Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
File: e234d9fb-5639-4264-99c1-35b39c1e56b5.roa (raw, json)
Hash identifier: g4MhCKYJUuvILp6bjV36lKeBNgFWabbuHUXq76ruvHU=
Subject key identifier: 88:7A:6B:07:21:2D:33:32:34:6B:20:6D:E1:2B:16:C4:1C:23:28:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CEC77C23688538AE1E49F6D80C82FEA37762172
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
Signing time: Sat 28 Feb 2026 05:41:09 +0000
ROA not before: Sat 28 Feb 2026 05:41:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:ec:77:c2:36:88:53:8a:e1:e4:9f:6d:80:c8:2f:ea:37:76:21:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=dac72228d6151bedefbf028bf3a942c739f5bd9fd03fab7c4cca928e4f41db4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d6:eb:76:a1:f7:5b:96:e3:7f:45:83:6d:48:
56:67:9b:63:9e:14:84:7c:fd:bb:23:64:f7:3d:21:
5e:15:87:e7:f9:2b:6a:fe:7e:ec:75:a8:4e:b0:81:
dc:37:9e:01:cf:1e:1b:97:62:57:ee:e7:25:08:59:
4d:a0:1c:9a:a6:33:0b:75:d2:4f:f3:e0:e6:36:9c:
b9:8c:39:50:6e:b8:f7:9b:e8:5a:33:8e:31:4d:11:
dc:d0:2d:ae:ca:d8:8f:7f:ff:13:4b:4e:ae:a1:de:
7b:31:7e:df:2b:8c:0d:e1:18:da:78:29:f2:dc:36:
47:a6:71:6c:86:4c:c1:8e:a6:ba:90:0d:49:b7:39:
15:cf:02:ee:69:e2:4c:22:17:ac:95:4e:dc:7e:b5:
52:93:7d:49:44:f2:47:e2:2a:8a:f7:c9:c1:da:08:
3b:70:4c:3a:2d:46:6f:e5:ea:d5:20:80:46:48:2a:
e4:b6:0a:55:31:5a:2d:71:cc:ef:81:21:0b:0a:c4:
f0:29:48:aa:ef:8c:53:ba:95:4a:ab:d8:d7:8a:dc:
3a:19:a6:de:da:1e:1d:72:00:00:85:8d:c5:9c:0e:
69:9f:c9:42:51:28:7e:9d:0e:d9:8e:88:b3:91:45:
f9:24:9a:e4:d3:14:09:8f:3f:c4:7e:a4:1a:80:cd:
ea:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7A:6B:07:21:2D:33:32:34:6B:20:6D:E1:2B:16:C4:1C:23:28:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
23:e3:0b:f4:ea:b6:60:7f:0e:12:77:81:5d:19:da:a1:da:16:
ba:d6:a2:42:48:f4:52:56:69:7b:cb:40:14:a5:5f:d0:b9:f2:
72:7c:68:61:8e:92:22:7b:3b:f8:66:f2:e0:88:23:15:d2:0b:
6c:fa:84:e8:65:2c:19:9e:69:97:4c:1e:80:95:47:ee:85:c4:
fc:5e:3d:e2:41:0b:74:72:d4:a5:50:75:4c:93:fe:5a:ea:73:
3c:eb:c0:c9:c4:25:da:c4:82:83:5c:27:88:59:64:4c:ba:48:
20:ce:cb:cd:3a:00:7f:64:3c:23:0e:a4:5b:e0:18:50:1c:23:
67:8a:e3:d7:ae:d4:af:28:71:04:95:6b:55:b7:25:93:c3:1f:
c5:eb:dc:d1:6c:a5:1a:0e:1f:04:d0:23:a2:48:30:46:c3:73:
f8:bc:8b:c9:9d:e3:e1:45:64:4c:ec:70:45:74:8f:c4:f3:63:
a1:27:e8:ed:94:25:51:ee:36:64:bb:cf:c5:73:ec:17:60:82:
6c:33:07:40:35:8f:b1:30:75:f3:82:e7:28:0c:a9:f7:62:44:
47:d6:88:94:78:08:65:bf:a1:e1:ae:0a:ab:bc:b5:1f:b3:47:
93:39:9b:a9:94:8b:b7:f5:38:78:b5:e0:b0:9d:13:9c:c6:a3:
b1:32:a7:8a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXOx3wjaIU4rh5J9tgMgv6jd2IXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhYzcyMjI4ZDYxNTFiZWRlZmJmMDI4YmYzYTk0MmM3MzlmNWJkOWZkMDNm
YWI3YzRjY2E5MjhlNGY0MWRiNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTW63ah91uW439Fg21IVmebY54UhHz9uyNk9z0hXhWH5/krav5+7HWoTrCB
3DeeAc8eG5diV+7nJQhZTaAcmqYzC3XST/Pg5jacuYw5UG6495voWjOOMU0R3NAt
rsrYj3//E0tOrqHeezF+3yuMDeEY2ngp8tw2R6ZxbIZMwY6mupANSbc5Fc8C7mni
TCIXrJVO3H61UpN9SUTyR+IqivfJwdoIO3BMOi1Gb+Xq1SCARkgq5LYKVTFaLXHM
74EhCwrE8ClIqu+MU7qVSqvY14rcOhmm3toeHXIAAIWNxZwOaZ/JQlEofp0O2Y6I
s5FF+SSa5NMUCY8/xH6kGoDN6skCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSIemsH
IS0zMjRrIG3hKxbEHCMopDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIzNGQ5ZmItNTYzOS00MjY0LTk5YzEtMzViMzljMWU1NmI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g
MA0GCSqGSIb3DQEBCwUAA4IBAQAj4wv06rZgfw4Sd4FdGdqh2ha61qJCSPRSVml7
y0AUpV/QufJyfGhhjpIiezv4ZvLgiCMV0gts+oToZSwZnmmXTB6AlUfuhcT8Xj3i
QQt0ctSlUHVMk/5a6nM868DJxCXaxIKDXCeIWWRMukggzsvNOgB/ZDwjDqRb4BhQ
HCNniuPXrtSvKHEElWtVtyWTwx/F69zRbKUaDh8E0COiSDBGw3P4vIvJnePhRWRM
7HBFdI/E82OhJ+jtlCVR7jZku8/Fc+wXYIJsMwdANY+xMHXzgucoDKn3YkRH1oiU
eAhlv6HhrgqrvLUfs0eTOZuplIu39Th4teCwnROcxqOxMqeK
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:56 2026 by rpki-client