Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
File: ea31a166-ce12-4108-9868-894ac9df0e65.roa (raw, json)
Hash identifier: 48ZNvqhTTOHUtHi4TimV5MpqqT4xTjMehVUXNyMC95k=
Subject key identifier: 47:CD:CE:98:5F:E0:53:83:2E:8B:F8:BA:E2:A1:33:1D:AA:01:E2:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 571E509E341B7227676C42FBB5FA1062404ACEBB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
Signing time: Sat 28 Feb 2026 05:40:52 +0000
ROA not before: Sat 28 Feb 2026 05:40:52 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:1e:50:9e:34:1b:72:27:67:6c:42:fb:b5:fa:10:62:40:4a:ce:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:52 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=9d1b9f4a4fff55e038383dcb0820b0625a196e27fce32767536028eee2e924d7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f6:6e:ca:34:91:a1:28:71:82:83:8c:7c:73:
11:e6:5c:3f:aa:27:6b:dd:dd:c4:98:3e:1e:e1:ff:
56:41:66:9f:88:36:5e:85:45:57:6e:d8:77:9c:67:
f3:ab:08:05:57:ae:39:6d:bb:88:bd:f4:17:97:38:
80:34:d8:5f:4c:ed:33:96:a9:8a:fe:3f:6a:dc:08:
a3:bf:fd:1d:21:b7:fb:5d:3b:34:f8:57:4a:03:52:
90:23:3d:a5:b3:2d:03:3c:5c:4a:8a:a2:6b:b5:9e:
de:0a:18:87:e8:24:d1:dc:48:7e:8b:38:88:df:02:
6f:40:ca:82:c7:47:0d:05:bc:37:59:3e:9b:31:88:
d1:5a:12:16:11:5f:34:98:86:b4:36:1b:c6:60:d0:
f9:04:b0:f1:67:b4:17:22:15:0c:0a:d7:c6:56:4a:
75:13:b5:0d:d5:2c:43:92:f8:73:6c:ad:05:87:ef:
29:72:d6:ac:8f:01:c6:ca:3f:d3:21:44:46:7d:02:
d7:40:15:2c:42:9f:f7:d7:84:ac:1d:3d:46:dd:bb:
f2:a9:5d:b6:3c:0a:d9:a1:23:97:1b:ef:fd:9f:51:
8e:a0:3c:6e:50:b4:84:8a:f2:df:60:9c:d3:c2:97:
63:ec:66:f4:40:d8:3d:2e:7c:29:c7:92:d3:c4:8f:
46:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:CD:CE:98:5F:E0:53:83:2E:8B:F8:BA:E2:A1:33:1D:AA:01:E2:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b080::/48
Signature Algorithm: sha256WithRSAEncryption
14:46:a6:28:ff:c2:d4:fc:33:64:39:14:3f:b7:5a:9d:6e:d9:
e7:c0:39:8d:37:54:84:2d:f4:06:ae:a7:5b:d7:52:17:d8:43:
ce:2e:9b:12:2e:0f:de:99:9d:92:74:f2:df:a9:6a:6d:04:4d:
cf:77:ab:f4:2b:9a:49:50:ea:be:7c:b6:c1:56:58:3d:32:2b:
c7:9a:4e:0b:df:00:aa:e7:50:a2:08:94:80:52:12:30:59:7c:
08:cc:8e:52:92:28:22:1c:75:2e:dc:b1:2d:41:5e:3b:d6:91:
5f:2a:b2:0e:b8:5f:ff:ca:cb:31:00:d8:b6:81:e1:a5:21:02:
bb:47:09:f7:c2:33:70:80:3c:3f:17:65:7d:14:e1:50:0e:bb:
f3:8d:e8:e5:44:f1:ab:c6:82:d8:7f:96:ee:16:b6:cc:7a:b4:
d1:21:b1:9b:ce:6e:3f:88:f9:c3:5b:d7:91:f7:e1:bf:de:32:
f0:1b:ea:59:b5:ab:15:47:18:e8:11:86:1e:c4:e8:2e:c0:5a:
1e:cb:76:51:19:68:eb:4d:5b:23:a4:b0:d1:57:e6:2e:54:4a:
43:11:8d:fe:80:33:37:4c:6a:49:11:0b:9a:a1:d4:0a:74:99:
76:e0:2d:f6:99:f8:30:a5:b6:1b:28:11:66:f0:d3:e4:97:47:
f1:82:a3:17
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVx5QnjQbcidnbEL7tfoQYkBKzrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwNTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkMWI5ZjRhNGZmZjU1ZTAzODM4M2RjYjA4MjBiMDYyNWExOTZlMjdmY2Uz
Mjc2NzUzNjAyOGVlZTJlOTI0ZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKj2bso0kaEocYKDjHxzEeZcP6ona93dxJg+HuH/VkFmn4g2XoVFV27Yd5xn
86sIBVeuOW27iL30F5c4gDTYX0ztM5apiv4/atwIo7/9HSG3+107NPhXSgNSkCM9
pbMtAzxcSoqia7We3goYh+gk0dxIfos4iN8Cb0DKgsdHDQW8N1k+mzGI0VoSFhFf
NJiGtDYbxmDQ+QSw8We0FyIVDArXxlZKdRO1DdUsQ5L4c2ytBYfvKXLWrI8Bxso/
0yFERn0C10AVLEKf99eErB09Rt278qldtjwK2aEjlxvv/Z9RjqA8blC0hIry32Cc
08KXY+xm9EDYPS58KceS08SPRg0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRHzc6Y
X+BTgy6L+LrioTMdqgHiqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEzMWExNjYtY2UxMi00MTA4LTk4NjgtODk0YWM5ZGYwZTY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+w
gDANBgkqhkiG9w0BAQsFAAOCAQEAFEamKP/C1PwzZDkUP7danW7Z58A5jTdUhC30
Bq6nW9dSF9hDzi6bEi4P3pmdknTy36lqbQRNz3er9CuaSVDqvny2wVZYPTIrx5pO
C98AqudQogiUgFISMFl8CMyOUpIoIhx1LtyxLUFeO9aRXyqyDrhf/8rLMQDYtoHh
pSECu0cJ98IzcIA8PxdlfRThUA67843o5UTxq8aC2H+W7ha2zHq00SGxm85uP4j5
w1vXkffhv94y8BvqWbWrFUcY6BGGHsToLsBaHst2URlo601bI6Sw0VfmLlRKQxGN
/oAzN0xqSRELmqHUCnSZduAt9pn4MKW2GygRZvDT5JdH8YKjFw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:44 2026 by rpki-client