Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
File: e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa (raw, json)
Hash identifier: 8MsVTQnSqE3gVFmwQzObLCk8Z3snUgpvv7RbFpQ0fU0=
Subject key identifier: BA:77:EC:4F:D2:A0:99:65:89:B8:C2:2B:7C:B6:EF:54:16:3E:BF:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05045F79180789F99AEBCCFFE9BABB9BEE340E99
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
Signing time: Sat 28 Feb 2026 05:51:07 +0000
ROA not before: Sat 28 Feb 2026 05:51:07 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:04:5f:79:18:07:89:f9:9a:eb:cc:ff:e9:ba:bb:9b:ee:34:0e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:07 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=06790a1c35d217e0ad9c01ab0e9f60ca5976530358f2e12e1e68637d33e3d514, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c9:36:2a:09:07:6e:1c:d2:92:7d:65:05:b3:
0e:03:28:66:c8:86:33:3f:32:d3:b0:d2:83:f9:9c:
46:10:08:20:5b:b4:61:f9:19:a3:30:83:7c:29:0b:
6d:31:f3:4a:64:25:e8:00:89:d9:a8:42:25:1c:a3:
aa:09:2d:d5:c6:aa:7c:30:f4:5e:97:db:b8:d2:54:
30:fc:d6:55:d0:28:80:3e:e4:ea:ce:81:b9:88:0e:
59:74:71:0c:20:ef:03:d3:27:11:e8:1f:66:43:43:
97:fa:86:7a:a0:44:2c:bb:18:1e:3b:2d:61:66:22:
a1:a4:00:11:8d:3e:30:be:ab:52:95:f6:3a:2b:a6:
6a:9b:0b:48:d6:9b:fb:a9:fd:b5:b1:ae:90:cb:56:
f5:ec:e9:3b:7c:80:a8:23:d1:ec:e9:3e:1a:ef:2b:
1a:2f:bb:b3:f7:31:17:a6:0f:b9:e4:9a:a9:a9:fc:
de:6d:e2:4b:79:16:e0:65:d4:9c:01:eb:94:b6:35:
b8:cf:58:53:a3:e7:61:6d:f1:92:ff:c3:b3:3e:50:
d3:3c:fd:19:9f:fc:0f:80:2b:25:6b:32:6b:8b:40:
b8:fe:03:e7:8d:95:91:6f:e3:ad:78:7a:cd:bb:e9:
51:3e:0e:92:95:a0:4c:a0:8c:e0:08:d4:2d:8d:25:
0f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:77:EC:4F:D2:A0:99:65:89:B8:C2:2B:7C:B6:EF:54:16:3E:BF:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/35
Signature Algorithm: sha256WithRSAEncryption
8c:8e:61:fc:d0:00:a9:8d:05:c9:4e:eb:e3:f8:85:ee:6a:5c:
49:2a:07:93:50:42:5b:6a:ab:eb:25:3b:b7:6a:5b:88:5b:d2:
ed:55:82:22:b2:3d:5b:f5:66:70:97:da:a8:d5:f5:62:54:e0:
dd:04:fe:ea:59:8d:93:f7:6b:6f:17:e8:ce:06:b9:0b:cf:ee:
b7:c4:77:65:cb:4a:6d:77:c2:fe:c0:1b:33:fd:bf:77:94:3c:
98:1d:bf:3a:0d:c0:20:62:58:77:84:d1:8d:dc:66:d3:7d:a8:
83:34:eb:92:69:ca:67:60:61:95:49:dc:14:51:fb:ba:a8:14:
c8:89:6a:12:68:1b:55:5e:bb:4a:1e:6f:08:68:d2:59:bc:d2:
b1:03:dd:bb:86:42:40:7f:20:bb:a5:65:e7:3d:db:57:07:dc:
6d:65:89:61:cd:22:fa:53:20:9d:8e:05:e2:13:41:ee:8f:9c:
83:fa:1a:7e:14:88:f2:fd:6c:25:09:ca:29:24:c7:07:20:d9:
97:8a:7d:a1:10:f0:ba:91:e8:6b:c4:45:fd:aa:05:64:de:f2:
48:91:df:e2:e5:f1:0b:1b:f2:c7:47:a9:0b:c2:92:cb:94:9c:
4a:d4:af:bf:ad:46:07:f5:20:ab:ec:23:aa:60:06:e2:b8:76:
ed:28:9a:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBQRfeRgHifma68z/6bq7m+40DpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2NzkwYTFjMzVkMjE3ZTBhZDljMDFhYjBlOWY2MGNhNTk3NjUzMDM1OGYy
ZTEyZTFlNjg2MzdkMzNlM2Q1MTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOjJNioJB24c0pJ9ZQWzDgMoZsiGMz8y07DSg/mcRhAIIFu0YfkZozCDfCkL
bTHzSmQl6ACJ2ahCJRyjqgkt1caqfDD0XpfbuNJUMPzWVdAogD7k6s6BuYgOWXRx
DCDvA9MnEegfZkNDl/qGeqBELLsYHjstYWYioaQAEY0+ML6rUpX2OiumapsLSNab
+6n9tbGukMtW9ezpO3yAqCPR7Ok+Gu8rGi+7s/cxF6YPueSaqan83m3iS3kW4GXU
nAHrlLY1uM9YU6PnYW3xkv/Dsz5Q0zz9GZ/8D4ArJWsya4tAuP4D542VkW/jrXh6
zbvpUT4OkpWgTKCM4AjULY0lD+0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6d+xP
0qCZZYm4wit8tu9UFj6/aTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTA1MDQ4YzAtNzc1MS00ZWM0LWI4OTEtYTM1ODNkYmRjOWZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCMjmH80ACpjQXJTuvj+IXualxJKgeTUEJbaqvr
JTu3aluIW9LtVYIisj1b9WZwl9qo1fViVODdBP7qWY2T92tvF+jOBrkLz+63xHdl
y0ptd8L+wBsz/b93lDyYHb86DcAgYlh3hNGN3GbTfaiDNOuSacpnYGGVSdwUUfu6
qBTIiWoSaBtVXrtKHm8IaNJZvNKxA927hkJAfyC7pWXnPdtXB9xtZYlhzSL6UyCd
jgXiE0Huj5yD+hp+FIjy/WwlCcopJMcHINmXin2hEPC6kehrxEX9qgVk3vJIkd/i
5fELG/LHR6kLwpLLlJxK1K+/rUYH9SCr7COqYAbiuHbtKJoe
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:48 2026 by rpki-client