Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
File: f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa (raw, json)
Hash identifier: f8r+17pw4YCZmM7dbSp0mv5H7LarAkU96bg1UOtbt/M=
Subject key identifier: A1:0B:EC:69:8B:BB:57:7E:AB:AE:BB:A7:6D:A6:7B:10:B1:2E:FE:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61953B3B7C76A1A50DD789217A25AE1CD5C9EF77
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
Signing time: Sat 28 Feb 2026 05:40:09 +0000
ROA not before: Sat 28 Feb 2026 05:40:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:95:3b:3b:7c:76:a1:a5:0d:d7:89:21:7a:25:ae:1c:d5:c9:ef:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=0d3d1943bad52193d72113c1da58628709ba0d6502e4899944ea20fc5dfedf11, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d0:98:5f:fa:40:59:d2:d6:68:44:72:c3:81:
fc:a3:f6:40:67:8a:05:f9:95:66:eb:4f:2f:cc:c3:
5d:30:19:28:eb:2c:ec:15:a6:98:14:39:4b:d1:fe:
44:de:3d:51:f6:da:2a:67:12:bf:7e:8b:49:a5:9d:
47:d9:fa:79:2e:de:89:ae:22:4c:de:64:04:57:90:
23:99:e1:c7:bf:ba:21:3d:16:0f:1c:de:c1:78:ff:
c5:96:89:d8:4c:cf:5a:3b:68:2d:15:b0:c1:c8:8f:
7c:2f:fc:3c:86:a8:20:d4:da:43:0a:99:e8:31:5d:
11:8b:96:08:fc:3a:a7:14:f5:af:0f:b4:c1:f2:ad:
0c:55:66:97:9e:1e:5f:ec:7c:85:a8:22:73:90:ec:
66:ac:65:81:62:1f:35:e9:da:a3:4d:25:91:cb:6a:
a5:92:cf:05:8a:bd:87:3a:0d:f9:d2:73:54:42:4f:
02:4b:55:ad:ea:9b:39:bb:e2:ba:27:ce:3c:b9:f2:
eb:dc:04:30:95:6b:67:70:ca:44:71:98:10:2f:ea:
60:d5:e4:93:d7:fe:eb:7b:5e:83:66:e7:d5:e4:c8:
50:d3:f2:cc:d4:81:25:c7:19:e7:2f:a9:d9:02:d5:
e6:a0:0f:f2:bb:fb:95:53:db:03:23:ba:1e:53:2d:
34:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:0B:EC:69:8B:BB:57:7E:AB:AE:BB:A7:6D:A6:7B:10:B1:2E:FE:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9000::/40
Signature Algorithm: sha256WithRSAEncryption
46:b0:5b:09:ff:72:31:cf:1a:f5:b8:6e:d5:97:30:51:24:cf:
f0:d5:16:12:a5:12:21:86:cf:9a:cd:94:f4:64:37:a1:9e:a5:
8a:8a:7f:02:b9:06:51:a1:02:19:df:86:f7:03:6f:d4:d4:f8:
15:a8:95:b6:c9:26:d3:be:25:dd:db:1c:ba:f9:15:55:05:8c:
9d:bf:29:b0:5e:b3:07:17:22:e5:cf:39:7a:06:d9:d8:a3:45:
5e:5d:d4:e5:6e:3c:f2:67:c8:a3:4d:52:25:6e:58:ad:a6:a7:
02:4d:a8:75:4f:79:87:98:fc:ba:59:8a:6a:7b:f0:62:84:b1:
e8:bc:73:b1:fa:46:88:7d:5f:64:e1:cc:db:22:62:ee:e7:e5:
58:7a:68:92:53:0e:67:50:93:3c:f8:84:79:80:92:e0:6a:08:
ea:bf:3d:2d:9e:9d:f5:4e:f2:74:cc:b7:57:2f:11:83:de:24:
00:0d:94:7a:e7:12:4a:00:42:f8:93:80:11:c0:a1:81:da:e2:
c5:61:c5:d3:31:55:7e:ce:11:88:60:f5:34:32:4c:24:46:a4:
23:97:b6:ea:57:4f:02:a7:7c:20:e9:b3:b3:41:33:4d:b5:ed:
af:aa:a8:43:c2:d2:01:32:07:3f:b4:f8:6c:bc:86:24:1e:44:
d6:09:fa:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYZU7O3x2oaUN14kheiWuHNXJ73cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkM2QxOTQzYmFkNTIxOTNkNzIxMTNjMWRhNTg2Mjg3MDliYTBkNjUwMmU0
ODk5OTQ0ZWEyMGZjNWRmZWRmMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANPQmF/6QFnS1mhEcsOB/KP2QGeKBfmVZutPL8zDXTAZKOss7BWmmBQ5S9H+
RN49UfbaKmcSv36LSaWdR9n6eS7eia4iTN5kBFeQI5nhx7+6IT0WDxzewXj/xZaJ
2EzPWjtoLRWwwciPfC/8PIaoINTaQwqZ6DFdEYuWCPw6pxT1rw+0wfKtDFVml54e
X+x8hagic5DsZqxlgWIfNenao00lkctqpZLPBYq9hzoN+dJzVEJPAktVreqbObvi
uifOPLny69wEMJVrZ3DKRHGYEC/qYNXkk9f+63teg2bn1eTIUNPyzNSBJccZ5y+p
2QLV5qAP8rv7lVPbAyO6HlMtNKUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShC+xp
i7tXfquuu6dtpnsQsS7+rzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjE5YTFjZTMtMzcyNi00ZDhkLThkM2EtYjJlYzA1MDljYzc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBGsFsJ/3Ixzxr1uG7VlzBRJM/w1RYSpRIhhs+a
zZT0ZDehnqWKin8CuQZRoQIZ34b3A2/U1PgVqJW2ySbTviXd2xy6+RVVBYydvymw
XrMHFyLlzzl6BtnYo0VeXdTlbjzyZ8ijTVIlblitpqcCTah1T3mHmPy6WYpqe/Bi
hLHovHOx+kaIfV9k4czbImLu5+VYemiSUw5nUJM8+IR5gJLgagjqvz0tnp31TvJ0
zLdXLxGD3iQADZR65xJKAEL4k4ARwKGB2uLFYcXTMVV+zhGIYPU0MkwkRqQjl7bq
V08Cp3wg6bOzQTNNte2vqqhDwtIBMgc/tPhsvIYkHkTWCfrz
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:07 2026 by rpki-client