Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
File: e5179068-cbcf-4f9a-864d-3c97430c84f4.roa (raw, json)
Hash identifier: 3Vd+0yzodPlcSkEOIZ/LNnP1MVpuJxQINr7r140nRjU=
Subject key identifier: FF:80:88:75:B0:E0:76:EC:AB:99:17:09:26:93:46:69:AC:8F:4D:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76E8B8D7534A03B9F44748B12A765A3527C2BC41
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
Signing time: Sat 28 Feb 2026 06:21:22 +0000
ROA not before: Sat 28 Feb 2026 06:21:22 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:e8:b8:d7:53:4a:03:b9:f4:47:48:b1:2a:76:5a:35:27:c2:bc:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:22 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=6644ff6089733d697cfe62e3c5800969055bc1aaf23305ac7538192d0f4ccb03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:34:89:8e:4b:28:57:a0:b7:48:2b:43:3f:e9:
7a:50:7f:75:0b:5a:0c:cd:8b:95:ab:7a:a5:3a:8f:
a9:8f:55:b8:cb:55:1d:7b:43:08:08:12:50:c7:4b:
af:fe:7d:fc:ce:f4:1d:ae:52:50:7a:d7:b7:6c:07:
88:a8:f2:d7:78:3d:ba:6a:37:94:de:21:4f:3e:b6:
2c:80:30:3b:63:c3:88:9d:70:88:fa:d2:dd:ac:54:
b6:0e:63:bf:9b:84:77:02:b6:ad:35:6f:55:c7:00:
bc:d6:6a:fe:6c:d7:58:a2:c6:12:fa:80:69:2b:14:
94:9c:35:4c:1a:87:f7:56:e4:98:41:bf:a6:84:47:
b3:40:d9:52:81:5d:aa:43:9b:5a:37:96:ea:84:c7:
12:03:4d:0a:21:23:2a:b2:92:60:b5:38:02:db:35:
e2:94:0b:f8:7d:77:55:72:3b:65:7d:79:bf:f2:6a:
b0:b6:36:1d:ab:7d:6e:28:d7:29:c5:71:57:60:e9:
5b:cf:56:2b:75:9f:9b:85:58:ce:97:73:f2:9c:a8:
14:52:0a:d1:74:c0:e3:44:59:80:cf:bf:b7:07:44:
bc:3d:70:95:fb:b9:ac:9a:e4:40:cc:42:0b:d6:14:
c1:37:c1:6b:32:7a:fb:b9:5b:b7:6c:8c:33:8b:74:
96:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:80:88:75:B0:E0:76:EC:AB:99:17:09:26:93:46:69:AC:8F:4D:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/38
Signature Algorithm: sha256WithRSAEncryption
12:70:cd:7d:67:ef:bf:bf:3c:11:9c:bc:11:11:7a:66:07:3e:
a5:d8:d6:f1:dc:6f:69:c6:2e:4c:70:78:8b:99:36:a5:51:d3:
f2:99:37:81:95:25:25:c9:e3:96:49:8c:ca:f7:75:d9:99:43:
22:57:61:b5:de:4e:5e:6d:ac:d9:26:2e:81:0e:19:0f:e6:aa:
72:ea:a5:1f:29:78:a6:44:d3:a0:f0:2d:08:d8:f5:57:31:63:
87:1c:90:e5:74:d4:d5:e6:71:77:12:dc:04:c8:f1:2b:19:e4:
6e:e1:67:95:b9:e7:ae:e3:3e:9d:af:f0:2f:3e:d6:cb:0e:1f:
bd:74:cc:02:25:4d:18:b6:0c:f8:21:0e:96:3f:a9:57:39:a8:
a2:82:6c:b9:f9:e9:1b:1d:20:fe:df:05:11:56:bb:57:84:11:
b1:42:8a:fd:46:a6:01:af:3b:e9:a8:72:3e:9f:a2:4f:97:1e:
27:ad:c9:37:b3:a4:2a:ad:16:e3:63:99:fb:7b:71:63:eb:6d:
04:1a:80:0a:87:d3:8e:8d:fb:34:6b:ca:2f:f5:64:74:d4:32:
5f:21:1f:f2:77:f9:82:d5:ec:60:de:ac:8d:e9:3c:49:06:15:
80:9c:26:3f:b2:74:db:17:59:32:11:40:08:6b:3e:a4:31:69:
f3:cd:61:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdui411NKA7n0R0ixKnZaNSfCvEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMjJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2NDRmZjYwODk3MzNkNjk3Y2ZlNjJlM2M1ODAwOTY5MDU1YmMxYWFmMjMz
MDVhYzc1MzgxOTJkMGY0Y2NiMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKo0iY5LKFegt0grQz/pelB/dQtaDM2Llat6pTqPqY9VuMtVHXtDCAgSUMdL
r/59/M70Ha5SUHrXt2wHiKjy13g9umo3lN4hTz62LIAwO2PDiJ1wiPrS3axUtg5j
v5uEdwK2rTVvVccAvNZq/mzXWKLGEvqAaSsUlJw1TBqH91bkmEG/poRHs0DZUoFd
qkObWjeW6oTHEgNNCiEjKrKSYLU4Ats14pQL+H13VXI7ZX15v/JqsLY2Hat9bijX
KcVxV2DpW89WK3Wfm4VYzpdz8pyoFFIK0XTA40RZgM+/twdEvD1wlfu5rJrkQMxC
C9YUwTfBazJ6+7lbt2yMM4t0lqMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/gIh1
sOB27KuZFwkmk0ZprI9NqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUxNzkwNjgtY2JjZi00ZjlhLTg2NGQtM2M5NzQzMGM4NGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQAScM19Z++/vzwRnLwREXpmBz6l2Nbx3G9pxi5M
cHiLmTalUdPymTeBlSUlyeOWSYzK93XZmUMiV2G13k5ebazZJi6BDhkP5qpy6qUf
KXimRNOg8C0I2PVXMWOHHJDldNTV5nF3EtwEyPErGeRu4WeVueeu4z6dr/AvPtbL
Dh+9dMwCJU0Ytgz4IQ6WP6lXOaiigmy5+ekbHSD+3wURVrtXhBGxQor9RqYBrzvp
qHI+n6JPlx4nrck3s6QqrRbjY5n7e3Fj620EGoAKh9OOjfs0a8ov9WR01DJfIR/y
d/mC1exg3qyN6TxJBhWAnCY/snTbF1kyEUAIaz6kMWnzzWGB
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:38:28 2026 by rpki-client