Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
File: ed0f44c7-c286-45c9-9156-5644f580ab41.roa (raw, json)
Hash identifier: PXy1+rBUDONkM/XMb9RuDfYGt4zPSJ/0s4dZbE/RRFY=
Subject key identifier: 3D:0E:01:20:2A:28:77:BA:E7:F8:27:F8:35:91:2A:98:EB:5A:28:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21473E292EC2BED19DDBD5C92B9F24117A49941B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
Signing time: Sat 28 Feb 2026 06:00:34 +0000
ROA not before: Sat 28 Feb 2026 06:00:34 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:47:3e:29:2e:c2:be:d1:9d:db:d5:c9:2b:9f:24:11:7a:49:94:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:34 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=dcec744fb4d06aba920ddc4b08275f5bc84fb27a19f2a4d190f6f7151bcb9178, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6a:8d:06:3e:ed:9c:6a:af:97:73:17:09:bd:
12:bc:77:a0:a2:3f:1b:e1:d4:a9:6b:15:28:db:6e:
97:04:c0:55:d0:10:4e:95:8e:5b:9a:2a:fb:bb:94:
61:20:e2:45:bf:54:64:e9:8f:01:e2:fa:d5:1c:e0:
6c:1e:d6:ed:40:fd:4d:c9:2d:e2:9f:57:55:9f:1e:
4a:44:ec:c5:34:a5:ad:54:11:fa:e2:bf:14:49:a8:
27:89:bd:c0:39:20:00:b9:b6:a9:15:78:55:96:40:
da:b6:33:43:9c:95:0a:06:41:93:f3:75:09:23:35:
11:9d:8c:ab:d1:68:5d:ce:7a:db:13:a4:e0:d4:f0:
07:8c:9e:81:c2:db:49:9d:f1:e5:37:60:5d:e3:16:
11:ab:22:64:a3:a1:b9:ac:4c:0b:85:75:22:f5:80:
80:1c:b6:47:f6:f8:c7:43:33:f4:6d:71:ba:98:b7:
35:3c:26:d2:89:7d:9c:79:df:66:74:4b:98:ca:68:
f0:a3:de:36:f0:48:d9:97:d2:1c:4f:08:16:4c:72:
06:9d:2e:d7:44:9e:98:ed:3e:80:75:7e:4d:d3:25:
36:82:41:66:fb:df:c5:c6:24:8f:82:1c:7e:9f:89:
1f:4a:c3:94:db:ff:52:1c:0a:bf:1b:91:f3:21:4c:
ff:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0E:01:20:2A:28:77:BA:E7:F8:27:F8:35:91:2A:98:EB:5A:28:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:b000::/40
Signature Algorithm: sha256WithRSAEncryption
88:61:b4:bd:8f:a0:8a:32:36:01:79:bb:76:9a:e3:fd:7d:57:
b6:88:95:17:fc:ba:45:10:1b:85:54:13:3b:47:fa:f6:cd:92:
5c:39:68:ab:4d:6b:23:83:c4:5d:ac:51:8e:1e:7e:c7:53:e3:
69:bd:73:c6:d9:b2:1f:fc:81:a3:3e:17:1a:00:6d:6b:ab:af:
6f:d0:03:51:fd:62:07:fd:28:c4:8e:86:df:e2:ae:30:ca:29:
6f:c4:92:e9:4c:29:fa:1b:8e:09:e0:aa:69:3c:65:f7:c3:6d:
29:f5:a5:57:3d:45:65:22:66:a4:af:ae:2f:e3:52:2a:6c:8b:
52:25:ec:66:e4:e5:1e:74:7c:9d:7e:5c:23:af:df:db:da:e6:
7d:a9:6a:9e:8c:5c:ed:75:34:83:1b:85:b1:5a:9d:2d:19:c5:
ae:31:ac:6d:5a:1b:5f:20:36:30:4d:3c:4e:08:7f:43:47:bd:
f1:ce:ae:f8:9c:c3:e1:55:6f:b8:ae:09:49:58:37:6f:30:48:
bd:2b:f8:2c:90:2d:ce:ff:cc:6f:39:0c:6d:90:ac:87:cb:a8:
8b:53:ba:e7:ea:44:b4:a2:66:09:e3:37:4d:b9:bb:13:fb:db:
ec:79:d6:03:8e:48:ed:08:24:8c:56:18:eb:8b:14:ac:17:c0:
8d:4b:ea:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIUc+KS7CvtGd29XJK58kEXpJlBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwMzRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjZWM3NDRmYjRkMDZhYmE5MjBkZGM0YjA4Mjc1ZjViYzg0ZmIyN2ExOWYy
YTRkMTkwZjZmNzE1MWJjYjkxNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNqjQY+7Zxqr5dzFwm9Erx3oKI/G+HUqWsVKNtulwTAVdAQTpWOW5oq+7uU
YSDiRb9UZOmPAeL61RzgbB7W7UD9Tckt4p9XVZ8eSkTsxTSlrVQR+uK/FEmoJ4m9
wDkgALm2qRV4VZZA2rYzQ5yVCgZBk/N1CSM1EZ2Mq9FoXc562xOk4NTwB4yegcLb
SZ3x5TdgXeMWEasiZKOhuaxMC4V1IvWAgBy2R/b4x0Mz9G1xupi3NTwm0ol9nHnf
ZnRLmMpo8KPeNvBI2ZfSHE8IFkxyBp0u10SemO0+gHV+TdMlNoJBZvvfxcYkj4Ic
fp+JH0rDlNv/UhwKvxuR8yFM/7kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9DgEg
Kih3uuf4J/g1kSqY61ooyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQwZjQ0YzctYzI4Ni00NWM5LTkxNTYtNTY0NGY1ODBhYjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fiw
MA0GCSqGSIb3DQEBCwUAA4IBAQCIYbS9j6CKMjYBebt2muP9fVe2iJUX/LpFEBuF
VBM7R/r2zZJcOWirTWsjg8RdrFGOHn7HU+NpvXPG2bIf/IGjPhcaAG1rq69v0ANR
/WIH/SjEjobf4q4wyilvxJLpTCn6G44J4KppPGX3w20p9aVXPUVlImakr64v41Iq
bItSJexm5OUedHydflwjr9/b2uZ9qWqejFztdTSDG4WxWp0tGcWuMaxtWhtfIDYw
TTxOCH9DR73xzq74nMPhVW+4rglJWDdvMEi9K/gskC3O/8xvOQxtkKyHy6iLU7rn
6kS0omYJ4zdNubsT+9vsedYDjkjtCCSMVhjrixSsF8CNS+oL
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:40:25 2026 by rpki-client