Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
File: d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa (raw, json)
Hash identifier: 1EQCDwTjEMtdE2KkbYvvU3XejVTaVRW1WaAzSkQ2llI=
Subject key identifier: E2:33:AF:12:94:47:4A:F1:EC:19:5B:1A:F7:66:20:66:29:97:3D:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77A6A28E7C179E1B4E6B6D36151BAC5E52898C49
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
Signing time: Fri 06 Feb 2026 00:40:11 +0000
ROA not before: Fri 06 Feb 2026 00:40:11 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:a6:a2:8e:7c:17:9e:1b:4e:6b:6d:36:15:1b:ac:5e:52:89:8c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:40:11 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=ad3f4f29cf4474af09fab0054f5e78cdc96c20103d91b77cbd98af0afadaeb9b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:92:62:ed:6f:25:01:ea:04:e2:bd:6f:72:55:
6b:aa:04:f2:59:42:77:f0:9b:05:28:e3:61:bd:4c:
ae:52:f3:39:7b:dc:af:f1:6c:f4:53:2b:3a:d7:42:
30:f5:6f:af:8d:b1:ae:e9:29:e0:f8:c5:99:60:a4:
a8:2d:f7:b9:87:97:d0:ad:ab:47:21:f7:0c:d5:34:
4c:04:ca:3f:fe:fd:cc:30:86:d0:ab:61:85:27:1e:
f9:cf:48:60:9c:dc:fe:7b:40:1f:f5:11:b2:6e:68:
2b:98:87:a4:ba:44:59:2f:76:ce:45:39:06:6e:8a:
50:c5:8c:bb:8a:e2:2b:38:64:cb:57:f2:8e:fd:c7:
f3:15:f0:12:35:8b:e7:1e:67:82:e7:15:10:63:70:
b2:e8:89:bb:a5:97:bf:25:2e:e7:ee:dc:b4:63:f7:
55:8a:9d:e3:47:5e:9e:05:3d:ef:fa:d2:87:85:05:
bc:c7:5c:64:53:0b:6c:17:e9:7a:0b:73:df:e0:6d:
68:f5:22:4b:12:5e:58:d9:6a:32:1f:a3:0a:5d:e3:
a5:9b:74:45:8d:1e:c7:4f:a3:90:78:10:7e:9d:70:
ed:6a:52:8a:23:91:60:1b:65:f7:fb:d3:54:c5:c8:
a4:01:f3:9d:c4:8f:f2:4f:d7:90:95:b8:39:be:88:
8f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:33:AF:12:94:47:4A:F1:EC:19:5B:1A:F7:66:20:66:29:97:3D:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/37
Signature Algorithm: sha256WithRSAEncryption
b9:a9:27:d9:b4:83:27:2d:fb:27:64:5d:33:5f:12:8a:42:b8:
69:43:77:53:ee:7f:29:de:bf:ae:d7:11:b3:6f:52:db:5b:94:
a1:b9:d8:26:be:fb:5f:67:05:c9:de:1b:af:8d:a7:48:0b:c4:
fb:2c:72:2a:9c:1c:18:cc:d7:93:dc:54:57:8f:c2:d3:49:93:
3c:2f:d2:93:32:67:ce:ef:63:76:61:11:da:b0:23:5f:e7:be:
20:77:d9:f9:fc:b5:97:25:f8:9e:6f:ef:5e:5a:91:af:b2:25:
79:96:64:f5:1d:79:4c:9b:29:f9:da:a4:c4:bd:00:6b:00:0d:
34:06:10:b7:9f:c1:76:5c:ca:7b:28:e8:b6:56:61:f5:09:09:
df:68:fd:85:5d:63:77:c9:46:a1:85:8d:44:30:be:e2:03:e5:
b7:8e:62:24:12:ae:a6:c5:82:24:1e:67:3c:52:67:0c:d2:0f:
97:fa:f7:db:40:af:c8:a8:1a:18:47:09:3d:9b:dc:b9:66:c8:
27:f1:99:42:88:f6:3c:fb:3d:f9:fd:7d:fa:31:7d:3a:91:3f:
f8:36:bc:c2:0a:04:c2:6a:a8:ed:7a:12:49:26:ec:e3:ac:37:
e9:35:cd:ac:f8:91:ef:58:67:97:13:9d:e7:e4:91:10:23:ca:
13:62:ab:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd6aijnwXnhtOa202FRusXlKJjEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDQwMTFaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkM2Y0ZjI5Y2Y0NDc0YWYwOWZhYjAwNTRmNWU3OGNkYzk2YzIwMTAzZDkx
Yjc3Y2JkOThhZjBhZmFkYWViOWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOSYu1vJQHqBOK9b3JVa6oE8llCd/CbBSjjYb1MrlLzOXvcr/Fs9FMrOtdC
MPVvr42xrukp4PjFmWCkqC33uYeX0K2rRyH3DNU0TATKP/79zDCG0KthhSce+c9I
YJzc/ntAH/URsm5oK5iHpLpEWS92zkU5Bm6KUMWMu4riKzhky1fyjv3H8xXwEjWL
5x5ngucVEGNwsuiJu6WXvyUu5+7ctGP3VYqd40dengU97/rSh4UFvMdcZFMLbBfp
egtz3+BtaPUiSxJeWNlqMh+jCl3jpZt0RY0ex0+jkHgQfp1w7WpSiiORYBtl9/vT
VMXIpAHzncSP8k/XkJW4Ob6Ij98CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTiM68S
lEdK8ewZWxr3ZiBmKZc9+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJjZjQ3NmMtOWYzOS00ZWE4LWE2ZDUtNzlhODJjNGE0ZGZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0C8A
MA0GCSqGSIb3DQEBCwUAA4IBAQC5qSfZtIMnLfsnZF0zXxKKQrhpQ3dT7n8p3r+u
1xGzb1LbW5ShudgmvvtfZwXJ3huvjadIC8T7LHIqnBwYzNeT3FRXj8LTSZM8L9KT
MmfO72N2YRHasCNf574gd9n5/LWXJfieb+9eWpGvsiV5lmT1HXlMmyn52qTEvQBr
AA00BhC3n8F2XMp7KOi2VmH1CQnfaP2FXWN3yUahhY1EML7iA+W3jmIkEq6mxYIk
Hmc8UmcM0g+X+vfbQK/IqBoYRwk9m9y5Zsgn8ZlCiPY8+z35/X36MX06kT/4NrzC
CgTCaqjtehJJJuzjrDfpNc2s+JHvWGeXE53n5JEQI8oTYqsi
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:10 2026 by rpki-client