Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da4dde97-2ca6-497d-9086-e0957352d3a4.roa
File: da4dde97-2ca6-497d-9086-e0957352d3a4.roa (raw, json)
Hash identifier: wEjVV4qgg6JeAh7R24Egzcfk5AffK946I1kN9GdQexM=
Subject key identifier: 2D:78:CD:39:7C:14:8B:D8:AC:38:A5:45:F4:D2:CF:14:5A:ED:00:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 055B4B31C63B7E486403B90341B16A6A9EB8A44B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da4dde97-2ca6-497d-9086-e0957352d3a4.roa
Signing time: Sat 28 Feb 2026 05:10:14 +0000
ROA not before: Sat 28 Feb 2026 05:10:14 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:5b:4b:31:c6:3b:7e:48:64:03:b9:03:41:b1:6a:6a:9e:b8:a4:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:14 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=388145ec7606af544c51a47b9edc96cdf924f1f64a73e20a371bcfd59d76e1bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:af:25:49:c2:c6:ca:3b:3f:ed:d7:76:07:29:
8a:9a:f7:05:aa:5c:61:29:95:fe:0e:5b:ea:d6:25:
5f:5c:91:e5:b1:08:c7:2f:6d:84:95:93:af:11:a9:
cb:b4:0d:e0:a1:7d:e9:f0:ba:f3:22:b3:fc:73:a9:
20:fb:4b:54:9f:f8:2b:58:a7:e5:27:75:65:ed:09:
aa:ed:59:b2:73:25:12:c7:85:e1:15:6f:52:bf:fa:
d3:d1:14:dc:79:37:7a:46:aa:f2:25:1b:43:db:47:
3f:d1:5c:82:17:ac:ec:d4:55:3b:3e:33:25:5d:bd:
c5:18:c2:c8:bd:26:40:36:97:16:9d:7f:ea:57:c3:
a8:79:70:47:07:f6:c4:c9:93:54:8d:fc:db:46:9c:
2c:8c:2e:37:e0:42:16:bd:4b:63:c2:63:02:b3:65:
b8:7e:d8:f9:07:df:16:5e:87:0e:ef:5d:c6:bb:54:
50:0b:f4:3e:1c:7d:ba:09:9d:58:ce:18:a1:c4:82:
c8:84:13:dd:56:be:1f:9f:06:d0:27:48:48:a2:b1:
3e:ca:60:ba:8d:66:ba:49:4a:90:2c:9f:f1:3f:e0:
1a:90:5f:34:91:7b:90:6c:d8:51:88:12:dd:80:17:
e6:1e:34:f3:b0:b8:77:43:e8:31:23:dd:d7:a7:04:
fe:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:78:CD:39:7C:14:8B:D8:AC:38:A5:45:F4:D2:CF:14:5A:ED:00:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da4dde97-2ca6-497d-9086-e0957352d3a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:8000::/40
Signature Algorithm: sha256WithRSAEncryption
17:ee:33:c0:1c:46:91:bf:1b:e8:6f:3a:21:6d:f8:23:1e:d4:
a3:72:27:1a:02:a7:bc:36:7a:ca:df:a8:74:91:cc:a7:65:d5:
b4:11:16:61:34:31:fd:02:8c:d0:1c:83:e5:57:39:cf:31:91:
60:3b:2f:9b:4f:87:aa:3b:45:1c:38:2b:c3:cc:08:85:7b:91:
c6:6a:94:05:ed:5e:43:c5:65:33:48:52:14:99:d1:5f:b3:ca:
d0:49:8b:29:12:06:45:32:2f:43:ce:43:d0:e9:43:9e:95:3e:
ad:9d:b4:f5:fd:7d:6b:44:ac:2a:7a:ee:a1:d8:b8:6d:4c:0d:
07:48:92:27:14:e8:bb:a8:85:f4:2b:51:03:f7:75:2d:66:2c:
1a:de:fb:64:3c:67:91:f5:8f:9c:45:fa:ae:d2:f8:ff:7d:dc:
28:ce:30:4b:22:18:6d:7b:5e:ba:4b:9a:7f:30:9d:9b:d7:d2:
f3:4d:af:7d:ea:ac:7a:19:71:ea:65:19:2b:7d:2f:d5:f5:e3:
05:94:e7:25:78:b3:d6:ce:e7:02:86:96:7a:8f:e6:58:ee:a5:
37:b4:9b:de:67:27:16:ef:db:7c:b1:00:26:00:92:73:84:2c:
99:3a:45:d1:b6:b6:df:de:f0:47:fa:b2:05:8a:82:73:49:34:
2a:1d:b1:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBVtLMcY7fkhkA7kDQbFqap64pEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4ODE0NWVjNzYwNmFmNTQ0YzUxYTQ3YjllZGM5NmNkZjkyNGYxZjY0YTcz
ZTIwYTM3MWJjZmQ1OWQ3NmUxYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSvJUnCxso7P+3Xdgcpipr3BapcYSmV/g5b6tYlX1yR5bEIxy9thJWTrxGp
y7QN4KF96fC68yKz/HOpIPtLVJ/4K1in5Sd1Ze0Jqu1ZsnMlEseF4RVvUr/609EU
3Hk3ekaq8iUbQ9tHP9Fcghes7NRVOz4zJV29xRjCyL0mQDaXFp1/6lfDqHlwRwf2
xMmTVI3820acLIwuN+BCFr1LY8JjArNluH7Y+QffFl6HDu9dxrtUUAv0Phx9ugmd
WM4YocSCyIQT3Va+H58G0CdISKKxPspguo1muklKkCyf8T/gGpBfNJF7kGzYUYgS
3YAX5h4087C4d0PoMSPd16cE/lMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQteM05
fBSL2Kw4pUX00s8UWu0A6zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE0ZGRlOTctMmNhNi00OTdkLTkwODYtZTA5NTczNTJkM2E0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmA
MA0GCSqGSIb3DQEBCwUAA4IBAQAX7jPAHEaRvxvobzohbfgjHtSjcicaAqe8NnrK
36h0kcynZdW0ERZhNDH9AozQHIPlVznPMZFgOy+bT4eqO0UcOCvDzAiFe5HGapQF
7V5DxWUzSFIUmdFfs8rQSYspEgZFMi9DzkPQ6UOelT6tnbT1/X1rRKwqeu6h2Lht
TA0HSJInFOi7qIX0K1ED93UtZiwa3vtkPGeR9Y+cRfqu0vj/fdwozjBLIhhte166
S5p/MJ2b19LzTa996qx6GXHqZRkrfS/V9eMFlOcleLPWzucChpZ6j+ZY7qU3tJve
ZycW79t8sQAmAJJzhCyZOkXRtrbf3vBH+rIFioJzSTQqHbEj
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:01:24 2026 by rpki-client