:9b:4b:e8:df:1a:
2d:1d:fc:df:2d:a3:57:1b:26:95:9e:3a:c9:60:47:
49:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E1:A8:A5:B6:11:8B:56:B7:70:15:C5:27:99:AF:90:30:3F:97:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:800::/40
Signature Algorithm: sha256WithRSAEncryption
9b:4c:ee:cb:ba:42:d9:69:67:ac:8c:b2:05:a8:54:47:f8:11:
35:5e:f6:75:79:39:1a:2c:04:ae:c7:07:97:56:73:67:44:3f:
6f:80:c3:6d:9e:4b:03:44:d3:a4:33:6a:c6:80:15:8d:00:87:
4e:2d:53:ee:34:a7:9a:c0:67:bf:89:f5:ae:39:46:72:65:64:
65:48:30:56:a3:74:63:51:a5:fa:32:15:ec:e9:17:fa:e6:42:
38:d0:a6:82:45:61:55:9f:0e:7e:e9:81:3d:da:67:be:c8:f8:
4a:c9:85:d8:82:21:f5:37:70:2c:9c:6c:23:54:e6:34:43:6b:
89:8b:51:0b:5b:35:58:f3:8e:24:df:86:61:0c:23:40:a4:f8:
5f:05:34:fa:7e:47:1d:9d:7e:7f:6e:9f:d3:de:83:bb:a7:27:
33:f6:68:cb:86:b6:9b:77:76:ee:1a:c1:0a:12:98:ad:fb:0c:
7f:f8:56:00:de:57:c4:d3:da:4e:31:f4:cf:e1:c8:93:91:ac:
33:e6:11:62:6b:59:10:0a:6e:05:65:a3:0e:da:46:4d:f6:44:
c4:e2:a5:7c:60:28:bd:bd:8e:eb:88:cb:d4:54:b1:b4:c3:ef:
d0:a2:4c:d8:f9:d4:8d:97:2c:85:25:9d:a0:3e:0a:98:3e:f2:
52:9c:76:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQmc1PilBvonLW2ND5c01SwK/hHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjEwMDhaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1MTJlMGU4NmZjYzY0NGRkZGQyYWM3ZGI0MjAyMTAwNDFmOWM3YjRkMTMy
NmYxZDk3ODViOWZmMGIyMTFkZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAKdT8JBXcu+X0lE08G8rRpOv+qS6Q9Nl/ant04fTOD17iGRmmHbczyh4N/
krHrpupcn+flLtsn24avN5zN4xLs3tXAdx8pLxUyMr/yyfqIcT/SpYYLZuREL2+B
Ht1pqWdy7whPHviluansr0f4hIN33cVB2fLVebpVyHjNhvyxmXjES47DVx+0nVQq
Hv8tdeI39UkA5wyWho1BX3R5bykwll7CarRrunhiZnXZbhXOLT4sYHxJVHDw77TO
sikYmIm+zNh5EIlerliPiJB7GnTb8Q3Ubmjt6VOieBSpuS9MmRCzFdw6CwzQS5tL
6N8aLR383y2jVxsmlZ46yWBHSb0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR94ail
thGLVrdwFcUnma+QMD+XiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FlZWFmNjEtYjkyNy00ZDM4LWIzOTgtMWVmYjJjMDVkNDllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgI
MA0GCSqGSIb3DQEBCwUAA4IBAQCbTO7LukLZaWesjLIFqFRH+BE1XvZ1eTkaLASu
xweXVnNnRD9vgMNtnksDRNOkM2rGgBWNAIdOLVPuNKeawGe/ifWuOUZyZWRlSDBW
o3RjUaX6MhXs6Rf65kI40KaCRWFVnw5+6YE92me+yPhKyYXYgiH1N3AsnGwjVOY0
Q2uJi1ELWzVY844k34ZhDCNApPhfBTT6fkcdnX5/bp/T3oO7pycz9mjLhrabd3bu
GsEKEpit+wx/+FYA3lfE09pOMfTP4ciTkawz5hFia1kQCm4FZaMO2kZN9kTE4qV8
YCi9vY7riMvUVLG0w+/QokzY+dSNlyyFJZ2gPgqYPvJSnHZA
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:17 2026 by rpki-client