Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
File: e20afb98-f3fb-45c2-9398-65129b8874f0.roa (raw, json)
Hash identifier: g5CjA786ZQ92RzzH9X+POOLIIpcSxFIlfXPOXcdyJxU=
Subject key identifier: AA:EB:FA:68:9D:BD:CD:1C:DF:0B:7C:31:97:85:E4:73:BB:2A:0B:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0516342477ED09822572EF797F2DD3032503DCD5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
Signing time: Sat 28 Feb 2026 05:31:31 +0000
ROA not before: Sat 28 Feb 2026 05:31:31 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:16:34:24:77:ed:09:82:25:72:ef:79:7f:2d:d3:03:25:03:dc:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:31 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=748b1c45ab4ed10f1334839805eb01bd178f0558fcd4ff5d976affb0a0fcbae8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2c:21:24:2e:6d:c5:18:e9:75:4f:39:d3:26:
c6:d5:0e:c0:b1:c2:5e:89:ee:3e:17:f6:b3:6c:9f:
18:79:55:05:ed:7c:a5:47:28:d6:a9:2c:4e:fe:4a:
6e:0a:56:30:67:12:60:96:d1:81:4e:90:11:a3:e9:
91:4a:81:b0:0f:cf:f9:00:1b:ee:04:e0:04:32:05:
c7:77:bc:22:0f:70:d4:47:3d:36:09:db:5a:da:a1:
5c:5f:1d:d1:b0:31:7c:f0:3c:b3:97:5b:50:fc:70:
cc:33:5d:3b:fa:c3:b5:23:7e:83:6c:85:f7:80:6c:
a4:5d:5e:cb:d5:e3:b9:75:73:41:81:3c:4f:e0:80:
a2:61:07:fd:3f:3f:b5:80:f0:fa:63:49:66:87:6a:
26:47:5e:a0:dc:97:ea:25:a5:b6:2c:1f:90:e9:20:
e5:ad:c5:13:ad:65:ef:1c:5a:34:3e:41:99:a4:95:
85:fa:2c:df:da:ce:8e:cb:e8:b1:03:6d:a6:ac:4e:
3d:88:aa:0b:e1:a5:a6:20:20:fb:c8:ad:a7:8a:cd:
25:f7:b7:2b:2d:4a:b4:2d:b5:db:42:03:83:f3:15:
6f:0a:33:8c:02:03:06:d7:c6:e7:e2:3b:2f:e9:c8:
e7:7e:80:0f:d4:5e:e5:41:7c:10:2d:9e:80:de:f1:
ad:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:EB:FA:68:9D:BD:CD:1C:DF:0B:7C:31:97:85:E4:73:BB:2A:0B:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
3b:bf:21:04:0f:96:3f:10:1d:e8:cb:f6:44:ce:1d:9e:8d:9b:
9c:e4:55:90:a9:af:c4:0d:50:35:fe:a1:38:db:95:4d:5e:53:
f2:94:ae:5b:d6:cd:26:f2:6c:cb:45:71:86:c5:88:ce:42:47:
7d:e7:f6:54:7a:1a:77:7d:05:1e:18:2f:d8:15:73:76:35:14:
a9:ee:49:3d:b8:5a:be:a6:1c:75:50:84:ae:fd:d7:e6:24:74:
55:0d:f8:fc:ba:48:e2:8d:b1:e8:a4:6d:9c:39:e0:2f:4f:21:
14:c5:fc:fb:9c:8c:6c:bf:3c:5f:48:f5:7d:50:5e:38:0a:7f:
a3:89:b3:56:e3:9c:17:df:47:f8:9b:5d:1f:8f:85:e1:cf:11:
39:ca:9c:d8:08:63:47:48:9e:f3:f9:d4:9b:04:31:92:3f:09:
b9:76:76:f1:ae:c1:41:6b:18:03:3b:80:9c:71:ec:c4:b1:87:
19:6d:8e:ab:0d:c2:3a:81:19:10:36:59:26:35:d7:9b:08:60:
15:cc:27:5f:80:84:34:7b:ee:e4:8a:e1:70:29:b7:68:2f:79:
ab:27:d0:95:29:78:e6:d5:d2:1c:f7:ce:ad:fe:bd:36:63:a6:
69:c0:11:7a:11:f5:02:12:3e:a5:81:51:6e:79:2b:d9:f4:fe:
d8:fe:f8:4f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBRY0JHftCYIlcu95fy3TAyUD3NUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMzFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0OGIxYzQ1YWI0ZWQxMGYxMzM0ODM5ODA1ZWIwMWJkMTc4ZjA1NThmY2Q0
ZmY1ZDk3NmFmZmIwYTBmY2JhZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQsISQubcUY6XVPOdMmxtUOwLHCXonuPhf2s2yfGHlVBe18pUco1qksTv5K
bgpWMGcSYJbRgU6QEaPpkUqBsA/P+QAb7gTgBDIFx3e8Ig9w1Ec9NgnbWtqhXF8d
0bAxfPA8s5dbUPxwzDNdO/rDtSN+g2yF94BspF1ey9XjuXVzQYE8T+CAomEH/T8/
tYDw+mNJZodqJkdeoNyX6iWltiwfkOkg5a3FE61l7xxaND5BmaSVhfos39rOjsvo
sQNtpqxOPYiqC+GlpiAg+8itp4rNJfe3Ky1KtC2120IDg/MVbwozjAIDBtfG5+I7
L+nI536AD9Re5UF8EC2egN7xrX0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSq6/po
nb3NHN8LfDGXheRzuyoLBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIwYWZiOTgtZjNmYi00NWMyLTkzOTgtNjUxMjliODg3NGYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
wDANBgkqhkiG9w0BAQsFAAOCAQEAO78hBA+WPxAd6Mv2RM4dno2bnORVkKmvxA1Q
Nf6hONuVTV5T8pSuW9bNJvJsy0VxhsWIzkJHfef2VHoad30FHhgv2BVzdjUUqe5J
PbhavqYcdVCErv3X5iR0VQ34/LpI4o2x6KRtnDngL08hFMX8+5yMbL88X0j1fVBe
OAp/o4mzVuOcF99H+JtdH4+F4c8ROcqc2AhjR0ie8/nUmwQxkj8JuXZ28a7BQWsY
AzuAnHHsxLGHGW2Oqw3COoEZEDZZJjXXmwhgFcwnX4CENHvu5IrhcCm3aC95qyfQ
lSl45tXSHPfOrf69NmOmacARehH1AhI+pYFRbnkr2fT+2P74Tw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:48:40 2026 by rpki-client