Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
File: ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa (raw, json)
Hash identifier: GsVXxuhe6/lY2XD9PAANsPFD+DoWaQBETi7aTjHSSqc=
Subject key identifier: 8C:E9:E9:35:B2:65:10:0A:00:FB:5C:E2:64:6E:6B:88:F0:AD:69:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C154FE10E574ED8F7E216A4B8040FCEB1573B9B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
Signing time: Sat 28 Feb 2026 06:21:22 +0000
ROA not before: Sat 28 Feb 2026 06:21:22 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:15:4f:e1:0e:57:4e:d8:f7:e2:16:a4:b8:04:0f:ce:b1:57:3b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:22 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=11e30210b61aac0404dcbc395dc4a8c53e1e4c001d4d51e1359dcf133d29f1fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:89:7f:bf:a7:bf:19:5d:56:65:b0:e4:bf:2a:
59:c4:c7:f1:34:09:62:1a:9d:7c:3c:08:2a:e0:f6:
5f:f7:3c:1b:2f:63:c4:66:ee:c8:5e:8f:9f:2b:96:
49:a8:09:75:f3:91:ea:d1:75:25:f2:fb:7b:28:8d:
d6:79:e2:06:67:d8:d1:98:4e:69:bf:f7:6e:09:01:
b7:ce:51:09:69:30:72:32:12:b4:95:b0:44:ea:fd:
71:c9:75:07:c2:82:d1:48:9f:3b:41:bb:6c:21:71:
5f:ab:34:fe:15:d0:c1:24:19:3b:14:ea:99:7e:f0:
91:9a:8b:8a:ef:2c:99:bb:f9:25:de:89:c5:50:82:
be:32:ca:b6:1d:98:a8:60:79:88:88:ca:a3:e2:6c:
c3:03:51:e0:d1:12:6d:bc:34:f2:89:1f:f5:c9:30:
43:6f:1d:9f:48:a0:e7:22:47:fa:5e:76:9d:d7:49:
85:44:f7:4f:73:59:bc:d5:71:74:e9:f5:b3:79:eb:
45:50:02:9f:ca:a9:9b:cd:57:83:fe:eb:5a:a5:50:
4a:70:f1:bf:63:7c:05:46:45:af:2c:c3:b1:df:5c:
7e:20:12:e8:21:76:16:e5:57:e2:b0:91:e9:23:59:
a6:8d:12:6a:ef:b0:80:4a:44:30:21:90:b7:e1:41:
83:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E9:E9:35:B2:65:10:0A:00:FB:5C:E2:64:6E:6B:88:F0:AD:69:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
76:9d:d4:8a:ae:f5:75:31:bd:f5:b0:ae:f9:c4:67:91:09:00:
26:d1:e5:1b:f5:a6:8d:37:4c:a9:22:66:28:0d:11:05:c2:f4:
b9:0d:a4:20:b8:c7:90:c1:57:fa:a9:86:ce:46:86:ec:b7:52:
de:4f:67:97:43:84:5a:aa:4d:79:13:c8:7c:dc:db:3c:4b:b3:
8d:7e:2e:a2:f7:2c:5b:c6:79:7b:36:e1:80:77:b5:4e:55:8d:
98:bf:17:2f:35:4f:e8:fd:af:f5:3a:9b:0c:75:fc:d6:39:4e:
77:5a:d4:ec:4c:0d:e8:9c:e3:47:1f:30:b6:3d:94:d2:be:6e:
08:28:b8:31:9d:b9:6e:ce:b9:ad:bf:d9:da:2c:43:53:47:f5:
8d:ab:a4:40:4b:5b:28:cb:e7:09:ad:11:2d:8f:2a:a9:e9:83:
ea:3f:0a:7d:a6:e4:c6:30:b6:c2:42:aa:c4:aa:64:98:ff:2d:
15:d7:e7:0a:a4:f0:f8:c9:0d:ee:77:7a:83:90:5f:23:b2:04:
41:20:70:c2:78:61:31:fd:6f:a6:32:d8:eb:b4:bb:63:9d:28:
96:82:8d:a9:af:13:bb:48:8e:67:c2:32:ff:7c:7c:49:e5:78:
08:e2:d1:24:6d:66:e2:30:18:92:0d:1e:de:2f:9d:46:09:30:
e2:6c:c7:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfBVP4Q5XTtj34hakuAQPzrFXO5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMjJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDExZTMwMjEwYjYxYWFjMDQwNGRjYmMzOTVkYzRhOGM1M2UxZTRjMDAxZDRk
NTFlMTM1OWRjZjEzM2QyOWYxZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2Jf7+nvxldVmWw5L8qWcTH8TQJYhqdfDwIKuD2X/c8Gy9jxGbuyF6PnyuW
SagJdfOR6tF1JfL7eyiN1nniBmfY0ZhOab/3bgkBt85RCWkwcjIStJWwROr9ccl1
B8KC0UifO0G7bCFxX6s0/hXQwSQZOxTqmX7wkZqLiu8smbv5Jd6JxVCCvjLKth2Y
qGB5iIjKo+JswwNR4NESbbw08okf9ckwQ28dn0ig5yJH+l52nddJhUT3T3NZvNVx
dOn1s3nrRVACn8qpm81Xg/7rWqVQSnDxv2N8BUZFryzDsd9cfiAS6CF2FuVX4rCR
6SNZpo0Sau+wgEpEMCGQt+FBg9cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSM6ek1
smUQCgD7XOJkbmuI8K1pZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWExMGRhYzUtMzJjZS00YWFmLTgyOTctZmZkMWRiYzg1MjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB2ndSKrvV1Mb31sK75xGeRCQAm0eUb9aaNN0yp
ImYoDREFwvS5DaQguMeQwVf6qYbORobst1LeT2eXQ4Raqk15E8h83Ns8S7ONfi6i
9yxbxnl7NuGAd7VOVY2YvxcvNU/o/a/1OpsMdfzWOU53WtTsTA3onONHHzC2PZTS
vm4IKLgxnbluzrmtv9naLENTR/WNq6RAS1soy+cJrREtjyqp6YPqPwp9puTGMLbC
QqrEqmSY/y0V1+cKpPD4yQ3ud3qDkF8jsgRBIHDCeGEx/W+mMtjrtLtjnSiWgo2p
rxO7SI5nwjL/fHxJ5XgI4tEkbWbiMBiSDR7eL51GCTDibMfJ
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:13 2026 by rpki-client