Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
File: cb352ba2-1c61-4993-802d-895dc73880c2.roa (raw, json)
Hash identifier: LtJIpe0GdTxSca3BaWsZcss6WFxPnpvji36jtUDnnW0=
Subject key identifier: 64:C3:1C:85:7D:78:03:29:72:9D:C3:8D:10:13:9A:86:3B:8E:68:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A5933C165BED242F790F6BFAF98183562F47792
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
Signing time: Thu 26 Feb 2026 02:00:15 +0000
ROA not before: Thu 26 Feb 2026 02:00:15 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:59:33:c1:65:be:d2:42:f7:90:f6:bf:af:98:18:35:62:f4:77:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:00:15 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=dbb11b6214d099a3e938d2dbd435e34b1cb108bbdd62c13bbea14c3e83e4a2b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:23:29:79:64:1c:0b:8b:b7:02:dc:e9:ba:9d:
dd:1c:4c:35:40:1c:10:6e:f0:b9:e9:9c:18:b1:35:
97:73:ad:fa:fe:c6:90:01:14:7e:91:87:72:b2:4e:
08:85:b9:a5:26:c4:a4:c0:f8:40:0a:37:d0:03:7d:
e7:9f:da:fa:fe:24:d0:34:06:e9:eb:0c:6d:2d:ae:
88:c7:1a:30:a2:92:9a:05:40:d3:92:25:fe:17:45:
95:1f:fe:4f:a0:9d:db:72:3f:4b:63:a1:40:fa:e7:
be:f4:e5:b4:7b:4f:3d:82:6e:c8:bd:a6:5b:57:c1:
f3:2d:b7:d3:d3:1d:e3:f7:52:c2:52:74:a1:03:c3:
68:8c:18:45:67:1f:02:72:58:b5:7d:51:be:a4:23:
ff:9b:c3:56:3b:16:0b:59:01:ea:e8:f2:66:ab:0c:
1e:ac:57:16:5c:c0:db:5c:86:47:26:b4:12:86:26:
d6:79:f0:71:47:c9:46:43:ba:4c:2b:0e:38:25:96:
14:88:15:61:ab:d9:da:9f:0c:d2:7d:13:26:8a:18:
40:3a:92:74:d6:c9:c9:52:85:b4:8d:45:e7:de:cd:
e4:77:a4:23:fe:0e:19:b3:af:18:a3:d2:11:ac:51:
d5:98:4b:ee:f5:bc:d0:24:8a:4d:2a:cd:70:45:ed:
b0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C3:1C:85:7D:78:03:29:72:9D:C3:8D:10:13:9A:86:3B:8E:68:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:800::/40
Signature Algorithm: sha256WithRSAEncryption
23:8e:6c:3c:30:19:ff:ae:cc:43:bf:2f:76:56:ea:b9:c6:6d:
65:40:18:7f:c1:ab:5a:88:79:c0:3f:b1:76:c2:3f:a0:23:1f:
df:b4:f7:d8:5b:aa:be:64:c9:55:d8:79:e3:fa:91:fe:39:65:
22:b9:4f:dc:5b:bd:fc:0d:2d:22:b7:0e:58:5c:bd:b0:7b:de:
53:63:54:d2:5c:10:22:ef:ea:5f:5e:23:39:4f:7b:de:ae:55:
b2:bf:e4:4d:52:24:cf:28:af:94:73:b1:17:88:2c:43:cf:d2:
5b:a1:3a:c8:0d:05:b9:67:21:2c:f5:25:a4:8d:e3:9b:6a:52:
0f:bf:9e:12:a1:04:87:eb:dc:ef:b1:4d:04:1b:30:51:db:02:
19:a3:fb:0e:c4:8d:f2:e2:ac:2d:d9:06:74:94:c4:2c:ce:9e:
dd:5c:8e:b2:54:a5:f2:62:11:96:a0:00:17:f2:f0:71:da:52:
96:b2:d3:8d:9c:e1:09:98:9a:35:e7:c8:dd:a4:70:e8:64:99:
99:2c:a1:5b:2c:5a:45:e1:20:e9:32:cc:60:12:e1:08:a8:10:
04:c6:bc:55:bf:f8:34:b5:3e:fa:d4:d3:f9:75:57:11:08:2a:
f6:67:4d:29:0e:80:f0:8f:0e:78:25:05:69:1f:5d:92:fc:f6:
0f:d1:24:a7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUalkzwWW+0kL3kPa/r5gYNWL0d5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjAwMTVaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiYjExYjYyMTRkMDk5YTNlOTM4ZDJkYmQ0MzVlMzRiMWNiMTA4YmJkZDYy
YzEzYmJlYTE0YzNlODNlNGEyYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUjKXlkHAuLtwLc6bqd3RxMNUAcEG7wuemcGLE1l3Ot+v7GkAEUfpGHcrJO
CIW5pSbEpMD4QAo30AN955/a+v4k0DQG6esMbS2uiMcaMKKSmgVA05Il/hdFlR/+
T6Cd23I/S2OhQPrnvvTltHtPPYJuyL2mW1fB8y2309Md4/dSwlJ0oQPDaIwYRWcf
AnJYtX1RvqQj/5vDVjsWC1kB6ujyZqsMHqxXFlzA21yGRya0EoYm1nnwcUfJRkO6
TCsOOCWWFIgVYavZ2p8M0n0TJooYQDqSdNbJyVKFtI1F597N5HekI/4OGbOvGKPS
EaxR1ZhL7vW80CSKTSrNcEXtsCsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRkwxyF
fXgDKXKdw40QE5qGO45oZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2IzNTJiYTItMWM2MS00OTkzLTgwMmQtODk1ZGM3Mzg4MGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYI
MA0GCSqGSIb3DQEBCwUAA4IBAQAjjmw8MBn/rsxDvy92Vuq5xm1lQBh/wataiHnA
P7F2wj+gIx/ftPfYW6q+ZMlV2Hnj+pH+OWUiuU/cW738DS0itw5YXL2we95TY1TS
XBAi7+pfXiM5T3verlWyv+RNUiTPKK+Uc7EXiCxDz9JboTrIDQW5ZyEs9SWkjeOb
alIPv54SoQSH69zvsU0EGzBR2wIZo/sOxI3y4qwt2QZ0lMQszp7dXI6yVKXyYhGW
oAAX8vBx2lKWstONnOEJmJo158jdpHDoZJmZLKFbLFpF4SDpMsxgEuEIqBAExrxV
v/g0tT761NP5dVcRCCr2Z00pDoDwjw54JQVpH12S/PYP0SSn
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:11 2026 by rpki-client