Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d79852cc-835c-4a8a-8412-323c0281d4bf.roa
File: d79852cc-835c-4a8a-8412-323c0281d4bf.roa (raw, json)
Hash identifier: Tvu6tky4JgnPFdeA7HuZjW4a21JLLA/OUWjeDa8NRu8=
Subject key identifier: 55:30:91:64:B6:49:33:84:5E:1D:AE:CC:20:0E:38:30:20:D9:B7:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BA66BFEA20B1C79191381DC9903E5CD2F18BAA8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d79852cc-835c-4a8a-8412-323c0281d4bf.roa
Signing time: Tue 24 Feb 2026 04:10:44 +0000
ROA not before: Tue 24 Feb 2026 04:10:44 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:a6:6b:fe:a2:0b:1c:79:19:13:81:dc:99:03:e5:cd:2f:18:ba:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 04:10:44 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=a5384e71a14c96e7a94072ceec856c9e85ed1bb87d32a6c88590d89e8fce8f71, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:7a:db:0c:09:98:d6:52:95:a5:65:22:89:dd:
f2:45:cb:25:27:d8:2c:78:b5:f5:a6:8b:00:fe:91:
0e:d7:b5:c5:23:6d:97:d2:7d:ee:8d:dc:4c:1a:e5:
ac:65:7c:cc:b6:07:85:53:58:f4:25:cc:8b:f3:28:
e4:6a:0a:da:8e:45:3f:85:f9:01:bc:10:5d:6d:11:
14:0e:9a:bd:7d:0d:7b:81:07:5e:0c:92:2a:6f:a0:
eb:85:5d:28:2b:67:5b:0f:91:f6:f4:3b:b2:a7:02:
b7:80:47:f0:90:0c:a1:8c:37:92:90:78:94:30:a0:
1e:fd:82:87:11:5f:fd:75:d2:35:dd:51:ef:1c:70:
0a:b7:15:9c:bf:b9:20:00:00:61:29:a5:2d:a0:71:
fb:c2:c2:b7:5c:40:45:45:4f:f9:76:d9:38:91:01:
06:9a:91:65:d4:43:61:8e:1a:12:56:de:b6:6b:da:
f4:2c:f4:51:d6:f7:ad:e6:f8:78:51:a3:ba:f1:bc:
ca:ac:13:73:8d:e7:b0:60:ad:8d:52:4a:e8:4b:b2:
df:f8:33:7d:15:a6:2d:1a:5a:80:40:9d:4a:f0:2e:
c1:f5:eb:68:5c:86:3c:31:29:74:9a:d7:62:44:47:
d6:47:3d:35:6c:84:09:76:5d:79:41:35:65:f2:b2:
81:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:30:91:64:B6:49:33:84:5E:1D:AE:CC:20:0E:38:30:20:D9:B7:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d79852cc-835c-4a8a-8412-323c0281d4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6000::/40
Signature Algorithm: sha256WithRSAEncryption
58:91:b8:a7:a5:e9:30:a3:57:ac:a5:14:1e:52:7d:e4:5c:a0:
d0:ac:14:cf:93:31:82:65:07:a4:cc:6d:54:d2:09:6b:11:e2:
3c:fb:38:8a:4e:a9:0c:1d:30:9a:e1:c0:7d:dc:d2:36:57:10:
49:57:93:a8:e9:fe:a3:e7:be:48:87:35:76:2c:b2:2b:50:45:
85:3c:3e:dc:23:d3:77:0a:7f:4a:a3:7a:76:e7:1c:96:30:f8:
31:cd:3a:ce:72:99:2f:22:ca:50:52:34:96:20:03:71:8b:ba:
38:9c:cd:dc:c4:01:55:e0:fb:77:37:9a:dd:91:28:a6:34:f1:
66:09:b3:a1:01:a2:f9:c8:a9:0a:75:15:ba:e2:62:63:e8:19:
84:82:cd:9d:ba:b2:93:b1:e2:fe:59:59:65:0d:a7:b4:7c:77:
62:b5:8b:04:c5:6a:6d:12:eb:13:af:8f:25:3f:bf:e0:4c:46:
01:d6:88:06:9a:f8:33:97:be:ce:89:27:c6:bf:2b:49:fb:be:
17:f7:d0:d6:6e:64:5b:38:99:14:1b:1f:6c:c0:8e:d6:4c:fc:
50:c8:14:8a:f4:21:20:69:f7:0e:a4:c1:fa:8c:d2:3f:c7:9f:
78:4d:c1:77:01:a1:cf:2a:f0:62:bd:86:65:f8:64:d9:78:8d:
74:86:34:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG6Zr/qILHHkZE4HcmQPlzS8YuqgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwNDEwNDRaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1Mzg0ZTcxYTE0Yzk2ZTdhOTQwNzJjZWVjODU2YzllODVlZDFiYjg3ZDMy
YTZjODg1OTBkODllOGZjZThmNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPV62wwJmNZSlaVlIond8kXLJSfYLHi19aaLAP6RDte1xSNtl9J97o3cTBrl
rGV8zLYHhVNY9CXMi/Mo5GoK2o5FP4X5AbwQXW0RFA6avX0Ne4EHXgySKm+g64Vd
KCtnWw+R9vQ7sqcCt4BH8JAMoYw3kpB4lDCgHv2ChxFf/XXSNd1R7xxwCrcVnL+5
IAAAYSmlLaBx+8LCt1xARUVP+XbZOJEBBpqRZdRDYY4aElbetmva9Cz0Udb3reb4
eFGjuvG8yqwTc43nsGCtjVJK6Euy3/gzfRWmLRpagECdSvAuwfXraFyGPDEpdJrX
YkRH1kc9NWyECXZdeUE1ZfKygZkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVMJFk
tkkzhF4drswgDjgwINm3hDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDc5ODUyY2MtODM1Yy00YThhLTg0MTItMzIzYzAyODFkNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Htg
MA0GCSqGSIb3DQEBCwUAA4IBAQBYkbinpekwo1espRQeUn3kXKDQrBTPkzGCZQek
zG1U0glrEeI8+ziKTqkMHTCa4cB93NI2VxBJV5Oo6f6j575IhzV2LLIrUEWFPD7c
I9N3Cn9Ko3p25xyWMPgxzTrOcpkvIspQUjSWIANxi7o4nM3cxAFV4Pt3N5rdkSim
NPFmCbOhAaL5yKkKdRW64mJj6BmEgs2durKTseL+WVllDae0fHditYsExWptEusT
r48lP7/gTEYB1ogGmvgzl77OiSfGvytJ+74X99DWbmRbOJkUGx9swI7WTPxQyBSK
9CEgafcOpMH6jNI/x594TcF3AaHPKvBivYZl+GTZeI10hjQ6
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:24 2026 by rpki-client