Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea0e91cd-e265-4578-9172-3a1331586357.roa
File: ea0e91cd-e265-4578-9172-3a1331586357.roa (raw, json)
Hash identifier: N4nydcUWPk1LUhqGfimkKu4xMnSWoVmjpbD7KS7hZh8=
Subject key identifier: D4:CC:86:2D:4F:58:54:60:01:26:93:C2:C6:EF:79:47:FA:42:B8:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 301366D5770BB905CF8375268B6CD6E5D893FD45
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea0e91cd-e265-4578-9172-3a1331586357.roa
Signing time: Tue 24 Feb 2026 04:10:43 +0000
ROA not before: Tue 24 Feb 2026 04:10:43 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:13:66:d5:77:0b:b9:05:cf:83:75:26:8b:6c:d6:e5:d8:93:fd:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 04:10:43 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=43e9d11d2ccf829350872f52b0f90baab561cc3c676ac7b4a2aaabfdd0481bb7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cd:9e:0b:54:7a:3a:1a:83:10:ea:66:cd:3b:
fe:7e:8d:b1:73:37:bd:23:43:83:1c:6e:b8:df:24:
f9:c9:17:7f:a2:c1:69:76:c8:c4:7c:f5:e3:28:b0:
61:c4:e8:45:95:db:b6:3c:a2:2f:34:84:04:2a:f5:
f4:63:50:be:80:99:5f:69:8a:a6:d1:8f:25:93:16:
d4:8f:93:cb:75:90:92:d8:6a:fc:b2:a2:34:98:f8:
37:67:6d:23:6f:8c:91:c4:18:5f:16:ee:e0:02:be:
ad:ce:70:fc:f6:eb:70:77:32:03:27:80:b1:a0:db:
81:0f:88:95:d4:eb:25:de:30:08:38:d3:24:2b:ba:
5b:00:a8:a9:47:4d:72:1d:30:db:fd:b3:a0:e2:a2:
8a:65:dc:db:d9:8e:ba:86:66:39:5a:e9:9e:c5:f5:
4b:e1:0c:fb:5a:31:04:e1:b2:dc:65:74:0d:2c:00:
9a:88:94:ea:cf:b2:20:45:45:ef:b7:fd:80:10:c4:
28:4d:92:1c:72:73:4e:2c:ad:83:1e:41:12:75:33:
3d:06:c2:eb:f5:4d:31:ee:b3:a3:c2:a5:5a:d9:2a:
8f:01:b7:00:13:98:11:34:f4:2e:24:29:0f:19:26:
36:a2:91:e1:e6:e5:d2:91:50:8b:a1:49:ee:a8:62:
42:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:CC:86:2D:4F:58:54:60:01:26:93:C2:C6:EF:79:47:FA:42:B8:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea0e91cd-e265-4578-9172-3a1331586357.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:ff:ac:81:c1:11:f7:d1:fa:8b:61:62:c1:d2:dd:26:ca:d9:
53:db:15:ac:be:eb:54:9a:7c:ca:f3:ea:04:83:96:58:bd:b5:
1a:5d:32:73:84:b6:34:34:f7:fd:46:47:c2:45:4f:5e:80:66:
97:2f:34:d3:a2:7b:7d:7c:1a:d9:1f:dd:03:8e:1c:04:34:d0:
99:ef:a9:7a:e4:4f:ae:4b:91:3f:1b:ca:6e:8e:72:b6:84:c4:
c2:5a:34:c2:92:dd:da:4f:d1:9e:0f:ed:d8:30:d2:2f:7c:1b:
e0:63:dd:3d:04:30:98:29:65:1c:0e:0f:1d:5a:06:84:2d:f7:
00:0d:8c:0a:c6:06:8a:a4:4d:bc:3e:e7:db:61:09:6c:8a:70:
ff:de:e4:c4:2e:6d:f2:91:34:87:30:87:39:c9:c6:68:88:71:
9f:73:98:49:c3:84:b1:61:13:a2:b0:9f:d2:ed:f1:41:52:b3:
c3:69:b7:ba:05:6b:c3:1a:95:58:a5:75:ae:8e:b4:ba:6e:45:
cf:c3:74:16:af:79:e1:fc:3d:f6:2b:33:b7:66:d5:fb:e1:2c:
8e:65:c1:12:a1:f8:29:a7:1e:80:1a:b6:38:6a:fd:38:1c:64:
48:15:5d:6a:31:7e:7e:57:cf:43:ac:b2:92:cb:1b:d0:54:5b:
7b:88:d0:be
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMBNm1XcLuQXPg3Umi2zW5diT/UUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwNDEwNDNaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzZTlkMTFkMmNjZjgyOTM1MDg3MmY1MmIwZjkwYmFhYjU2MWNjM2M2NzZh
YzdiNGEyYWFhYmZkZDA0ODFiYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjNngtUejoagxDqZs07/n6NsXM3vSNDgxxuuN8k+ckXf6LBaXbIxHz14yiw
YcToRZXbtjyiLzSEBCr19GNQvoCZX2mKptGPJZMW1I+Ty3WQkthq/LKiNJj4N2dt
I2+MkcQYXxbu4AK+rc5w/PbrcHcyAyeAsaDbgQ+IldTrJd4wCDjTJCu6WwCoqUdN
ch0w2/2zoOKiimXc29mOuoZmOVrpnsX1S+EM+1oxBOGy3GV0DSwAmoiU6s+yIEVF
77f9gBDEKE2SHHJzTiytgx5BEnUzPQbC6/VNMe6zo8KlWtkqjwG3ABOYETT0LiQp
DxkmNqKR4ebl0pFQi6FJ7qhiQmMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTUzIYt
T1hUYAEmk8LG73lH+kK4LDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEwZTkxY2QtZTI2NS00NTc4LTkxNzItM2ExMzMxNTg2MzU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCl/6yBwRH30fqLYWLB0t0mytlT2xWsvutUmnzK
8+oEg5ZYvbUaXTJzhLY0NPf9RkfCRU9egGaXLzTTont9fBrZH90DjhwENNCZ76l6
5E+uS5E/G8pujnK2hMTCWjTCkt3aT9GeD+3YMNIvfBvgY909BDCYKWUcDg8dWgaE
LfcADYwKxgaKpE28PufbYQlsinD/3uTELm3ykTSHMIc5ycZoiHGfc5hJw4SxYROi
sJ/S7fFBUrPDabe6BWvDGpVYpXWujrS6bkXPw3QWr3nh/D32KzO3ZtX74SyOZcES
ofgppx6AGrY4av04HGRIFV1qMX5+V89DrLKSyxvQVFt7iNC+
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:26 2026 by rpki-client