Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: zeGUzRlN/9UrfyTQkSFURHbYT02F1YWi7H4Smbi1Vfg=
Subject key identifier: 04:E3:9D:FC:21:CB:0A:AF:74:74:1C:F1:BC:A7:6E:B2:16:8D:10:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 338500561F07F84CDD02E0644F1DEABC31AC83A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Sat 28 Feb 2026 06:01:09 +0000
ROA not before: Sat 28 Feb 2026 06:01:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:85:00:56:1f:07:f8:4c:dd:02:e0:64:4f:1d:ea:bc:31:ac:83:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=17904601dc1d55baab3c16f77cb6d4ab695c8b5b2e65cc9f9ce2b4b065f35848, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b7:25:5d:f5:60:ba:12:4f:9b:3e:79:56:1b:
90:a1:64:53:28:44:70:91:71:d8:7a:98:58:a9:4b:
eb:b0:00:08:04:2f:e1:ed:10:9a:a5:81:88:f4:b9:
cf:57:ba:0f:40:be:16:bc:98:84:4c:67:17:43:6b:
b8:b2:0a:bf:fd:c5:ef:87:29:0f:2d:3e:95:a5:f6:
16:6e:31:3f:06:92:b7:95:cf:15:56:9e:fa:34:15:
6b:03:9c:22:2a:4e:0e:ed:1c:10:b2:b5:2a:97:2e:
09:57:11:21:7e:8d:cd:3b:f1:83:d9:3c:3f:84:46:
f5:79:7a:23:ab:27:bf:61:42:52:5d:1f:e6:58:6d:
16:ea:20:06:e5:15:6d:64:4f:8e:c0:46:39:58:8e:
fe:3f:be:09:6a:25:35:da:99:80:54:a0:a2:05:7a:
ef:50:a2:d5:06:3b:a4:ba:36:83:52:93:32:fa:99:
c1:b4:16:d1:8a:bb:ad:0b:c8:85:73:f9:d8:f5:1e:
af:6e:a9:e8:3b:5f:b4:81:ca:8e:c3:16:f6:71:e6:
13:8a:98:dd:c3:04:65:d6:6c:ed:78:8b:33:cd:40:
51:1a:6b:1d:04:61:e5:6f:91:e6:68:6f:98:21:4b:
d3:04:7d:96:0c:96:4f:06:fe:a7:9b:cd:1b:a5:95:
1d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E3:9D:FC:21:CB:0A:AF:74:74:1C:F1:BC:A7:6E:B2:16:8D:10:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:53:24:bf:e3:76:72:b5:85:69:2f:38:67:d9:b8:7f:25:44:
15:75:ae:38:a2:58:05:55:64:21:1f:dc:b7:8e:30:9b:ee:69:
2a:f7:02:63:8e:fa:51:a0:2f:95:ea:1b:74:33:5d:07:18:80:
c0:bd:8f:5b:3b:93:45:67:d7:49:34:fe:3c:e0:51:5c:34:13:
0b:82:2a:d4:21:11:01:37:f8:2e:b9:78:07:db:4c:fa:12:8f:
bd:a5:19:1f:f7:02:4a:10:04:b6:50:6d:25:a1:f4:76:ba:f6:
6c:30:74:da:98:73:f2:7a:5a:7b:62:7c:c0:77:08:b3:97:3b:
8d:17:53:df:27:bd:8b:20:ce:04:e5:9a:68:12:4e:fa:49:48:
81:2c:2d:bd:d5:03:d9:77:67:8e:4c:9d:16:c9:7e:0f:df:f6:
eb:81:57:b2:e5:ab:59:b8:3b:47:4d:cf:af:c5:9b:7c:24:fd:
6f:19:8c:74:1b:7f:3f:9b:b4:a9:a0:f8:97:b4:f0:13:63:cf:
f7:d9:41:29:75:2a:d0:80:82:d7:1b:40:af:4a:35:6e:d0:4d:
06:cd:be:96:fd:ec:0e:9e:c7:a6:aa:47:b8:29:3e:2b:dc:4e:
e6:0f:e4:c1:52:db:db:e0:cd:3b:fe:58:5c:e4:6b:66:1c:72:
4a:7a:4a:4a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM4UAVh8H+EzdAuBkTx3qvDGsg6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3OTA0NjAxZGMxZDU1YmFhYjNjMTZmNzdjYjZkNGFiNjk1YzhiNWIyZTY1
Y2M5ZjljZTJiNGIwNjVmMzU4NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMW3JV31YLoST5s+eVYbkKFkUyhEcJFx2HqYWKlL67AACAQv4e0QmqWBiPS5
z1e6D0C+FryYhExnF0NruLIKv/3F74cpDy0+laX2Fm4xPwaSt5XPFVae+jQVawOc
IipODu0cELK1KpcuCVcRIX6NzTvxg9k8P4RG9Xl6I6snv2FCUl0f5lhtFuogBuUV
bWRPjsBGOViO/j++CWolNdqZgFSgogV671Ci1QY7pLo2g1KTMvqZwbQW0Yq7rQvI
hXP52PUer26p6DtftIHKjsMW9nHmE4qY3cMEZdZs7XiLM81AURprHQRh5W+R5mhv
mCFL0wR9lgyWTwb+p5vNG6WVHYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQE4538
IcsKr3R0HPG8p26yFo0QQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQAMUyS/43ZytYVpLzhn2bh/JUQVda44olgFVWQh
H9y3jjCb7mkq9wJjjvpRoC+V6ht0M10HGIDAvY9bO5NFZ9dJNP484FFcNBMLgirU
IREBN/guuXgH20z6Eo+9pRkf9wJKEAS2UG0lofR2uvZsMHTamHPyelp7YnzAdwiz
lzuNF1PfJ72LIM4E5ZpoEk76SUiBLC291QPZd2eOTJ0WyX4P3/brgVey5atZuDtH
Tc+vxZt8JP1vGYx0G38/m7SpoPiXtPATY8/32UEpdSrQgILXG0CvSjVu0E0Gzb6W
/ewOnsemqke4KT4r3E7mD+TBUtvb4M07/lhc5GtmHHJKekpK
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:46 2026 by rpki-client