Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
File: e437969a-a36c-4417-88bd-c48ac88d9a5c.roa (raw, json)
Hash identifier: e3H4ZUKwl5Fkjv6I2R1McJ5JpG44aJ7e/M/FvI6U60Y=
Subject key identifier: 4E:0E:F7:5D:11:8D:27:FF:2E:03:B9:07:F0:5C:BE:3C:A0:1B:C7:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BCBBB54DBFD687BEB2DA7B7CEEBFEBF58670D4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
Signing time: Sat 28 Feb 2026 06:10:28 +0000
ROA not before: Sat 28 Feb 2026 06:10:28 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:cb:bb:54:db:fd:68:7b:eb:2d:a7:b7:ce:eb:fe:bf:58:67:0d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:28 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=8984f9948ab859a0a2e5da92cf3fe826b4ea58746d40edb3f19ebf947aa5b73f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4c:61:a1:c6:70:aa:07:ec:70:70:1a:f0:53:
67:42:7b:fe:7d:5b:2e:4a:08:38:6d:e6:0a:7b:e6:
55:bc:87:8b:cb:a0:ca:12:17:09:48:5c:20:44:3e:
fa:f8:3b:d4:35:d8:72:c7:c6:25:76:bb:84:be:09:
ef:de:1c:3c:c0:73:84:a3:84:c1:ac:f0:de:d2:94:
0e:74:c6:5d:05:46:75:0b:0f:2f:b7:ba:27:98:83:
4d:5f:6b:4e:50:62:3a:8d:2c:83:82:c0:84:6a:b9:
70:bd:1b:86:7c:37:5b:21:8d:54:76:91:2e:a2:36:
d4:53:66:d4:3c:ad:7e:fa:f3:6f:58:33:26:ba:a3:
d1:94:65:0c:2d:d2:c4:01:73:d8:8e:19:e1:3a:16:
fb:0d:53:68:ad:5b:01:b9:e8:b1:15:1a:df:08:f2:
7d:98:f2:d5:db:92:29:2f:02:41:5f:49:5e:90:41:
9c:b5:76:75:42:51:02:60:03:3d:31:1d:34:11:d0:
91:c0:86:b8:d8:02:73:f0:2c:3f:63:43:33:57:94:
ec:93:29:b0:43:ec:17:2c:df:f6:56:06:b6:d4:91:
c2:c1:09:fe:56:34:e1:68:c0:08:d5:88:9a:8b:aa:
5c:12:25:47:5d:9c:ab:cc:c2:41:25:e4:aa:8f:d8:
34:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:0E:F7:5D:11:8D:27:FF:2E:03:B9:07:F0:5C:BE:3C:A0:1B:C7:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b080::/48
Signature Algorithm: sha256WithRSAEncryption
c7:27:8a:32:35:99:19:83:b0:34:ee:08:de:05:d3:f5:c3:55:
07:b4:d9:aa:09:8d:b7:c5:02:81:8f:7e:5c:bd:20:5b:8b:4d:
26:d6:80:00:95:38:10:df:86:d1:35:c6:f0:d7:fa:90:48:ed:
64:50:b8:33:c8:3e:d0:9f:86:c3:63:23:c3:bc:21:3f:6d:6b:
c9:fd:1f:01:3d:c9:7c:c0:d8:10:23:e1:16:e3:f7:4d:83:86:
a4:7d:f9:bc:86:b2:da:c3:39:c7:ec:7b:2c:a1:78:a6:c8:e3:
14:f2:fe:d0:aa:04:73:03:ed:7a:20:f4:32:f7:eb:af:9f:73:
33:a1:df:8a:3f:8b:e5:21:5e:1c:a8:7d:96:f0:fd:03:53:7b:
a1:84:22:6f:37:00:8c:94:4e:d8:91:c1:5f:24:bb:f0:5d:81:
d9:af:2a:56:f3:d9:94:e6:82:62:09:8e:cd:34:5a:c2:c3:89:
a5:e5:89:89:7e:df:a8:ee:3a:81:25:b9:b2:6d:fe:d5:f8:50:
20:fe:55:7b:99:95:3f:f5:6e:6d:54:cf:c4:e8:f0:d5:1a:3e:
0a:fc:e3:d8:ff:41:87:7f:55:c5:73:d6:57:13:a4:bc:84:1b:
2e:36:59:c8:19:5f:f5:bf:d9:1e:ef:39:c2:ad:e6:e4:ef:e4:
e7:29:f1:df
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe8u7VNv9aHvrLae3zuv+v1hnDUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMjhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5ODRmOTk0OGFiODU5YTBhMmU1ZGE5MmNmM2ZlODI2YjRlYTU4NzQ2ZDQw
ZWRiM2YxOWViZjk0N2FhNWI3M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBMYaHGcKoH7HBwGvBTZ0J7/n1bLkoIOG3mCnvmVbyHi8ugyhIXCUhcIEQ+
+vg71DXYcsfGJXa7hL4J794cPMBzhKOEwazw3tKUDnTGXQVGdQsPL7e6J5iDTV9r
TlBiOo0sg4LAhGq5cL0bhnw3WyGNVHaRLqI21FNm1Dytfvrzb1gzJrqj0ZRlDC3S
xAFz2I4Z4ToW+w1TaK1bAbnosRUa3wjyfZjy1duSKS8CQV9JXpBBnLV2dUJRAmAD
PTEdNBHQkcCGuNgCc/AsP2NDM1eU7JMpsEPsFyzf9lYGttSRwsEJ/lY04WjACNWI
mouqXBIlR12cq8zCQSXkqo/YNE0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRODvdd
EY0n/y4DuQfwXL48oBvHWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTQzNzk2OWEtYTM2Yy00NDE3LTg4YmQtYzQ4YWM4OGQ5YTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Diw
gDANBgkqhkiG9w0BAQsFAAOCAQEAxyeKMjWZGYOwNO4I3gXT9cNVB7TZqgmNt8UC
gY9+XL0gW4tNJtaAAJU4EN+G0TXG8Nf6kEjtZFC4M8g+0J+Gw2Mjw7whP21ryf0f
AT3JfMDYECPhFuP3TYOGpH35vIay2sM5x+x7LKF4psjjFPL+0KoEcwPteiD0Mvfr
r59zM6Hfij+L5SFeHKh9lvD9A1N7oYQibzcAjJRO2JHBXyS78F2B2a8qVvPZlOaC
YgmOzTRawsOJpeWJiX7fqO46gSW5sm3+1fhQIP5Ve5mVP/VubVTPxOjw1Ro+Cvzj
2P9Bh39VxXPWVxOkvIQbLjZZyBlf9b/ZHu85wq3m5O/k5ynx3w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:55:05 2026 by rpki-client