Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
File: d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa (raw, json)
Hash identifier: H/Jje90RBlPpkyXhmtVP6bMqB1UWdldaMO+OpEnJ07E=
Subject key identifier: 4E:05:29:BC:6B:11:58:DA:35:9B:DD:5F:3E:FA:C7:BD:01:D7:93:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C0D7EED9A44FB9D2B475488288E20AF462B7A44
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
Signing time: Sat 28 Feb 2026 05:40:13 +0000
ROA not before: Sat 28 Feb 2026 05:40:13 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:0d:7e:ed:9a:44:fb:9d:2b:47:54:88:28:8e:20:af:46:2b:7a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:13 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=6ed5d11aafc6fe8b072e27d1f57f9ce7396f390932f59e69856c9f78a791c352, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6f:4a:e5:3e:f0:46:92:da:7f:d1:9b:7d:f7:
6e:54:d8:2c:a3:79:1f:37:4c:b1:7b:9f:41:5d:c8:
fb:04:26:c0:d2:b0:38:c4:bd:2e:aa:3d:d2:b5:bf:
5d:6f:0c:78:6c:71:79:be:ce:d1:f2:ea:a1:ec:36:
00:a0:3a:bd:59:5d:9e:7c:0c:4c:5e:5b:79:94:f9:
20:17:c8:4c:46:7f:e5:6b:46:1b:23:e5:8a:de:8b:
d0:0f:90:76:bc:40:8f:e4:41:d2:75:84:35:b1:81:
0f:23:0d:a4:ce:7a:1e:73:65:6b:29:23:32:72:34:
3a:46:06:f9:8e:0a:d8:8d:74:b9:48:fe:7b:f6:e1:
32:84:e6:40:4d:89:ad:de:d4:57:04:f7:a8:35:17:
ad:9b:a9:fb:7a:06:1a:a8:d2:bc:2c:e4:55:cb:3c:
e6:49:8c:cb:26:33:47:7e:be:b1:48:3a:63:96:20:
47:a9:83:43:58:d4:a9:ca:f7:6a:8f:f9:25:46:87:
2a:c4:ca:bb:53:c7:39:65:14:95:4e:9c:28:42:ea:
b5:0f:08:72:c5:bd:5e:b2:32:40:db:11:09:09:66:
20:fd:0b:90:ad:bd:09:b7:ce:86:1e:57:e7:6c:e4:
4d:1a:15:9c:26:e8:55:a5:f8:bf:29:fc:f9:98:99:
df:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:05:29:BC:6B:11:58:DA:35:9B:DD:5F:3E:FA:C7:BD:01:D7:93:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016:400::/38
Signature Algorithm: sha256WithRSAEncryption
95:d1:5e:94:c6:9a:0d:07:0d:4b:7d:28:f0:1f:d2:67:f8:96:
56:36:e8:5e:0f:cb:6a:e0:76:91:0d:12:53:3e:d9:91:37:30:
aa:ee:20:ce:bc:ea:03:94:b3:fa:80:ec:1e:34:3d:16:34:a3:
d9:02:89:40:2c:12:88:97:d7:0d:3d:72:cf:c7:88:b4:f9:84:
1d:b1:ee:84:a8:c9:6c:e9:8c:71:96:ad:0c:7b:2f:2d:93:32:
b0:fa:d2:3f:00:f8:2e:16:be:60:69:93:aa:dd:68:0a:fe:e3:
03:e7:7d:bb:c5:58:df:5d:95:7a:26:ed:5a:8c:ea:a7:58:fe:
40:29:c6:72:03:20:ed:e6:d1:bb:66:a4:fe:84:80:14:98:fa:
a7:2a:8f:10:b0:85:d1:3f:58:48:35:80:05:08:55:c9:c9:78:
dc:b3:ae:d6:d0:1b:34:82:bd:02:f2:fe:a1:28:7a:5b:03:0a:
f0:4b:85:24:89:eb:a5:5f:94:80:d4:0f:77:54:66:56:77:c1:
70:57:0f:7c:f1:81:a4:10:e4:5c:22:79:a3:f8:cc:fd:87:f2:
64:7f:1b:a4:3c:5e:a6:9d:ed:6d:c9:74:72:02:9c:83:67:07:
15:2b:cb:89:b3:f2:98:89:c5:c7:9e:dd:7b:13:a4:87:ad:44:
fa:9a:7c:f8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTA1+7ZpE+50rR1SIKI4gr0YrekQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwMTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlZDVkMTFhYWZjNmZlOGIwNzJlMjdkMWY1N2Y5Y2U3Mzk2ZjM5MDkzMmY1
OWU2OTg1NmM5Zjc4YTc5MWMzNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZvSuU+8EaS2n/Rm333blTYLKN5HzdMsXufQV3I+wQmwNKwOMS9Lqo90rW/
XW8MeGxxeb7O0fLqoew2AKA6vVldnnwMTF5beZT5IBfITEZ/5WtGGyPlit6L0A+Q
drxAj+RB0nWENbGBDyMNpM56HnNlaykjMnI0OkYG+Y4K2I10uUj+e/bhMoTmQE2J
rd7UVwT3qDUXrZup+3oGGqjSvCzkVcs85kmMyyYzR36+sUg6Y5YgR6mDQ1jUqcr3
ao/5JUaHKsTKu1PHOWUUlU6cKELqtQ8IcsW9XrIyQNsRCQlmIP0LkK29CbfOhh5X
52zkTRoVnCboVaX4vyn8+ZiZ3yECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROBSm8
axFY2jWb3V8++se9AdeTuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDNhYzhhMGEtOGQwNi00MGRlLWEyOTItY2I4MjRiN2M0OGI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYE
MA0GCSqGSIb3DQEBCwUAA4IBAQCV0V6UxpoNBw1LfSjwH9Jn+JZWNuheD8tq4HaR
DRJTPtmRNzCq7iDOvOoDlLP6gOweND0WNKPZAolALBKIl9cNPXLPx4i0+YQdse6E
qMls6Yxxlq0Mey8tkzKw+tI/APguFr5gaZOq3WgK/uMD5327xVjfXZV6Ju1ajOqn
WP5AKcZyAyDt5tG7ZqT+hIAUmPqnKo8QsIXRP1hINYAFCFXJyXjcs67W0Bs0gr0C
8v6hKHpbAwrwS4UkieulX5SA1A93VGZWd8FwVw988YGkEORcInmj+Mz9h/Jkfxuk
PF6mne1tyXRyApyDZwcVK8uJs/KYicXHnt17E6SHrUT6mnz4
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:24:40 2026 by rpki-client