Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
File: dedc9540-e267-4454-a449-e65933af6f0f.roa (raw, json)
Hash identifier: 0GuHbepiwcvHLpkEnlnWvVq5wulDJ+wpZgneZswMG5w=
Subject key identifier: 47:AD:5C:E6:CE:F0:D8:11:A6:B2:9F:68:2A:A6:18:31:0E:6C:82:11
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18B0700E16B0476D781931BE80B0717D8A418C53
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
Signing time: Sat 28 Feb 2026 06:20:12 +0000
ROA not before: Sat 28 Feb 2026 06:20:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:b0:70:0e:16:b0:47:6d:78:19:31:be:80:b0:71:7d:8a:41:8c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=0ba8ed2b827c0e6bcc1620d4e7647907006e7111401df54aa38a2e79a1b72851, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:79:44:7f:94:10:c8:cf:9e:14:8c:79:66:73:
38:8c:0a:fb:c5:0d:05:43:2e:84:6b:9e:86:38:eb:
d3:22:be:46:41:ad:e6:30:48:94:c3:bb:f8:c7:9e:
99:49:e9:94:11:29:83:5f:37:04:c1:3b:4e:51:0b:
50:fa:ed:c1:91:ad:e8:8d:b9:e4:01:d4:c1:d5:d1:
07:32:68:0e:de:64:a3:f7:6b:68:c7:b7:41:48:7b:
26:f7:b7:63:13:79:94:5e:c4:1a:1d:4d:b4:c1:fc:
16:e8:d7:ff:41:d7:7e:df:c7:b9:13:fc:6a:fa:ba:
6f:c8:4f:6c:8c:fc:26:7a:a2:a0:93:8c:a4:39:d7:
04:88:3d:5e:06:ce:fc:4e:b8:30:64:2f:9c:d1:4e:
65:60:e5:da:06:16:cd:7c:55:0b:91:39:17:94:ae:
2a:93:65:33:aa:b8:ee:40:ab:c9:6c:76:c0:b4:e0:
47:85:7f:4c:d5:14:c3:b6:bc:e8:5d:36:7a:5d:9f:
79:65:27:66:45:78:ec:c2:63:80:88:28:1b:27:88:
0a:8a:9a:86:3e:a3:38:b2:59:ed:5a:33:7a:15:a0:
b7:31:af:cd:0d:16:f9:0d:59:38:27:57:56:28:b0:
11:6c:84:c1:d8:98:03:80:f0:f7:51:dd:35:31:7b:
f2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AD:5C:E6:CE:F0:D8:11:A6:B2:9F:68:2A:A6:18:31:0E:6C:82:11
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:1000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:d1:59:26:ec:59:55:5d:96:85:ab:2f:d3:52:fb:52:f7:31:
b0:54:74:b2:8a:c7:87:79:2e:d5:a8:d9:42:dd:fe:a1:29:2f:
6b:84:40:c0:8a:04:f6:ab:b7:db:ef:df:20:dc:42:62:16:81:
eb:07:49:5e:32:46:8a:80:02:46:66:ab:81:78:12:11:f6:47:
32:54:ad:7a:d2:17:00:87:66:a8:e5:9e:c3:84:17:4e:7e:17:
76:a1:3d:67:11:04:b2:b7:58:21:8f:12:33:2b:2e:35:4a:37:
89:26:88:29:01:48:c9:c4:14:33:e2:ad:6b:f9:85:75:f5:4b:
35:51:3c:27:1f:59:d5:9d:31:01:a1:97:63:b5:ad:72:e4:ae:
17:83:59:18:bf:9c:57:11:7a:b6:ba:c4:c5:e9:c5:54:c8:a4:
a6:b8:a2:d7:10:a6:41:a3:3b:81:44:50:7e:5e:df:cb:3a:95:
07:0c:a9:e3:5a:2b:c4:09:98:69:e5:76:5a:ac:eb:69:89:86:
e0:2d:e4:eb:b1:96:04:d7:34:20:0f:d5:82:37:e7:d6:93:9a:
36:1c:6d:d5:75:1a:ca:dd:1b:fa:6c:12:e9:10:4b:0e:ca:4d:
56:f8:53:e9:e3:96:34:dc:6f:aa:80:3a:39:4f:78:20:03:2b:
a9:b3:20:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGLBwDhawR214GTG+gLBxfYpBjFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiYThlZDJiODI3YzBlNmJjYzE2MjBkNGU3NjQ3OTA3MDA2ZTcxMTE0MDFk
ZjU0YWEzOGEyZTc5YTFiNzI4NTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh5RH+UEMjPnhSMeWZzOIwK+8UNBUMuhGuehjjr0yK+RkGt5jBIlMO7+Mee
mUnplBEpg183BME7TlELUPrtwZGt6I255AHUwdXRBzJoDt5ko/draMe3QUh7Jve3
YxN5lF7EGh1NtMH8FujX/0HXft/HuRP8avq6b8hPbIz8JnqioJOMpDnXBIg9XgbO
/E64MGQvnNFOZWDl2gYWzXxVC5E5F5SuKpNlM6q47kCryWx2wLTgR4V/TNUUw7a8
6F02el2feWUnZkV47MJjgIgoGyeICoqahj6jOLJZ7VozehWgtzGvzQ0W+Q1ZOCdX
ViiwEWyEwdiYA4Dw91HdNTF78icCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHrVzm
zvDYEaayn2gqphgxDmyCETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVkYzk1NDAtZTI2Ny00NDU0LWE0NDktZTY1OTMzYWY2ZjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB70Vkm7FlVXZaFqy/TUvtS9zGwVHSyiseHeS7V
qNlC3f6hKS9rhEDAigT2q7fb798g3EJiFoHrB0leMkaKgAJGZquBeBIR9kcyVK16
0hcAh2ao5Z7DhBdOfhd2oT1nEQSyt1ghjxIzKy41SjeJJogpAUjJxBQz4q1r+YV1
9Us1UTwnH1nVnTEBoZdjta1y5K4Xg1kYv5xXEXq2usTF6cVUyKSmuKLXEKZBozuB
RFB+Xt/LOpUHDKnjWivECZhp5XZarOtpiYbgLeTrsZYE1zQgD9WCN+fWk5o2HG3V
dRrK3Rv6bBLpEEsOyk1W+FPp45Y03G+qgDo5T3ggAyupsyC5
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:00:43 2026 by rpki-client