Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
File: e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa (raw, json)
Hash identifier: fFzjKghLJu/e5/KvXpD8ooMlHOTx1fHY/NSOUQ25Rk8=
Subject key identifier: 0F:7B:A9:5E:32:E6:B2:3D:23:01:16:95:8D:35:B9:15:13:0F:F2:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FE6BBB34B6271C2F94705CCFFBB6F00006D76BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
Signing time: Sat 28 Feb 2026 05:41:08 +0000
ROA not before: Sat 28 Feb 2026 05:41:08 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:e6:bb:b3:4b:62:71:c2:f9:47:05:cc:ff:bb:6f:00:00:6d:76:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:08 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1401601f9658a3f41d0c00f513c1d9ba9f8adc950e97f839af42decaadec1f76, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:77:32:3b:9f:0a:cf:29:b3:c0:d4:6f:1a:b4:
f5:ac:01:ba:0d:55:7c:bb:7d:4a:ee:6f:c4:4d:4d:
e9:4b:89:fe:83:db:36:82:7c:de:74:39:13:cf:ae:
ae:16:02:bd:f0:45:32:6f:0c:30:ff:a2:2a:5e:0c:
68:45:b8:ef:c2:52:9d:12:f3:a4:e2:93:58:53:21:
22:48:49:c9:a3:45:77:4f:96:0d:a9:6e:ce:a2:b8:
3b:79:88:2c:67:c9:18:11:10:9c:36:22:21:cb:9f:
b8:61:fa:f5:de:f4:2b:0a:5d:77:fe:15:0c:d2:87:
1c:ad:d2:16:03:58:92:fc:b6:05:80:96:76:ff:01:
58:d6:eb:8b:b9:33:f5:09:c4:31:9a:1d:3a:99:78:
91:8d:09:24:6f:bd:c6:2d:fe:7b:a9:2c:e8:c3:1f:
3b:6c:4c:82:ba:09:e6:13:f3:f0:46:ff:ce:b3:fc:
5d:fb:64:5e:fc:5f:ac:90:97:34:a6:26:b1:0e:f3:
c1:c6:3c:92:a5:0f:28:62:16:2f:d1:a9:ea:bb:09:
d8:22:d2:96:42:d7:f8:30:c7:96:5c:5d:f1:29:50:
6b:1d:94:e6:9d:25:f0:be:7d:32:20:6a:dd:66:f5:
b0:2b:7b:16:a0:a5:ed:6f:0b:cf:ff:90:78:36:6e:
b7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:7B:A9:5E:32:E6:B2:3D:23:01:16:95:8D:35:B9:15:13:0F:F2:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
35:3d:36:ba:9d:27:9f:4a:fb:0e:79:d9:fe:1b:d0:c7:4b:c3:
12:1e:b5:c8:c8:80:ad:f5:30:c1:76:db:f7:07:1f:aa:65:05:
72:df:e0:24:40:e1:65:be:0a:6f:20:fa:72:2d:99:cd:33:b1:
80:17:d0:20:35:84:7e:fe:5d:4c:47:77:a8:88:e6:a7:24:77:
e4:3e:92:41:86:0c:08:bf:ca:83:d0:8d:5b:6d:2f:20:ac:27:
73:e7:2e:b7:8a:49:ca:53:a7:a8:96:ca:2b:10:93:ae:7b:78:
ea:1d:07:c7:ee:b1:d5:d2:1b:32:b9:3c:85:8b:7c:c8:b6:c9:
c9:28:a0:33:c0:e3:7f:eb:8d:2b:df:8d:8e:9b:d7:7a:34:bb:
4b:8d:07:c9:b1:2a:d4:5a:11:73:2d:4e:94:61:7e:78:0a:0d:
de:28:14:e9:dc:b6:b2:39:aa:d1:5f:b9:da:45:af:d0:88:c7:
d3:95:79:3f:d2:e7:95:05:fb:2d:9d:3a:ae:9e:c1:bf:ec:9e:
c2:fd:0c:0b:1e:3e:fa:9f:d1:ea:12:bd:bd:bf:02:df:86:cd:
5a:01:21:72:4c:68:e9:ff:16:db:05:40:45:e2:26:09:71:01:
7e:36:f9:07:8b:d0:8f:58:45:47:8b:1c:b1:fb:b0:4b:53:11:
99:94:80:b2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf+a7s0ticcL5RwXM/7tvAABtdrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0MDE2MDFmOTY1OGEzZjQxZDBjMDBmNTEzYzFkOWJhOWY4YWRjOTUwZTk3
ZjgzOWFmNDJkZWNhYWRlYzFmNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJ3MjufCs8ps8DUbxq09awBug1VfLt9Su5vxE1N6UuJ/oPbNoJ83nQ5E8+u
rhYCvfBFMm8MMP+iKl4MaEW478JSnRLzpOKTWFMhIkhJyaNFd0+WDaluzqK4O3mI
LGfJGBEQnDYiIcufuGH69d70Kwpdd/4VDNKHHK3SFgNYkvy2BYCWdv8BWNbri7kz
9QnEMZodOpl4kY0JJG+9xi3+e6ks6MMfO2xMgroJ5hPz8Eb/zrP8XftkXvxfrJCX
NKYmsQ7zwcY8kqUPKGIWL9Gp6rsJ2CLSlkLX+DDHllxd8SlQax2U5p0l8L59MiBq
3Wb1sCt7FqCl7W8Lz/+QeDZutzcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQPe6le
MuayPSMBFpWNNbkVEw/ynTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTdlZmQ4NjEtOGRjNi00MGM1LTg3MTMtMGJjZmRiZWQ3YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqA
MA0GCSqGSIb3DQEBCwUAA4IBAQA1PTa6nSefSvsOedn+G9DHS8MSHrXIyICt9TDB
dtv3Bx+qZQVy3+AkQOFlvgpvIPpyLZnNM7GAF9AgNYR+/l1MR3eoiOanJHfkPpJB
hgwIv8qD0I1bbS8grCdz5y63iknKU6eolsorEJOue3jqHQfH7rHV0hsyuTyFi3zI
tsnJKKAzwON/640r342Om9d6NLtLjQfJsSrUWhFzLU6UYX54Cg3eKBTp3LayOarR
X7naRa/QiMfTlXk/0ueVBfstnTqunsG/7J7C/QwLHj76n9HqEr29vwLfhs1aASFy
TGjp/xbbBUBF4iYJcQF+NvkHi9CPWEVHixyx+7BLUxGZlICy
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:00 2026 by rpki-client