Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
File: e584cad3-b485-48b5-a920-636e55268d8b.roa (raw, json)
Hash identifier: wnAnE/Jfjo2c6BUNUKJBzF4RwizjDsfkj55Qd4Aka3E=
Subject key identifier: 1C:F6:AC:49:BD:F2:7F:B6:62:AB:13:F0:FD:BD:E4:E0:1D:D4:8E:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F21E86493B9570D5D8DFB8166F310A45E86D565
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
Signing time: Sat 28 Feb 2026 06:11:01 +0000
ROA not before: Sat 28 Feb 2026 06:11:01 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:21:e8:64:93:b9:57:0d:5d:8d:fb:81:66:f3:10:a4:5e:86:d5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:11:01 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2fee548065055ccbf6a5ae21c59b7062e003909e2b95dfc27d448557ba15d555, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:68:53:1c:d3:ab:aa:67:e4:a2:71:71:fc:51:
96:a5:93:c0:14:be:e4:fc:2b:ff:4c:3e:29:cd:be:
93:14:d2:6e:c5:37:f2:25:fc:ac:26:d5:a3:b1:b0:
6b:16:cf:77:9a:d4:cb:ac:80:c1:69:d0:03:8f:76:
18:3a:c4:a3:6e:2d:9b:56:60:a4:77:21:1e:76:cd:
9f:fb:ed:b1:c2:f6:76:14:eb:11:59:08:e7:21:d4:
a5:a9:ff:40:9e:35:f4:25:70:ff:3c:a9:17:f8:f8:
b0:40:f7:b3:39:ae:28:34:51:dc:7e:58:d8:9f:c3:
42:6d:d0:7b:a3:91:cc:74:1b:2b:17:e3:e1:e5:04:
82:86:6f:94:1d:46:29:fd:69:26:f5:50:f9:f6:32:
22:97:b0:67:e8:c3:b5:24:95:51:25:8b:a9:5f:3a:
da:fb:2a:29:f9:fb:ec:18:7b:50:66:27:21:c2:92:
4b:f8:c8:a5:96:a5:21:a8:27:7e:e1:00:7d:fe:37:
df:f2:9d:c0:35:c5:7f:8e:b2:dc:25:0e:46:a9:88:
19:3b:e9:2f:37:4a:0c:c5:86:fd:89:bd:60:37:5a:
59:83:0c:16:b5:3e:37:0b:31:5d:32:9d:f5:f7:82:
63:d4:ee:b6:77:22:16:2b:6e:1e:24:bb:a6:2f:19:
24:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F6:AC:49:BD:F2:7F:B6:62:AB:13:F0:FD:BD:E4:E0:1D:D4:8E:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
50:f0:22:4d:85:26:4f:99:53:6c:d0:ed:de:b1:ca:0c:32:b7:
0e:00:75:a2:5a:0e:45:02:8f:18:f4:1e:87:2c:bd:f7:14:11:
19:53:d7:52:ad:e9:43:9f:d2:38:9d:c9:cd:62:01:2e:07:60:
52:22:ec:10:64:92:ad:fd:79:a9:52:98:d8:45:3f:cf:ae:1f:
53:13:26:f4:e0:2f:4e:f9:8a:13:07:25:26:fd:c9:02:fa:71:
36:16:30:48:05:bf:76:f8:f1:a4:21:65:bd:3b:c4:bc:82:0c:
a1:1b:e5:0e:38:bb:bd:96:44:cf:c7:a8:79:82:18:5f:92:24:
0c:bc:ab:74:5a:91:68:32:4d:d4:4d:92:b2:f1:c3:69:86:3f:
da:89:a0:1b:2d:b4:98:9b:5c:9a:f2:c1:fd:e3:a2:ed:eb:41:
27:6e:8c:95:e5:6f:b6:84:59:d9:88:a8:d6:df:09:c8:15:aa:
c1:4a:fd:bf:72:f2:a8:05:43:ff:4e:1a:3e:47:f0:be:40:dd:
eb:d5:2e:e3:ef:b9:68:11:df:8b:5d:22:98:f1:3c:ba:fd:d1:
d6:8c:20:fb:2a:46:7f:ae:77:33:5d:81:c6:ad:bd:c0:fb:e2:
97:f5:71:f8:c0:a5:c7:fb:7e:2b:f8:3b:6e:be:a7:d8:26:3b:
57:96:cb:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDyHoZJO5Vw1djfuBZvMQpF6G1WUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjExMDFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmZWU1NDgwNjUwNTVjY2JmNmE1YWUyMWM1OWI3MDYyZTAwMzkwOWUyYjk1
ZGZjMjdkNDQ4NTU3YmExNWQ1NTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMloUxzTq6pn5KJxcfxRlqWTwBS+5Pwr/0w+Kc2+kxTSbsU38iX8rCbVo7Gw
axbPd5rUy6yAwWnQA492GDrEo24tm1ZgpHchHnbNn/vtscL2dhTrEVkI5yHUpan/
QJ419CVw/zypF/j4sED3szmuKDRR3H5Y2J/DQm3Qe6ORzHQbKxfj4eUEgoZvlB1G
Kf1pJvVQ+fYyIpewZ+jDtSSVUSWLqV862vsqKfn77Bh7UGYnIcKSS/jIpZalIagn
fuEAff433/KdwDXFf46y3CUORqmIGTvpLzdKDMWG/Ym9YDdaWYMMFrU+NwsxXTKd
9feCY9TutnciFituHiS7pi8ZJFMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQc9qxJ
vfJ/tmKrE/D9veTgHdSOdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTU4NGNhZDMtYjQ4NS00OGI1LWE5MjAtNjM2ZTU1MjY4ZDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
wDANBgkqhkiG9w0BAQsFAAOCAQEAUPAiTYUmT5lTbNDt3rHKDDK3DgB1oloORQKP
GPQehyy99xQRGVPXUq3pQ5/SOJ3JzWIBLgdgUiLsEGSSrf15qVKY2EU/z64fUxMm
9OAvTvmKEwclJv3JAvpxNhYwSAW/dvjxpCFlvTvEvIIMoRvlDji7vZZEz8eoeYIY
X5IkDLyrdFqRaDJN1E2SsvHDaYY/2omgGy20mJtcmvLB/eOi7etBJ26MleVvtoRZ
2Yio1t8JyBWqwUr9v3LyqAVD/04aPkfwvkDd69Uu4++5aBHfi10imPE8uv3R1owg
+ypGf653M12Bxq29wPvil/Vx+MClx/t+K/g7br6n2CY7V5bL1g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:40:36 2026 by rpki-client