Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
File: e69b1519-f345-43aa-8c6b-cd786ee13404.roa (raw, json)
Hash identifier: rrRMwPLfyR3fFuaWmKYawywXtFFhD5e+EYAzxi9RKA0=
Subject key identifier: 8E:63:F5:D4:9A:E8:24:18:EE:24:1E:03:FE:11:C9:24:C1:B7:F8:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 243364AB40D491BAF8073AA1C28DB33EE3B80C97
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
Signing time: Sat 28 Feb 2026 06:00:40 +0000
ROA not before: Sat 28 Feb 2026 06:00:40 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:33:64:ab:40:d4:91:ba:f8:07:3a:a1:c2:8d:b3:3e:e3:b8:0c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:40 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=598eec94460951ff72305662962b62586086c20e80ad9c81eb20a9399ffa160c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7a:82:41:d9:07:b2:d1:6b:63:f5:22:51:c1:
de:b9:b9:28:46:ff:17:b0:cb:c4:2e:99:0c:23:c7:
d4:56:72:b9:fc:67:67:c4:54:c0:83:88:b9:a6:60:
1c:f0:6e:dc:c5:d4:9d:54:a6:1d:33:f7:bd:bd:0b:
8a:0a:99:18:5c:43:8f:c1:f6:26:42:7a:0e:30:23:
93:67:0a:d8:12:12:3b:84:66:24:81:ec:ad:7f:0d:
eb:3f:6e:17:8a:aa:0e:05:e8:11:9a:d2:2f:d1:d1:
1f:b3:9a:85:09:8e:14:43:38:85:cb:8a:37:47:8c:
5d:97:75:e5:87:d3:b2:67:d6:40:91:41:49:6c:a8:
4b:77:8b:62:a2:e1:ca:13:e4:eb:88:fe:49:67:0f:
49:34:5a:e3:07:8a:65:35:f0:f4:09:c6:cb:36:dd:
44:82:61:d6:5f:8f:20:91:ce:86:82:19:a3:04:a7:
20:53:e1:bb:48:e0:8e:80:e5:bd:23:1e:29:e7:4b:
d8:fb:51:ed:18:8f:a5:25:f8:78:c8:a5:74:f5:14:
49:b6:a4:1e:6b:ed:7e:69:99:fa:ae:a1:59:a9:9d:
15:88:22:f1:fc:22:4d:2b:c9:2e:de:3d:c8:54:06:
d6:d2:1d:d3:4a:61:18:89:a2:11:2a:2e:0d:3a:4e:
d5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:63:F5:D4:9A:E8:24:18:EE:24:1E:03:FE:11:C9:24:C1:B7:F8:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:5000::/40
Signature Algorithm: sha256WithRSAEncryption
70:32:b4:06:e8:d2:08:a6:67:98:0f:eb:d7:79:9b:3a:bc:41:
1b:8e:1c:8d:aa:df:2f:ff:88:4f:fc:31:22:6a:36:c7:60:e0:
11:48:54:2c:af:3c:c8:4e:80:96:bb:b9:b9:1b:41:58:43:4f:
fa:82:2c:3b:94:41:26:c9:aa:e9:c9:47:6d:45:99:48:c3:4c:
c4:26:ff:7d:b5:ca:e8:e1:18:da:f7:f9:df:b7:4a:3c:fc:13:
72:bb:78:28:46:84:aa:46:4c:e9:36:34:ca:91:d8:a5:19:e0:
d8:20:f2:da:22:aa:98:41:a5:20:59:f1:0f:cc:43:82:c8:3c:
37:29:ef:6b:73:99:9a:80:2e:2a:21:d9:96:ae:09:40:fd:f7:
d2:59:38:23:29:39:53:4b:03:aa:d3:76:f3:d9:bd:ec:cc:4e:
03:c8:f2:e2:4a:3e:48:a5:4d:8f:b3:e4:94:18:cd:04:c0:3a:
83:e2:d2:ca:0d:be:fc:2b:59:9d:d6:fb:a3:7b:49:23:6d:d6:
87:42:d4:9c:13:68:15:13:60:f7:d6:6e:76:66:8c:29:e1:d7:
ab:5b:ff:d7:30:11:6a:5d:ac:d6:0c:b9:c5:81:34:f4:aa:1b:
d4:02:50:78:bc:0e:fb:7b:7f:b3:29:50:b3:6b:3b:c8:2b:ee:
83:23:ec:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJDNkq0DUkbr4Bzqhwo2zPuO4DJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNDBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5OGVlYzk0NDYwOTUxZmY3MjMwNTY2Mjk2MmI2MjU4NjA4NmMyMGU4MGFk
OWM4MWViMjBhOTM5OWZmYTE2MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMB6gkHZB7LRa2P1IlHB3rm5KEb/F7DLxC6ZDCPH1FZyufxnZ8RUwIOIuaZg
HPBu3MXUnVSmHTP3vb0LigqZGFxDj8H2JkJ6DjAjk2cK2BISO4RmJIHsrX8N6z9u
F4qqDgXoEZrSL9HRH7OahQmOFEM4hcuKN0eMXZd15YfTsmfWQJFBSWyoS3eLYqLh
yhPk64j+SWcPSTRa4weKZTXw9AnGyzbdRIJh1l+PIJHOhoIZowSnIFPhu0jgjoDl
vSMeKedL2PtR7RiPpSX4eMildPUUSbakHmvtfmmZ+q6hWamdFYgi8fwiTSvJLt49
yFQG1tId00phGImiESouDTpO1ZMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOY/XU
mugkGO4kHgP+Eckkwbf4vjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTY5YjE1MTktZjM0NS00M2FhLThjNmItY2Q3ODZlZTEzNDA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBwMrQG6NIIpmeYD+vXeZs6vEEbjhyNqt8v/4hP
/DEiajbHYOARSFQsrzzIToCWu7m5G0FYQ0/6giw7lEEmyarpyUdtRZlIw0zEJv99
tcro4Rja9/nft0o8/BNyu3goRoSqRkzpNjTKkdilGeDYIPLaIqqYQaUgWfEPzEOC
yDw3Ke9rc5magC4qIdmWrglA/ffSWTgjKTlTSwOq03bz2b3szE4DyPLiSj5IpU2P
s+SUGM0EwDqD4tLKDb78K1md1vuje0kjbdaHQtScE2gVE2D31m52Zowp4derW//X
MBFqXazWDLnFgTT0qhvUAlB4vA77e3+zKVCzazvIK+6DI+yH
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:48:50 2026 by rpki-client