Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
File: ddbb8798-3423-4d98-a384-58621b010556.roa (raw, json)
Hash identifier: 0YL+N1+cHeWvsl0M1W9RaAr4QyeIo2vj6JPELu8VqXA=
Subject key identifier: E0:CB:92:E3:EA:32:4E:6F:61:CB:D7:26:B3:F0:74:7B:C8:AA:8A:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01BF6EB3396C96B722944342E0D485EC8F5EF5D7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
Signing time: Sat 28 Feb 2026 06:10:59 +0000
ROA not before: Sat 28 Feb 2026 06:10:59 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:bf:6e:b3:39:6c:96:b7:22:94:43:42:e0:d4:85:ec:8f:5e:f5:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:59 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=18328a3d900dd637cc13c63cd2a075a58396a09e0d05ce58b187230042df5401, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:40:82:8b:f7:ef:5d:b4:c4:4f:5e:e6:99:26:
0b:7c:91:57:d3:79:e0:a8:a5:70:2b:33:37:f7:c6:
92:78:5a:38:08:de:3e:c1:45:5c:ee:cc:92:cf:9f:
c9:2a:87:cc:5d:9c:06:24:43:d2:5e:ab:37:43:90:
22:88:f6:c4:a8:50:94:15:a1:a9:15:1b:40:7f:f3:
af:e8:ba:e0:94:4f:90:22:94:a5:ab:2c:ee:71:66:
ec:92:64:2f:73:01:a2:46:51:8e:63:9a:d2:3a:db:
9b:16:9f:ee:f4:65:b1:2b:34:19:b9:39:de:ef:a9:
de:09:6a:ae:7e:54:39:59:1d:f3:67:96:73:9d:08:
00:78:32:36:97:36:cc:a4:8b:cf:a1:e6:12:9c:bf:
a7:bf:6b:c6:a7:b2:5e:5b:a2:67:14:24:4e:1c:74:
19:0c:2b:32:08:1f:e6:be:a9:ae:18:3f:9f:6b:c1:
9c:73:39:95:45:fa:b2:c1:88:61:65:31:87:31:55:
8e:f3:1b:9d:c2:ba:15:38:9f:e4:3a:a7:2d:ab:70:
c4:2c:54:f7:81:bb:08:35:f3:63:ca:29:1e:44:bf:
fe:26:50:c8:f5:0d:bc:b5:f0:3a:19:a0:58:9b:12:
96:fd:45:67:c3:ea:c9:c5:17:d0:40:1e:8e:72:90:
35:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CB:92:E3:EA:32:4E:6F:61:CB:D7:26:B3:F0:74:7B:C8:AA:8A:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:c00::/38
Signature Algorithm: sha256WithRSAEncryption
2a:15:4f:7f:db:bf:f3:d8:db:52:40:74:84:05:39:62:68:bf:
c3:5d:42:bf:df:0b:3e:1b:e6:58:38:94:1c:4e:93:eb:63:48:
52:bd:d2:c7:f4:2d:7c:2a:07:ca:ee:62:28:06:e0:21:c8:21:
cd:df:c2:fc:5e:61:71:b3:06:ec:81:c0:de:bf:00:b0:a6:f9:
93:c0:d5:e3:68:83:84:4c:c3:5e:68:48:cb:d5:19:5c:65:77:
a2:bf:96:c8:38:9b:fa:95:e7:bf:f7:88:17:f9:12:b1:8f:8f:
18:6b:84:da:91:28:ad:98:06:b0:24:cc:21:4a:3b:38:ec:88:
63:ff:44:54:75:4a:4e:a1:44:86:ab:70:4e:0b:4c:3c:16:04:
6f:99:6e:69:8f:60:e2:60:37:22:91:44:9a:39:6b:9c:22:3b:
05:85:ab:23:1b:e4:44:38:2f:2f:b7:fc:a3:25:06:b3:6c:af:
56:e0:cb:d5:f5:8f:4c:f3:48:09:69:fe:ea:02:ac:15:97:f5:
4a:69:d9:23:70:bb:3b:4a:d0:37:88:41:27:c7:a4:95:ce:c0:
23:96:64:bc:d0:58:17:99:29:d5:0c:96:e2:f8:c7:a5:ef:5a:
b4:69:cc:a7:4f:93:62:50:a6:61:32:e1:42:d6:6c:8d:80:83:
ac:e2:2b:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAb9uszlslrcilENC4NSF7I9e9dcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNTlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4MzI4YTNkOTAwZGQ2MzdjYzEzYzYzY2QyYTA3NWE1ODM5NmEwOWUwZDA1
Y2U1OGIxODcyMzAwNDJkZjU0MDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBAgov37120xE9e5pkmC3yRV9N54KilcCszN/fGknhaOAjePsFFXO7Mks+f
ySqHzF2cBiRD0l6rN0OQIoj2xKhQlBWhqRUbQH/zr+i64JRPkCKUpass7nFm7JJk
L3MBokZRjmOa0jrbmxaf7vRlsSs0Gbk53u+p3glqrn5UOVkd82eWc50IAHgyNpc2
zKSLz6HmEpy/p79rxqeyXluiZxQkThx0GQwrMggf5r6prhg/n2vBnHM5lUX6ssGI
YWUxhzFVjvMbncK6FTif5DqnLatwxCxU94G7CDXzY8opHkS//iZQyPUNvLXwOhmg
WJsSlv1FZ8PqycUX0EAejnKQNeECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgy5Lj
6jJOb2HL1yaz8HR7yKqKgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGRiYjg3OTgtMzQyMy00ZDk4LWEzODQtNTg2MjFiMDEwNTU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkM
MA0GCSqGSIb3DQEBCwUAA4IBAQAqFU9/27/z2NtSQHSEBTliaL/DXUK/3ws+G+ZY
OJQcTpPrY0hSvdLH9C18KgfK7mIoBuAhyCHN38L8XmFxswbsgcDevwCwpvmTwNXj
aIOETMNeaEjL1RlcZXeiv5bIOJv6lee/94gX+RKxj48Ya4TakSitmAawJMwhSjs4
7Ihj/0RUdUpOoUSGq3BOC0w8FgRvmW5pj2DiYDcikUSaOWucIjsFhasjG+REOC8v
t/yjJQazbK9W4MvV9Y9M80gJaf7qAqwVl/VKadkjcLs7StA3iEEnx6SVzsAjlmS8
0FgXmSnVDJbi+Mel71q0acynT5NiUKZhMuFC1myNgIOs4isz
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:04:08 2026 by rpki-client