Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
File: d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa (raw, json)
Hash identifier: AT+jStxPu2rHOAMRvuNYiO/j4NEbJy2uJoWtro8RzP4=
Subject key identifier: 96:56:EC:B7:B0:AA:1F:EC:D5:52:D9:3A:9A:11:CB:05:7E:C1:CB:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11DAFFBE1EED534DA0951AE575A0E5A8B52EB06D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
Signing time: Fri 06 Feb 2026 00:40:10 +0000
ROA not before: Fri 06 Feb 2026 00:40:10 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01f::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:da:ff:be:1e:ed:53:4d:a0:95:1a:e5:75:a0:e5:a8:b5:2e:b0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:40:10 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=15bc12e42a66823bcbd866e6eb1643af199278fc4a5d63d5294bf49d9cc022fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:3c:ef:ff:d0:0d:ec:82:5f:a6:33:69:84:9c:
0f:9c:23:63:6c:c3:4e:f7:67:bb:dd:e6:ff:2d:8d:
e3:3d:c9:74:6f:88:c0:2e:10:1b:5c:86:5d:37:09:
55:89:b2:12:35:8b:e9:b1:41:24:5c:24:68:c7:39:
01:e1:f9:21:65:d7:97:43:3d:c7:1f:7d:24:70:d0:
30:c6:88:57:04:f2:99:d2:35:03:20:6a:1b:91:18:
5d:0c:c4:b3:04:f3:13:9e:f2:4d:fc:b0:21:ed:99:
79:f8:d9:c3:e4:d4:7b:5c:16:c2:45:a9:d2:7b:1a:
b8:bc:f3:68:75:f3:9a:43:1e:6d:e3:e0:94:66:0f:
17:b1:e3:50:78:69:a6:4d:e9:ba:d5:1d:07:c5:20:
93:a7:33:e7:cc:b2:2c:77:cd:94:93:61:7d:88:47:
b3:6d:4f:58:d0:11:c8:a0:71:4a:b6:ca:03:53:49:
f0:06:e1:82:3f:8c:d4:26:8a:69:bb:ce:99:33:ed:
ce:55:02:f9:10:10:2b:a5:a9:0a:68:b0:b9:dc:4a:
31:cf:bd:be:07:08:1f:93:ea:2b:da:3f:29:34:f2:
9d:c6:0a:cf:d7:5a:b6:ba:64:c0:04:3c:b2:58:3b:
c6:f0:2e:aa:94:ab:d2:0a:b7:e6:f1:06:0f:17:fe:
d5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:56:EC:B7:B0:AA:1F:EC:D5:52:D9:3A:9A:11:CB:05:7E:C1:CB:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f::/37
Signature Algorithm: sha256WithRSAEncryption
b0:d4:dc:e9:99:4d:e0:ce:8f:d8:cf:9c:a3:46:2c:21:d3:a8:
37:f6:7c:fc:4c:eb:1c:2b:b7:56:58:91:b1:4b:d4:c8:52:d0:
bb:d4:89:ed:07:f6:44:3f:04:0a:36:10:7c:7c:51:d8:a9:51:
82:44:5a:9e:99:e8:91:1b:57:c8:97:b5:7b:78:c8:27:c7:09:
66:ba:62:d2:4f:e2:67:30:a7:83:cc:75:00:a0:a6:fa:4c:90:
3c:44:c1:15:86:3b:91:22:28:c9:32:d4:e6:0b:bb:2b:e2:a2:
bf:6f:37:92:04:e0:12:2f:47:0a:ca:c3:4d:5e:fd:7c:41:1f:
71:8e:da:4a:87:35:ae:ac:a5:f2:6f:88:b8:77:67:1c:64:26:
3c:fb:18:9b:f2:ff:35:01:4c:c2:a6:8c:86:b4:77:52:ab:78:
6e:f6:90:47:a7:c7:09:ea:65:e1:4f:98:d7:64:10:f1:a0:b3:
87:99:9c:60:49:9b:30:8a:c8:32:64:cb:d5:9f:e2:ca:ac:74:
bd:17:fa:0b:98:e0:46:cc:3d:62:ef:db:23:06:21:29:6f:1d:
40:17:31:ee:13:29:6c:b4:b8:73:bb:81:eb:09:8e:d4:6e:9a:
e6:07:2d:d0:c9:cd:28:1c:d5:94:6d:a7:84:b9:5f:83:e6:e6:
40:55:1c:f6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEdr/vh7tU02glRrldaDlqLUusG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDQwMTBaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1YmMxMmU0MmE2NjgyM2JjYmQ4NjZlNmViMTY0M2FmMTk5Mjc4ZmM0YTVk
NjNkNTI5NGJmNDlkOWNjMDIyZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPU87//QDeyCX6YzaYScD5wjY2zDTvdnu93m/y2N4z3JdG+IwC4QG1yGXTcJ
VYmyEjWL6bFBJFwkaMc5AeH5IWXXl0M9xx99JHDQMMaIVwTymdI1AyBqG5EYXQzE
swTzE57yTfywIe2ZefjZw+TUe1wWwkWp0nsauLzzaHXzmkMebePglGYPF7HjUHhp
pk3putUdB8Ugk6cz58yyLHfNlJNhfYhHs21PWNARyKBxSrbKA1NJ8Abhgj+M1CaK
abvOmTPtzlUC+RAQK6WpCmiwudxKMc+9vgcIH5PqK9o/KTTyncYKz9datrpkwAQ8
slg7xvAuqpSr0gq35vEGDxf+1aUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSWVuy3
sKof7NVS2TqaEcsFfsHL3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJlNWNkMTEtZTMzYi00MDgwLTkxZDUtZjU1MGYxZDdhMGI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B8A
MA0GCSqGSIb3DQEBCwUAA4IBAQCw1NzpmU3gzo/Yz5yjRiwh06g39nz8TOscK7dW
WJGxS9TIUtC71IntB/ZEPwQKNhB8fFHYqVGCRFqemeiRG1fIl7V7eMgnxwlmumLS
T+JnMKeDzHUAoKb6TJA8RMEVhjuRIijJMtTmC7sr4qK/bzeSBOASL0cKysNNXv18
QR9xjtpKhzWurKXyb4i4d2ccZCY8+xib8v81AUzCpoyGtHdSq3hu9pBHp8cJ6mXh
T5jXZBDxoLOHmZxgSZswisgyZMvVn+LKrHS9F/oLmOBGzD1i79sjBiEpbx1AFzHu
EylstLhzu4HrCY7UbprmBy3Qyc0oHNWUbaeEuV+D5uZAVRz2
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:29 2026 by rpki-client