Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
File: e396d806-dffa-4609-8ae4-1e8fdbde728e.roa (raw, json)
Hash identifier: Fv6uOt7M2VjKjXCUW2yaVuFvVa5K6MRY+1Q1TjRPZdA=
Subject key identifier: 98:FA:4C:2A:F9:C9:A3:FC:18:D9:0C:95:59:11:EE:80:30:AC:6D:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7034B45341014F94A0F43C8E9D9131421A9AB249
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
Signing time: Sat 28 Feb 2026 05:40:11 +0000
ROA not before: Sat 28 Feb 2026 05:40:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:34:b4:53:41:01:4f:94:a0:f4:3c:8e:9d:91:31:42:1a:9a:b2:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7a7a2fe733fd4475bfa8ae0bef24a86fa1ec74d92c575d8a40b442bc177ff9f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:70:09:0b:de:2b:47:db:0f:c4:e5:77:69:25:
05:f5:d1:ac:e6:a5:8b:be:bd:92:eb:31:60:98:91:
07:d8:fe:c2:c6:6d:c2:d0:39:23:1d:d8:0f:25:87:
6b:37:09:b5:28:b3:ec:94:f5:4d:22:4f:af:83:bb:
65:86:4b:8e:4d:44:9d:f0:29:42:5f:54:03:2c:d8:
4c:04:b2:98:df:cf:54:52:3b:1d:60:48:d6:93:77:
2e:aa:c5:66:be:6d:49:ce:01:ab:45:a6:f7:28:92:
00:38:2e:d8:2a:f2:96:1e:de:35:9d:e3:00:ae:3f:
72:96:2f:5c:6b:7b:61:16:34:82:9c:0d:b7:ce:a9:
04:5d:42:f2:63:7f:96:5d:9c:3d:12:2d:6f:5b:f8:
3c:ea:ef:e8:8e:9e:80:14:d7:29:a6:dd:3c:c0:e5:
fe:ab:db:d2:ab:b4:64:c7:d9:b2:65:23:d1:6e:87:
79:2a:0e:8d:e4:14:6b:eb:99:c4:66:74:e0:e7:60:
ea:16:26:27:e8:9b:c9:51:f7:1c:04:bb:23:9e:3b:
4d:f0:2c:45:e0:63:c4:52:bb:fe:1a:a8:72:0c:38:
09:a7:98:ec:b2:78:df:02:8d:4b:8e:c6:81:3e:0e:
ce:a9:a8:08:9d:55:fb:43:24:a7:1c:a3:1b:62:0c:
5e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FA:4C:2A:F9:C9:A3:FC:18:D9:0C:95:59:11:EE:80:30:AC:6D:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
2c:04:e5:68:91:ea:b4:8b:02:cd:ad:0f:a8:f0:4a:b3:02:bd:
38:bc:95:57:4f:03:82:89:c2:1b:0f:fa:25:2b:b7:57:0a:1c:
be:3e:9f:a8:64:0e:29:c1:8d:6d:9b:76:b0:ee:b3:3e:e9:44:
32:6e:85:8b:b0:5f:38:0a:f4:fc:24:f7:e6:ee:0a:8a:37:37:
18:a3:19:f8:bd:72:c7:5a:c9:bf:32:82:7c:19:36:55:38:f2:
fe:9b:13:7f:d7:62:16:05:16:18:44:50:49:62:3f:f7:9b:eb:
4e:f3:fc:10:e8:c7:59:fc:a2:77:5d:98:00:41:c9:bf:ef:40:
46:74:3f:ce:1c:eb:98:e3:da:55:c8:12:d7:be:9a:8d:7f:1c:
1e:19:fe:ae:a4:15:6d:00:43:5e:5f:ca:d4:ef:48:05:ac:30:
dd:78:47:6d:84:39:62:82:b4:12:0d:49:00:8c:d4:80:4c:40:
58:e0:e7:38:6c:d4:82:dc:36:a8:6b:d5:de:9c:e6:28:88:94:
1c:be:7a:f2:e0:52:31:ea:bf:2e:e8:6b:8a:04:d6:26:8b:7e:
be:fd:0b:b0:c3:73:a8:fa:72:ec:00:81:ff:ef:56:46:24:91:
f2:88:a5:14:a2:ca:0f:ac:1c:4b:b9:43:16:b3:b2:79:07:36:
ab:8b:6c:0e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcDS0U0EBT5Sg9DyOnZExQhqaskkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhN2EyZmU3MzNmZDQ0NzViZmE4YWUwYmVmMjRhODZmYTFlYzc0ZDkyYzU3
NWQ4YTQwYjQ0MmJjMTc3ZmY5ZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhwCQveK0fbD8Tld2klBfXRrOali769kusxYJiRB9j+wsZtwtA5Ix3YDyWH
azcJtSiz7JT1TSJPr4O7ZYZLjk1EnfApQl9UAyzYTASymN/PVFI7HWBI1pN3LqrF
Zr5tSc4Bq0Wm9yiSADgu2Crylh7eNZ3jAK4/cpYvXGt7YRY0gpwNt86pBF1C8mN/
ll2cPRItb1v4POrv6I6egBTXKabdPMDl/qvb0qu0ZMfZsmUj0W6HeSoOjeQUa+uZ
xGZ04Odg6hYmJ+ibyVH3HAS7I547TfAsReBjxFK7/hqocgw4CaeY7LJ43wKNS47G
gT4OzqmoCJ1V+0MkpxyjG2IMXg0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSY+kwq
+cmj/BjZDJVZEe6AMKxtyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTM5NmQ4MDYtZGZmYS00NjA5LThhZTQtMWU4ZmRiZGU3MjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
wDANBgkqhkiG9w0BAQsFAAOCAQEALATlaJHqtIsCza0PqPBKswK9OLyVV08DgonC
Gw/6JSu3Vwocvj6fqGQOKcGNbZt2sO6zPulEMm6Fi7BfOAr0/CT35u4Kijc3GKMZ
+L1yx1rJvzKCfBk2VTjy/psTf9diFgUWGERQSWI/95vrTvP8EOjHWfyid12YAEHJ
v+9ARnQ/zhzrmOPaVcgS176ajX8cHhn+rqQVbQBDXl/K1O9IBaww3XhHbYQ5YoK0
Eg1JAIzUgExAWODnOGzUgtw2qGvV3pzmKIiUHL568uBSMeq/LuhrigTWJot+vv0L
sMNzqPpy7ACB/+9WRiSR8oilFKLKD6wcS7lDFrOyeQc2q4tsDg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:03 2026 by rpki-client