Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
File: cda3712d-34a6-428d-a694-19bab377c44e.roa (raw, json)
Hash identifier: syzu97kgeAXThfyxB8ILlw6lOwSr33yBN4xHTebap0Q=
Subject key identifier: FE:91:F8:36:42:67:BD:3C:A1:B9:3B:AB:F6:97:A5:70:3B:6D:F1:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F4C08264827E0B678E937C18AE412BCF662503D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
Signing time: Sat 28 Feb 2026 06:00:55 +0000
ROA not before: Sat 28 Feb 2026 06:00:55 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:4c:08:26:48:27:e0:b6:78:e9:37:c1:8a:e4:12:bc:f6:62:50:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:55 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7a155db89cfe14b75cfabb217b27c078b9ff51140f49deda5267d04fece15fa5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f4:c1:af:38:b0:59:d3:6a:8f:6f:14:92:29:
08:92:22:2b:2f:ac:44:fc:a9:b8:3a:61:a7:01:3f:
5e:6f:a9:fb:c8:c3:48:ae:86:aa:35:68:5d:e4:a3:
81:04:47:d0:b0:d7:b2:e6:89:b2:22:5f:ca:5b:27:
bb:20:c3:81:61:65:16:4b:aa:ea:9c:58:d5:49:06:
b5:7b:2d:be:5b:cd:26:74:a6:53:74:7d:9c:33:fa:
15:c4:54:f8:2a:b2:64:42:0f:da:e3:f7:42:68:e9:
65:34:51:99:5b:48:e5:20:a7:d8:8f:6c:0f:03:cd:
80:5d:2c:8a:46:c7:12:0e:58:0e:a8:50:a1:94:c9:
06:99:70:31:7a:d6:aa:36:4f:af:ba:a0:33:13:8e:
c1:bd:17:37:fb:6a:61:78:99:f8:19:da:d2:5d:fd:
16:58:c5:ac:43:93:55:fe:be:14:e2:ca:27:04:4f:
da:88:4f:46:60:4b:e8:ec:0b:bd:2f:cc:b9:5c:3d:
74:a1:09:4d:90:a7:5f:06:79:08:5c:0f:76:c3:f6:
f9:64:1d:af:5d:27:f3:0b:d4:00:4f:da:fa:4c:eb:
0d:35:3b:33:d7:2e:32:ad:e6:6a:30:2d:21:21:9d:
44:5d:d4:02:f2:c7:0f:00:78:53:25:21:87:3d:66:
f9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:91:F8:36:42:67:BD:3C:A1:B9:3B:AB:F6:97:A5:70:3B:6D:F1:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/38
Signature Algorithm: sha256WithRSAEncryption
37:f9:4b:b4:6e:41:9e:da:d0:6f:a4:9f:e1:b1:97:5f:a0:c3:
9d:cc:b7:b2:f9:eb:f4:64:93:92:19:55:65:d2:9d:a2:fe:86:
21:d8:b0:8e:1a:9c:15:47:fb:b9:bb:36:ed:f5:23:ce:11:44:
cb:29:85:a1:fc:ef:6d:93:6a:83:17:6f:1a:7f:b8:44:3a:35:
02:e6:b7:4d:7d:3a:ed:fa:f4:7d:f0:eb:9e:e1:fb:a0:e9:9e:
cf:5d:cd:4e:de:54:82:30:df:08:d4:dd:5d:d9:c0:22:39:9c:
d6:82:4a:89:0b:a3:15:a9:64:8a:58:5b:6c:19:6b:21:c2:c1:
8e:b8:f3:8e:9e:a4:1d:5e:1c:7c:1a:97:e8:4b:af:44:1d:78:
4d:5b:a1:5b:3c:01:66:c1:5b:03:d9:a8:b5:4a:08:f9:fc:ce:
0f:af:36:c5:1e:9d:92:61:07:6a:83:7e:b6:c6:9c:ee:09:1c:
83:6c:3a:1c:49:7e:61:5e:f8:9a:ad:b3:eb:0f:c9:00:c9:a8:
fe:d0:8f:f6:da:7d:cc:88:86:97:d2:8c:5f:4f:34:f1:b7:da:
c5:bb:b0:96:d2:10:11:81:04:20:9a:c5:8f:3e:36:85:ff:b4:
9b:3d:f9:98:cb:d4:4f:0e:d9:a4:ac:50:a3:ca:cf:b1:b5:27:
97:2a:79:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD0wIJkgn4LZ46TfBiuQSvPZiUD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNTVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhMTU1ZGI4OWNmZTE0Yjc1Y2ZhYmIyMTdiMjdjMDc4YjlmZjUxMTQwZjQ5
ZGVkYTUyNjdkMDRmZWNlMTVmYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOz0wa84sFnTao9vFJIpCJIiKy+sRPypuDphpwE/Xm+p+8jDSK6GqjVoXeSj
gQRH0LDXsuaJsiJfylsnuyDDgWFlFkuq6pxY1UkGtXstvlvNJnSmU3R9nDP6FcRU
+CqyZEIP2uP3QmjpZTRRmVtI5SCn2I9sDwPNgF0sikbHEg5YDqhQoZTJBplwMXrW
qjZPr7qgMxOOwb0XN/tqYXiZ+Bna0l39FljFrEOTVf6+FOLKJwRP2ohPRmBL6OwL
vS/MuVw9dKEJTZCnXwZ5CFwPdsP2+WQdr10n8wvUAE/a+kzrDTU7M9cuMq3majAt
ISGdRF3UAvLHDwB4UyUhhz1m+WsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+kfg2
Qme9PKG5O6v2l6VwO23xhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhMzcxMmQtMzRhNi00MjhkLWE2OTQtMTliYWIzNzdjNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQA3+Uu0bkGe2tBvpJ/hsZdfoMOdzLey+ev0ZJOS
GVVl0p2i/oYh2LCOGpwVR/u5uzbt9SPOEUTLKYWh/O9tk2qDF28af7hEOjUC5rdN
fTrt+vR98Oue4fug6Z7PXc1O3lSCMN8I1N1d2cAiOZzWgkqJC6MVqWSKWFtsGWsh
wsGOuPOOnqQdXhx8GpfoS69EHXhNW6FbPAFmwVsD2ai1Sgj5/M4PrzbFHp2SYQdq
g362xpzuCRyDbDocSX5hXviarbPrD8kAyaj+0I/22n3MiIaX0oxfTzTxt9rFu7CW
0hARgQQgmsWPPjaF/7SbPfmYy9RPDtmkrFCjys+xtSeXKnmL
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:27 2026 by rpki-client