Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
File: e875eadd-6478-4ac0-8792-06722aa80dd0.roa (raw, json)
Hash identifier: 9uWChns1qaIdjV1vQx7opp/K+Vt0bMgeF1Di6vExNrk=
Subject key identifier: 10:F7:3B:DB:B9:58:68:75:61:5E:04:9A:C2:AD:34:45:41:86:37:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DFD39F202A3ECA03F8290D9045ED11DF8FB8690
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
Signing time: Sat 28 Feb 2026 05:40:50 +0000
ROA not before: Sat 28 Feb 2026 05:40:50 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:fd:39:f2:02:a3:ec:a0:3f:82:90:d9:04:5e:d1:1d:f8:fb:86:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:50 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=3636e8a217a2a04c4d4cdd2ed1a2092d49fb01262b1a2cded512ae657f78d30f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c1:f7:f8:9b:6f:e4:14:8f:e5:7e:b8:8c:e1:
3e:ab:4d:01:b7:af:f2:42:de:18:b8:ce:5f:32:b9:
04:d2:6b:81:fa:42:5c:c4:39:12:6e:b1:d6:5c:a3:
32:b0:8e:50:63:fb:ba:4e:7b:d7:11:74:4a:c4:82:
ad:28:4e:35:f9:9e:f3:cf:a3:6d:4e:19:85:5a:2f:
87:b5:06:93:bf:21:57:4b:09:1a:60:d0:93:fc:ae:
86:0c:4c:d0:cb:e6:30:7f:c1:bc:ec:2e:35:a1:50:
99:1c:d6:6e:9b:89:08:05:2b:92:e1:0a:2c:2d:a5:
c2:02:5f:21:10:86:72:c5:fb:83:2d:a4:32:08:cc:
15:c0:7f:37:c9:60:50:75:5b:d2:f1:2c:37:2f:5f:
ac:eb:11:a6:6a:45:44:d3:13:1c:7a:a8:03:0d:dc:
39:2f:ca:12:4a:1a:7f:8a:c4:54:39:92:22:4c:14:
1a:eb:3c:bf:be:9d:cd:08:46:a1:f1:3e:24:df:13:
ae:fe:ee:54:6e:70:00:bb:7f:b4:9d:80:08:28:7c:
fc:f3:42:a5:b9:98:66:c1:92:29:b9:8c:22:01:8f:
76:a6:21:08:bf:56:40:97:10:21:71:45:d7:4a:f6:
a0:2c:6d:e7:cf:ab:15:3f:fe:cf:55:49:61:e9:d4:
71:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:F7:3B:DB:B9:58:68:75:61:5E:04:9A:C2:AD:34:45:41:86:37:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
31:22:72:28:bb:5b:4e:1a:f3:dd:ec:ab:68:b8:51:e3:48:66:
8d:a8:0a:7c:91:12:44:09:5d:12:c4:e1:34:46:8e:c4:75:47:
db:23:ec:bb:cd:fe:99:8b:3d:93:e0:98:23:1b:14:68:df:a7:
76:96:74:39:a3:8a:a9:80:32:c2:de:86:c5:3d:e8:2d:be:ec:
f0:88:59:36:56:30:aa:84:ff:d0:2f:1e:f0:af:a5:a0:42:a3:
88:f4:4a:74:40:86:18:cc:2d:04:44:a6:14:15:e5:08:30:e0:
f9:0c:42:f4:56:36:3e:43:f9:02:60:9f:65:95:72:af:06:cd:
c3:e0:f1:c6:17:4b:69:4e:31:25:2e:61:ff:6e:b7:a5:a3:21:
e7:ba:cd:aa:4d:79:a9:4b:55:69:15:b7:6b:73:66:ca:be:91:
43:fc:2b:ec:a1:e1:38:ad:e8:05:68:93:3a:0c:4b:da:64:9a:
b3:7c:b7:a5:44:c2:64:13:21:4d:90:51:28:f6:bf:1f:53:94:
ce:9f:b6:05:6b:26:df:f9:c9:dd:45:92:2e:64:00:93:2c:82:
c9:77:3c:55:bb:33:9e:d1:72:e6:fa:b9:38:29:fa:dd:6f:a5:
05:84:93:2d:86:aa:80:fe:f3:42:b5:3e:b2:dd:63:f9:db:df:
48:a8:30:de
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPf058gKj7KA/gpDZBF7RHfj7hpAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwNTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2MzZlOGEyMTdhMmEwNGM0ZDRjZGQyZWQxYTIwOTJkNDlmYjAxMjYyYjFh
MmNkZWQ1MTJhZTY1N2Y3OGQzMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPB9/ibb+QUj+V+uIzhPqtNAbev8kLeGLjOXzK5BNJrgfpCXMQ5Em6x1lyj
MrCOUGP7uk571xF0SsSCrShONfme88+jbU4ZhVovh7UGk78hV0sJGmDQk/yuhgxM
0MvmMH/BvOwuNaFQmRzWbpuJCAUrkuEKLC2lwgJfIRCGcsX7gy2kMgjMFcB/N8lg
UHVb0vEsNy9frOsRpmpFRNMTHHqoAw3cOS/KEkoaf4rEVDmSIkwUGus8v76dzQhG
ofE+JN8Trv7uVG5wALt/tJ2ACCh8/PNCpbmYZsGSKbmMIgGPdqYhCL9WQJcQIXFF
10r2oCxt58+rFT/+z1VJYenUcYUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQQ9zvb
uVhodWFeBJrCrTRFQYY3vzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3NWVhZGQtNjQ3OC00YWMwLTg3OTItMDY3MjJhYTgwZGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
wDANBgkqhkiG9w0BAQsFAAOCAQEAMSJyKLtbThrz3eyraLhR40hmjagKfJESRAld
EsThNEaOxHVH2yPsu83+mYs9k+CYIxsUaN+ndpZ0OaOKqYAywt6GxT3oLb7s8IhZ
NlYwqoT/0C8e8K+loEKjiPRKdECGGMwtBESmFBXlCDDg+QxC9FY2PkP5AmCfZZVy
rwbNw+DxxhdLaU4xJS5h/263paMh57rNqk15qUtVaRW3a3Nmyr6RQ/wr7KHhOK3o
BWiTOgxL2mSas3y3pUTCZBMhTZBRKPa/H1OUzp+2BWsm3/nJ3UWSLmQAkyyCyXc8
VbszntFy5vq5OCn63W+lBYSTLYaqgP7zQrU+st1j+dvfSKgw3g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:02 2026 by rpki-client