Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
File: e2212154-4339-4293-b1a8-15f06519a708.roa (raw, json)
Hash identifier: EDjqpEPIT8HulGgV+l89UYx77yAh1AJbJcY86AA64CE=
Subject key identifier: 35:49:25:FE:05:90:5B:3B:CE:48:DD:3C:95:51:C2:D8:96:EC:DE:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1982C5271EB31B96FAC15902195583F54C38787B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
Signing time: Sat 28 Feb 2026 05:10:30 +0000
ROA not before: Sat 28 Feb 2026 05:10:30 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:82:c5:27:1e:b3:1b:96:fa:c1:59:02:19:55:83:f5:4c:38:78:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:30 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5034553ee7ff8c7aad2384398ac65718b55adfdbc5026f665cc5fffe43f9d5dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:df:55:17:2a:da:db:06:37:06:72:2e:8a:d7:
59:7b:6e:e3:c5:8a:75:b9:bd:c2:37:8c:ec:ee:b1:
14:fd:00:39:fa:47:cd:8e:ce:82:c1:7f:6b:b2:97:
69:d1:b6:4d:60:33:eb:d6:d9:b8:58:b3:fd:70:68:
76:ea:db:64:9e:20:ee:d1:57:8c:0c:ff:e6:72:db:
0b:04:76:1b:a0:a5:f6:0a:0f:1c:cb:66:fe:d7:2c:
f0:5f:a0:af:cd:6d:0e:7a:78:c7:bf:50:63:04:aa:
2f:ac:0f:2a:ba:83:68:86:65:6c:e8:44:3b:f2:e6:
7c:b4:97:2e:37:cb:b3:8d:49:1d:de:a5:ae:81:b8:
e5:bf:34:3e:d8:51:06:81:0c:23:97:e1:1f:71:75:
c9:06:43:49:7d:41:00:6e:4a:ab:25:12:c1:69:1f:
45:fe:f4:9f:e0:7a:3c:92:cb:9f:0b:f5:ee:1c:2a:
65:dc:a3:ff:45:23:d8:b2:a3:24:7c:46:47:d7:87:
89:47:fa:fe:53:ac:55:21:11:ca:66:0c:0a:36:cc:
19:f8:0e:7f:ac:50:eb:ff:69:5e:65:f3:f9:9b:3a:
99:e1:e0:46:f9:99:f2:71:31:50:61:54:de:79:dc:
2d:3f:e2:2f:f4:44:d0:d3:b9:11:c7:6d:9e:26:ec:
97:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:49:25:FE:05:90:5B:3B:CE:48:DD:3C:95:51:C2:D8:96:EC:DE:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:09:dc:c9:8f:c3:90:05:71:c5:c7:df:bb:0f:50:9a:a1:77:
c4:2b:61:33:2e:3c:ce:b5:02:28:4e:7e:5e:00:80:7c:bf:b0:
cc:7b:07:77:c3:0c:3d:5d:fb:de:1a:16:eb:6f:55:2b:87:cd:
c0:65:89:ac:11:73:41:30:cb:d0:a4:ca:38:d8:90:29:b1:08:
d1:5f:1c:9a:82:f4:d6:9e:a8:44:5f:34:30:61:e0:1d:71:81:
9c:8a:ab:2a:be:51:2b:dd:58:34:ba:1a:22:12:58:b6:c7:a2:
98:9a:31:27:c2:d4:2b:0c:f1:b0:c1:ca:2e:0c:57:12:28:fe:
a8:5c:25:e5:b9:f8:9a:de:29:41:c5:a7:ac:c1:36:4b:6f:b0:
a6:71:24:0f:14:0c:8e:2e:81:0c:a9:5a:16:1f:6c:4c:d1:84:
38:47:37:a3:52:f7:32:e3:aa:71:c7:2b:0b:a0:72:cd:82:d3:
fc:db:a1:c5:9d:88:4e:9d:70:70:86:2d:e9:d5:d4:0f:70:3a:
67:6d:61:4c:62:58:6b:16:9d:47:c0:56:c0:cf:9c:bc:9b:90:
56:57:d2:8e:31:96:13:69:e0:6d:2a:9b:d2:0a:aa:5f:38:3d:
55:83:2e:ae:64:76:1c:72:2a:3a:72:01:3f:5c:22:3e:b6:f3:
e2:89:13:c1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGYLFJx6zG5b6wVkCGVWD9Uw4eHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMzBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwMzQ1NTNlZTdmZjhjN2FhZDIzODQzOThhYzY1NzE4YjU1YWRmZGJjNTAy
NmY2NjVjYzVmZmZlNDNmOWQ1ZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJLfVRcq2tsGNwZyLorXWXtu48WKdbm9wjeM7O6xFP0AOfpHzY7OgsF/a7KX
adG2TWAz69bZuFiz/XBodurbZJ4g7tFXjAz/5nLbCwR2G6Cl9goPHMtm/tcs8F+g
r81tDnp4x79QYwSqL6wPKrqDaIZlbOhEO/LmfLSXLjfLs41JHd6lroG45b80PthR
BoEMI5fhH3F1yQZDSX1BAG5KqyUSwWkfRf70n+B6PJLLnwv17hwqZdyj/0Uj2LKj
JHxGR9eHiUf6/lOsVSERymYMCjbMGfgOf6xQ6/9pXmXz+Zs6meHgRvmZ8nExUGFU
3nncLT/iL/RE0NO5EcdtnibslxcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1SSX+
BZBbO85I3TyVUcLYluzebzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIyMTIxNTQtNDMzOS00MjkzLWIxYTgtMTVmMDY1MTlhNzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g
MA0GCSqGSIb3DQEBCwUAA4IBAQAMCdzJj8OQBXHFx9+7D1CaoXfEK2EzLjzOtQIo
Tn5eAIB8v7DMewd3www9XfveGhbrb1Urh83AZYmsEXNBMMvQpMo42JApsQjRXxya
gvTWnqhEXzQwYeAdcYGciqsqvlEr3Vg0uhoiEli2x6KYmjEnwtQrDPGwwcouDFcS
KP6oXCXlufia3ilBxaeswTZLb7CmcSQPFAyOLoEMqVoWH2xM0YQ4RzejUvcy46px
xysLoHLNgtP826HFnYhOnXBwhi3p1dQPcDpnbWFMYlhrFp1HwFbAz5y8m5BWV9KO
MZYTaeBtKpvSCqpfOD1Vgy6uZHYccio6cgE/XCI+tvPiiRPB
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:38:53 2026 by rpki-client