Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
File: decd4459-2e9b-442e-a3bd-6633fdd0250b.roa (raw, json)
Hash identifier: aZHyiPx7xg+esDnRuZAL3nEWVjPf8C1/jCLr6pVQpOY=
Subject key identifier: C7:94:A0:81:E3:3E:DC:53:C6:01:7E:B7:87:7D:6F:ED:F8:74:A0:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69D4FE1416153934408368C90EBDBDD35EEC4A88
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
Signing time: Sat 28 Feb 2026 05:41:08 +0000
ROA not before: Sat 28 Feb 2026 05:41:08 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d4:fe:14:16:15:39:34:40:83:68:c9:0e:bd:bd:d3:5e:ec:4a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:08 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2d58292f2a3b3bafb965d16fbd8a47165ce5e54bf99590f6a31b74da9b48f2ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:22:cc:8f:c0:59:3b:56:30:08:14:9b:1d:c0:
bb:e1:9e:2a:b4:39:80:6c:3e:91:8d:7a:a8:0a:cd:
19:50:22:a2:81:87:04:f2:20:98:bd:6e:bc:69:d1:
d5:16:38:8f:ce:20:01:3b:12:0b:54:a1:68:f1:a4:
70:fa:80:76:c9:2e:6c:cd:c6:56:b6:04:7e:f5:24:
ed:2f:a6:ba:71:8d:2c:5f:14:34:c6:67:18:8f:7f:
ef:52:5c:e8:a6:3d:33:30:0d:38:04:49:06:07:5b:
be:52:44:6c:ac:b8:7e:b8:88:c2:43:05:2d:10:96:
1e:60:b2:0b:71:57:42:34:50:e3:28:67:2a:42:84:
53:cb:00:07:2e:d8:1e:85:cb:f4:f3:0b:d1:0c:83:
b7:87:c6:6d:60:a1:94:3b:bd:10:2d:bd:e3:69:96:
6e:4e:40:11:d3:80:8f:4d:d4:de:e8:09:8b:8b:d1:
1d:eb:70:af:b3:a0:a8:48:a6:09:0f:6e:f1:02:85:
2e:89:7f:4a:2e:86:a5:c9:7b:7c:33:25:83:e3:8a:
f2:dc:6e:99:38:e7:68:95:32:46:3f:7b:ee:65:60:
bd:08:5d:98:6d:9e:91:4c:e4:b7:ae:50:6c:3a:44:
18:2b:4b:03:6a:4b:e9:19:e9:e8:78:4d:49:c2:33:
bd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:94:A0:81:E3:3E:DC:53:C6:01:7E:B7:87:7D:6F:ED:F8:74:A0:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:95:a9:d4:52:29:7b:f6:33:1a:49:be:a4:37:4c:ee:e0:19:
42:71:e7:23:4d:ec:92:85:a2:78:d5:a5:b4:b3:00:d8:3f:28:
7b:7e:8d:56:5e:2e:b4:28:5b:20:e4:fc:ad:74:e1:59:3f:cb:
90:5f:a1:8a:63:b5:c9:4e:08:9b:e1:ef:62:e2:35:fe:a4:9e:
13:af:9f:dd:dd:b7:16:71:82:86:2a:bd:8a:05:f8:e5:7a:e2:
69:26:37:9d:5b:89:cd:db:90:97:02:0a:cd:f3:66:ec:49:18:
91:39:bc:97:cd:1c:72:3e:b5:04:02:ba:96:43:d9:4b:de:ed:
4d:cb:6c:f4:de:4d:3e:b1:0f:50:fc:af:cd:81:4b:66:0e:9b:
88:9e:ff:03:45:16:44:d0:ea:ae:2c:9e:55:2c:91:97:4f:dd:
aa:a5:50:0c:0b:d1:83:92:a0:4e:64:01:cb:a7:50:8b:84:23:
a3:a3:52:a8:58:2e:c9:b2:49:d1:e3:d5:a7:d7:c7:dd:a7:89:
c7:67:00:e3:e6:d2:2e:2b:53:68:fb:a6:6e:82:d2:dd:ea:8b:
db:80:e2:0f:66:93:8a:cb:51:3c:0f:05:9e:10:d7:6f:cb:aa:
5f:d6:46:1d:c6:fe:cd:5e:20:95:52:0b:43:ed:ce:27:da:95:
46:80:83:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUadT+FBYVOTRAg2jJDr29017sSogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNTgyOTJmMmEzYjNiYWZiOTY1ZDE2ZmJkOGE0NzE2NWNlNWU1NGJmOTk1
OTBmNmEzMWI3NGRhOWI0OGYyZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYizI/AWTtWMAgUmx3Au+GeKrQ5gGw+kY16qArNGVAiooGHBPIgmL1uvGnR
1RY4j84gATsSC1ShaPGkcPqAdskubM3GVrYEfvUk7S+munGNLF8UNMZnGI9/71Jc
6KY9MzANOARJBgdbvlJEbKy4friIwkMFLRCWHmCyC3FXQjRQ4yhnKkKEU8sABy7Y
HoXL9PML0QyDt4fGbWChlDu9EC2942mWbk5AEdOAj03U3ugJi4vRHetwr7OgqEim
CQ9u8QKFLol/Si6Gpcl7fDMlg+OK8txumTjnaJUyRj977mVgvQhdmG2ekUzkt65Q
bDpEGCtLA2pL6Rnp6HhNScIzvXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTHlKCB
4z7cU8YBfreHfW/t+HSg+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVjZDQ0NTktMmU5Yi00NDJlLWEzYmQtNjYzM2ZkZDAyNTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKg
MA0GCSqGSIb3DQEBCwUAA4IBAQBOlanUUil79jMaSb6kN0zu4BlCcecjTeyShaJ4
1aW0swDYPyh7fo1WXi60KFsg5PytdOFZP8uQX6GKY7XJTgib4e9i4jX+pJ4Tr5/d
3bcWcYKGKr2KBfjleuJpJjedW4nN25CXAgrN82bsSRiRObyXzRxyPrUEArqWQ9lL
3u1Ny2z03k0+sQ9Q/K/NgUtmDpuInv8DRRZE0OquLJ5VLJGXT92qpVAMC9GDkqBO
ZAHLp1CLhCOjo1KoWC7JsknR49Wn18fdp4nHZwDj5tIuK1No+6ZugtLd6ovbgOIP
ZpOKy1E8DwWeENdvy6pf1kYdxv7NXiCVUgtD7c4n2pVGgIOa
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:35 2026 by rpki-client