Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
File: e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa (raw, json)
Hash identifier: 79uLgteDjUD2NhCqYBWIkjg4p6BYN4biUJ9CK+nLJDA=
Subject key identifier: A1:B8:AB:77:20:7A:64:47:48:11:4E:C6:82:7A:07:4A:D0:FE:6C:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79934AB68A165F8BC153FC2AE67D7A6080471CE7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
Signing time: Sat 28 Feb 2026 05:20:58 +0000
ROA not before: Sat 28 Feb 2026 05:20:58 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:93:4a:b6:8a:16:5f:8b:c1:53:fc:2a:e6:7d:7a:60:80:47:1c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:58 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=329c9acd74a3a57100406d2f71796f8c4d593ff06a281d2833eca9b53707e0f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d0:55:01:cf:bb:84:c0:34:26:5a:42:52:2b:
3e:ec:73:bf:25:89:05:b1:df:13:31:e2:99:3b:77:
d3:3e:83:71:0a:1c:c9:fb:61:da:1d:64:5e:49:04:
e0:b3:1c:b1:60:d8:91:ca:3c:b5:5d:71:57:aa:ec:
44:2a:58:d9:86:25:e3:32:8e:03:5c:0c:5c:e1:c4:
92:12:c5:0d:ec:3f:9f:08:8d:71:d6:61:ca:95:c4:
ef:c6:16:85:62:7f:04:ac:24:24:ae:16:72:15:3d:
ff:c2:ba:cc:f3:09:70:42:06:4e:4e:75:3e:87:0a:
86:4f:2f:56:6c:8f:8b:ec:3b:a1:f4:d5:83:7a:29:
08:71:71:58:b4:9b:a7:e0:6d:6b:8b:f8:73:69:99:
50:46:0c:f7:39:a8:ea:57:36:2d:2a:9c:51:0a:a4:
40:30:5e:f5:b7:2b:d2:39:40:b9:40:fe:7c:d8:a7:
4d:47:50:88:61:28:32:e3:f7:3d:dc:85:d6:aa:da:
40:b5:50:62:18:d5:61:bd:1d:f9:5a:e5:81:9f:b2:
af:51:48:1c:cc:63:c1:a8:1f:13:57:df:58:a2:22:
51:df:b9:0d:af:b3:b4:f1:e8:e1:db:b7:9d:95:11:
fa:e5:8e:12:0e:a0:c8:45:50:64:69:2e:b9:a7:53:
f4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B8:AB:77:20:7A:64:47:48:11:4E:C6:82:7A:07:4A:D0:FE:6C:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
88:9e:f2:8b:21:c2:a5:e7:90:79:eb:a0:00:a2:d9:81:1b:ec:
3d:33:c4:9d:df:d8:0b:48:38:ea:db:a0:66:06:ac:15:72:f7:
09:e4:79:18:68:42:d5:06:dd:fb:a0:b1:63:c7:ce:56:c0:85:
20:9a:21:3e:ed:5d:aa:c8:8d:af:12:00:9e:4b:68:75:2f:4a:
5c:1a:28:90:b3:63:52:2b:36:65:9d:03:88:6b:b1:a3:24:74:
bf:5c:f8:ff:a7:cf:81:30:2a:bf:9f:3f:ea:c1:71:c3:44:f2:
18:e8:17:59:71:4e:4c:c6:09:7c:be:12:af:f8:6f:18:e1:24:
65:9a:91:f6:5c:ac:fd:88:ae:d6:ff:d4:ff:92:2d:13:60:81:
7b:f1:19:72:97:e0:6a:e5:bc:16:08:8d:7d:87:a8:2c:bf:36:
65:52:a4:7c:a2:f6:d9:f0:ff:ef:87:81:1a:04:d6:a9:16:29:
49:20:5e:15:c3:23:9b:cf:d1:bd:6e:17:63:34:12:98:9b:43:
03:68:2a:dd:e8:2e:73:e3:3e:b0:bc:80:0b:3c:0b:6f:04:fc:
dc:85:c0:24:c2:b9:37:26:d9:68:c0:38:af:28:a9:78:ee:17:
68:8c:57:d2:9c:48:25:bb:b1:b2:a5:ed:78:03:e7:19:da:e6:
c1:7e:20:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeZNKtooWX4vBU/wq5n16YIBHHOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNThaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyOWM5YWNkNzRhM2E1NzEwMDQwNmQyZjcxNzk2ZjhjNGQ1OTNmZjA2YTI4
MWQyODMzZWNhOWI1MzcwN2UwZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/QVQHPu4TANCZaQlIrPuxzvyWJBbHfEzHimTt30z6DcQocyfth2h1kXkkE
4LMcsWDYkco8tV1xV6rsRCpY2YYl4zKOA1wMXOHEkhLFDew/nwiNcdZhypXE78YW
hWJ/BKwkJK4WchU9/8K6zPMJcEIGTk51PocKhk8vVmyPi+w7ofTVg3opCHFxWLSb
p+Bta4v4c2mZUEYM9zmo6lc2LSqcUQqkQDBe9bcr0jlAuUD+fNinTUdQiGEoMuP3
PdyF1qraQLVQYhjVYb0d+VrlgZ+yr1FIHMxjwagfE1ffWKIiUd+5Da+ztPHo4du3
nZUR+uWOEg6gyEVQZGkuuadT9IUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBShuKt3
IHpkR0gRTsaCegdK0P5sBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3YTk3MWMtOWJhZC00NGQ0LWJhNjMtOWMwOWYwMjk5ZmEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
wDANBgkqhkiG9w0BAQsFAAOCAQEAiJ7yiyHCpeeQeeugAKLZgRvsPTPEnd/YC0g4
6tugZgasFXL3CeR5GGhC1Qbd+6CxY8fOVsCFIJohPu1dqsiNrxIAnktodS9KXBoo
kLNjUis2ZZ0DiGuxoyR0v1z4/6fPgTAqv58/6sFxw0TyGOgXWXFOTMYJfL4Sr/hv
GOEkZZqR9lys/Yiu1v/U/5ItE2CBe/EZcpfgauW8FgiNfYeoLL82ZVKkfKL22fD/
74eBGgTWqRYpSSBeFcMjm8/RvW4XYzQSmJtDA2gq3eguc+M+sLyACzwLbwT83IXA
JMK5NybZaMA4ryipeO4XaIxX0pxIJbuxsqXteAPnGdrmwX4gFg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:37 2026 by rpki-client