Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
File: d7bcc124-bcd8-42ec-911f-1b551dceda68.roa (raw, json)
Hash identifier: rA7bxTx/qRyB8QfADawSEziYjHk6ufLtqyl8T7YxPuo=
Subject key identifier: 84:64:12:10:22:95:3C:45:B9:B4:32:F4:E7:15:C6:44:5E:4C:3E:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 448302266F47F8B51B96CC1F304B526485D58F70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
Signing time: Sat 28 Feb 2026 05:30:14 +0000
ROA not before: Sat 28 Feb 2026 05:30:14 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:83:02:26:6f:47:f8:b5:1b:96:cc:1f:30:4b:52:64:85:d5:8f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:14 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7470a3121d8be119e57761b8f41db83b00fafe30c85bd4a3d96ed97212227bff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c4:4a:b8:8a:87:c4:f6:eb:71:ab:8a:2c:ba:
1d:07:f5:2d:72:a9:a3:99:09:d8:f9:51:7e:c6:12:
33:18:b0:e8:81:0b:16:df:10:cf:3a:44:56:30:84:
8f:f2:9a:52:ec:0b:6e:aa:13:33:33:91:57:48:fc:
13:b2:86:5c:d7:bd:3a:9e:26:96:dd:7d:a6:1e:d9:
cc:d0:99:30:06:f5:08:1d:4e:51:b2:03:7e:3b:e9:
37:6e:f7:95:c9:09:36:10:1e:d1:1b:a3:de:a9:9c:
68:71:50:69:c5:cd:6d:de:2d:31:38:0e:6c:28:52:
75:03:ca:62:a3:74:6b:4f:9b:07:a8:96:d3:31:31:
c9:85:f2:9b:c1:4d:f7:32:a2:18:7b:04:50:81:59:
ed:4d:0c:fd:f4:82:87:54:b1:8e:e8:0d:ec:28:0b:
39:fc:4a:81:76:e9:56:3d:c7:61:f0:12:0b:84:73:
44:6d:04:4d:93:f2:fd:48:c7:1c:29:6b:3f:90:09:
5b:08:49:61:d2:68:1f:f2:81:10:b4:54:49:24:ce:
e2:cb:dd:7e:6a:94:b5:11:8c:e2:88:2d:4f:b6:0e:
ad:61:c4:86:66:98:4e:99:54:d7:40:03:37:b7:af:
92:1c:7e:7a:6c:d6:48:04:34:66:cf:ac:17:ea:8e:
07:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:64:12:10:22:95:3C:45:B9:B4:32:F4:E7:15:C6:44:5E:4C:3E:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:d4:e2:fa:f5:53:b6:b0:bc:8c:a5:3b:10:c5:f9:5b:61:0f:
f5:fd:46:15:ee:34:9d:03:8e:b8:23:e2:99:42:91:17:97:c4:
dd:b9:63:b9:93:23:d5:2c:aa:ec:f1:31:b2:fe:f7:32:a6:a9:
4e:82:99:85:98:1f:ef:59:4b:1f:1a:69:c1:33:ec:5a:68:1a:
93:c0:a8:f4:92:4c:a4:13:21:16:47:d3:8d:87:d1:9d:66:a9:
41:8b:08:0e:63:9b:ce:7a:27:33:02:e3:59:6a:94:0f:fe:24:
c1:da:60:ec:d4:02:a4:b6:c5:43:5e:5e:34:8f:29:6a:21:78:
9d:0a:9d:b2:c2:b1:96:0a:14:86:c3:da:ee:29:0c:79:68:c0:
93:ec:1e:98:99:4a:9e:e1:8a:29:57:f9:1d:bf:fd:f1:75:90:
c4:8f:53:74:cc:ae:04:a0:38:55:6b:13:af:b3:87:fe:dd:88:
db:72:ee:ab:f7:85:6e:5f:82:87:12:e0:ff:43:95:8c:06:fe:
28:bc:3f:42:82:dc:20:bf:77:97:3f:12:4d:46:f3:51:c3:63:
44:85:c2:2c:a6:7f:df:cb:37:a4:a7:9c:03:98:b1:d6:43:11:
18:8e:66:6c:56:37:d0:92:2d:4d:98:96:18:db:1b:e3:13:61:
42:9a:74:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURIMCJm9H+LUblswfMEtSZIXVj3AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwMTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0NzBhMzEyMWQ4YmUxMTllNTc3NjFiOGY0MWRiODNiMDBmYWZlMzBjODVi
ZDRhM2Q5NmVkOTcyMTIyMjdiZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzESriKh8T263Griiy6HQf1LXKpo5kJ2PlRfsYSMxiw6IELFt8QzzpEVjCE
j/KaUuwLbqoTMzORV0j8E7KGXNe9Op4mlt19ph7ZzNCZMAb1CB1OUbIDfjvpN273
lckJNhAe0Ruj3qmcaHFQacXNbd4tMTgObChSdQPKYqN0a0+bB6iW0zExyYXym8FN
9zKiGHsEUIFZ7U0M/fSCh1SxjugN7CgLOfxKgXbpVj3HYfASC4RzRG0ETZPy/UjH
HClrP5AJWwhJYdJoH/KBELRUSSTO4svdfmqUtRGM4ogtT7YOrWHEhmaYTplU10AD
N7evkhx+emzWSAQ0Zs+sF+qOB10CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSEZBIQ
IpU8Rbm0MvTnFcZEXkw+xDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiY2MxMjQtYmNkOC00MmVjLTkxMWYtMWI1NTFkY2VkYTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7g
MA0GCSqGSIb3DQEBCwUAA4IBAQCo1OL69VO2sLyMpTsQxflbYQ/1/UYV7jSdA464
I+KZQpEXl8TduWO5kyPVLKrs8TGy/vcypqlOgpmFmB/vWUsfGmnBM+xaaBqTwKj0
kkykEyEWR9ONh9GdZqlBiwgOY5vOeiczAuNZapQP/iTB2mDs1AKktsVDXl40jylq
IXidCp2ywrGWChSGw9ruKQx5aMCT7B6YmUqe4YopV/kdv/3xdZDEj1N0zK4EoDhV
axOvs4f+3Yjbcu6r94VuX4KHEuD/Q5WMBv4ovD9Cgtwgv3eXPxJNRvNRw2NEhcIs
pn/fyzekp5wDmLHWQxEYjmZsVjfQki1NmJYY2xvjE2FCmnRu
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:50:08 2026 by rpki-client