Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
File: e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa (raw, json)
Hash identifier: SGslLxkSS9+15ScGowaE6Q3VX6Ef0jxLhFzKzpkhF6A=
Subject key identifier: 25:88:02:6E:85:34:94:3F:AA:A0:4C:47:74:D7:28:95:63:7E:A7:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E833B3A39373794B808ABE2BAB84A58FA7F70BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
Signing time: Tue 24 Feb 2026 00:40:08 +0000
ROA not before: Tue 24 Feb 2026 00:40:08 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:83:3b:3a:39:37:37:94:b8:08:ab:e2:ba:b8:4a:58:fa:7f:70:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 00:40:08 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=fb2563b099e5ad82c70638216015e49eb738c498074244ddcce24366a0bb933a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d3:c2:39:ed:ee:d9:de:af:37:69:66:3b:08:
6f:d7:ed:e0:5d:d0:64:5e:c5:80:96:86:9a:d2:71:
bf:8c:29:c6:67:1b:14:c8:0e:ec:d2:4b:d6:c0:1c:
23:d6:e4:7b:68:d4:2f:13:b6:dc:53:55:79:57:79:
23:72:a4:72:15:ba:fa:d5:7a:b3:eb:8e:a4:e5:b2:
a2:5c:fc:5f:6b:4e:54:6c:4b:46:9f:e1:3a:2a:79:
46:05:9b:fa:e5:0c:9a:16:3b:ac:20:4c:41:19:72:
04:67:10:e5:6a:fd:5f:86:2b:31:3d:94:a9:ab:b0:
02:24:07:32:a7:db:06:a3:b0:91:dd:24:58:8b:e2:
50:44:0d:d7:3c:6c:69:67:4b:1f:14:3a:fe:49:35:
c9:45:fd:e3:60:0c:8e:19:d0:8c:4b:f4:ca:73:07:
1a:b3:2d:4f:5f:a2:89:e5:9d:23:a4:94:af:5b:2f:
a5:fa:fc:71:11:9d:5c:2f:ea:2e:c5:4d:a8:d2:2f:
29:3d:58:a8:54:a0:be:26:4b:93:4b:32:74:14:7d:
c2:af:71:b0:65:7e:66:1e:22:af:64:f7:46:51:81:
f7:28:1e:15:66:22:a4:e3:d9:e1:c4:1f:ff:b0:e8:
cf:be:7c:40:b3:cb:99:f5:b7:72:f7:f0:0f:55:39:
89:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:88:02:6E:85:34:94:3F:AA:A0:4C:47:74:D7:28:95:63:7E:A7:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/40
Signature Algorithm: sha256WithRSAEncryption
c0:6f:40:56:e2:7e:8d:37:83:7c:ec:1e:03:5b:4e:1a:66:c0:
cf:61:ed:34:8f:9b:bc:a9:9c:8b:fa:1d:d4:22:b3:62:61:d3:
47:c1:98:7a:59:3e:a3:65:35:aa:d9:26:17:30:56:75:d9:18:
30:c1:d5:9c:05:c8:56:59:b8:46:0e:9a:d9:30:e9:e2:5a:7a:
be:0b:eb:c8:01:fd:42:79:8b:c5:d7:f9:53:46:1f:ab:aa:1a:
73:53:a9:2c:ae:ed:8e:d2:b3:d9:47:a7:a9:fe:45:00:e8:cc:
d7:81:66:21:2e:76:58:97:08:a5:52:93:3c:92:8b:49:69:14:
36:34:09:1d:d4:74:0f:1e:db:8a:dc:d3:1c:97:dd:d9:65:cc:
d5:97:65:f9:62:b9:45:47:69:0c:fa:9b:9a:bc:d6:1f:f0:6f:
5b:ff:83:1d:21:9a:37:57:0f:c8:97:19:94:6f:5d:88:fc:0a:
69:4c:0d:f7:01:a1:9c:13:42:7e:bd:a2:be:2f:69:a5:13:72:
ab:bd:5b:d3:5d:e2:61:05:6f:3d:2d:03:43:30:2b:80:e7:0b:
0d:26:1c:2f:4c:68:b2:73:96:db:c7:96:2a:46:8f:02:ac:9f:
88:c5:f6:1d:57:ca:53:c4:9d:71:00:a8:37:7d:84:67:9f:46:
13:98:cf:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPoM7Ojk3N5S4CKviurhKWPp/cL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwMDQwMDhaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiMjU2M2IwOTllNWFkODJjNzA2MzgyMTYwMTVlNDllYjczOGM0OTgwNzQy
NDRkZGNjZTI0MzY2YTBiYjkzM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHTwjnt7tnerzdpZjsIb9ft4F3QZF7FgJaGmtJxv4wpxmcbFMgO7NJL1sAc
I9bke2jULxO23FNVeVd5I3KkchW6+tV6s+uOpOWyolz8X2tOVGxLRp/hOip5RgWb
+uUMmhY7rCBMQRlyBGcQ5Wr9X4YrMT2UqauwAiQHMqfbBqOwkd0kWIviUEQN1zxs
aWdLHxQ6/kk1yUX942AMjhnQjEv0ynMHGrMtT1+iieWdI6SUr1svpfr8cRGdXC/q
LsVNqNIvKT1YqFSgviZLk0sydBR9wq9xsGV+Zh4ir2T3RlGB9ygeFWYipOPZ4cQf
/7Doz758QLPLmfW3cvfwD1U5iZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQliAJu
hTSUP6qgTEd01yiVY36nyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTYxNWZlYTMtMzgyNi00YzU5LTk1NzQtNzJmYjZjYzhmMmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hag
MA0GCSqGSIb3DQEBCwUAA4IBAQDAb0BW4n6NN4N87B4DW04aZsDPYe00j5u8qZyL
+h3UIrNiYdNHwZh6WT6jZTWq2SYXMFZ12RgwwdWcBchWWbhGDprZMOniWnq+C+vI
Af1CeYvF1/lTRh+rqhpzU6ksru2O0rPZR6ep/kUA6MzXgWYhLnZYlwilUpM8kotJ
aRQ2NAkd1HQPHtuK3NMcl93ZZczVl2X5YrlFR2kM+puavNYf8G9b/4MdIZo3Vw/I
lxmUb12I/AppTA33AaGcE0J+vaK+L2mlE3KrvVvTXeJhBW89LQNDMCuA5wsNJhwv
TGiyc5bbx5YqRo8CrJ+IxfYdV8pTxJ1xAKg3fYRnn0YTmM8G
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:41 2026 by rpki-client