Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
File: ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa (raw, json)
Hash identifier: FTA1J8G9ZjLW4APxVhKbiM9MOxqS/Qt7MPjYZ0acOx0=
Subject key identifier: 31:F1:7B:AB:77:26:F5:8B:65:3B:90:BA:68:B2:F0:DC:D7:A2:35:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 637659D26E47370E6268B88EE834D9BAF2B1728F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
Signing time: Sat 28 Feb 2026 05:20:25 +0000
ROA not before: Sat 28 Feb 2026 05:20:25 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:76:59:d2:6e:47:37:0e:62:68:b8:8e:e8:34:d9:ba:f2:b1:72:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:25 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5d7da5b6b6da886ff16848fc377da9e806a9b373a0ccf0937de856d108cb9328, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3f:8e:42:c4:cb:04:d1:b4:85:3e:23:fa:94:
88:04:cd:cc:46:ad:01:90:84:2c:03:b7:75:ce:be:
47:71:81:9d:43:97:7b:0f:63:cb:49:bc:21:86:3e:
ae:a6:d4:f2:09:51:c0:ff:18:32:e9:fc:d6:8e:83:
61:b9:5f:fa:08:ff:dd:01:f4:96:76:de:a5:ca:8f:
ba:31:96:e2:63:a1:bf:db:de:74:67:4c:ea:a0:b6:
24:7c:a5:5b:52:d5:6a:58:de:76:18:48:00:9f:fb:
18:e6:e1:3c:85:86:8e:59:85:32:5d:5a:f4:00:36:
08:ec:64:4c:b1:c1:91:54:ab:5b:70:b0:87:75:fc:
cd:c8:0d:1d:41:73:e0:50:ac:92:40:8a:ae:f2:f5:
78:63:a2:47:0b:d1:4a:c5:93:5d:d5:62:0f:c3:8b:
36:72:52:21:97:84:0f:80:67:d9:1d:ca:ce:4c:36:
2b:2a:cf:0c:c4:14:dc:39:6c:aa:14:ce:11:3e:1e:
77:ca:8d:3c:43:aa:24:5c:6d:63:d7:81:5d:f3:23:
87:ba:95:a1:ce:97:c2:e5:86:82:b3:43:16:3d:d0:
c2:bf:29:c2:97:8f:18:03:b0:5b:ac:90:64:a1:8d:
76:aa:dd:35:43:23:47:46:ea:f6:d7:ff:83:a2:6e:
8d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F1:7B:AB:77:26:F5:8B:65:3B:90:BA:68:B2:F0:DC:D7:A2:35:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:2000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:18:e2:9e:f1:d6:f6:ab:9a:36:b6:d7:c7:6e:5b:47:9d:de:
ed:13:c4:ff:16:c9:7b:e0:66:20:46:00:3a:99:7b:ec:8a:11:
2a:0f:0e:16:68:0f:56:c3:dd:14:33:c4:c5:34:30:84:44:bd:
a6:96:d4:58:0b:bf:e8:ca:17:e2:72:9d:ee:7c:ba:8e:dc:3d:
d5:cf:9d:e5:a1:91:eb:76:2b:87:59:1f:ac:ec:51:e2:e8:72:
fe:10:e2:64:d8:64:21:38:95:11:a3:b3:c2:12:d9:7e:4b:38:
40:78:4b:b5:fa:9f:8c:6f:0e:80:42:45:29:a8:29:1a:95:6f:
54:ee:42:db:c2:f1:32:2d:ee:ce:16:85:4d:95:bf:85:e2:b7:
07:0e:b3:6c:0f:60:a7:81:49:56:79:df:ca:3f:ef:a2:e5:72:
86:e5:c3:a0:58:8e:cc:d5:82:66:1c:5f:25:26:0c:de:23:6a:
9e:fc:e2:88:19:37:ca:96:f3:2d:52:23:6c:5f:9a:37:73:e4:
9c:f5:cd:af:43:d1:5e:26:0e:65:0e:f8:52:9c:b5:44:5e:f1:
9d:14:fb:c7:7e:24:13:d3:bd:c7:5e:2b:22:95:8d:7d:b2:13:
f4:24:87:86:3f:2b:b7:22:8b:4f:22:f8:5d:f5:97:7e:93:26:
89:47:c1:ea
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY3ZZ0m5HNw5iaLiO6DTZuvKxco8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMjVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkN2RhNWI2YjZkYTg4NmZmMTY4NDhmYzM3N2RhOWU4MDZhOWIzNzNhMGNj
ZjA5MzdkZTg1NmQxMDhjYjkzMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs/jkLEywTRtIU+I/qUiATNzEatAZCELAO3dc6+R3GBnUOXew9jy0m8IYY+
rqbU8glRwP8YMun81o6DYblf+gj/3QH0lnbepcqPujGW4mOhv9vedGdM6qC2JHyl
W1LValjedhhIAJ/7GObhPIWGjlmFMl1a9AA2COxkTLHBkVSrW3Cwh3X8zcgNHUFz
4FCskkCKrvL1eGOiRwvRSsWTXdViD8OLNnJSIZeED4Bn2R3Kzkw2KyrPDMQU3Dls
qhTOET4ed8qNPEOqJFxtY9eBXfMjh7qVoc6XwuWGgrNDFj3Qwr8pwpePGAOwW6yQ
ZKGNdqrdNUMjR0bq9tf/g6JujSMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQx8Xur
dyb1i2U7kLposvDc16I1mTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2U1NzdiYTItZDJhYy00ZTJhLWE0ZjktZWEzN2U5ZDU2OTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0g
MA0GCSqGSIb3DQEBCwUAA4IBAQAaGOKe8db2q5o2ttfHbltHnd7tE8T/Fsl74GYg
RgA6mXvsihEqDw4WaA9Ww90UM8TFNDCERL2mltRYC7/oyhficp3ufLqO3D3Vz53l
oZHrdiuHWR+s7FHi6HL+EOJk2GQhOJURo7PCEtl+SzhAeEu1+p+Mbw6AQkUpqCka
lW9U7kLbwvEyLe7OFoVNlb+F4rcHDrNsD2CngUlWed/KP++i5XKG5cOgWI7M1YJm
HF8lJgzeI2qe/OKIGTfKlvMtUiNsX5o3c+Sc9c2vQ9FeJg5lDvhSnLVEXvGdFPvH
fiQT073HXisilY19shP0JIeGPyu3IotPIvhd9Zd+kyaJR8Hq
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:41:10 2026 by rpki-client