Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
File: f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa (raw, json)
Hash identifier: ORJd+zdkYniMbaZMP+2ZIWxyUs667OWZjp2CWC0maDA=
Subject key identifier: FB:58:AF:3B:35:CD:97:F5:37:14:64:04:B3:54:5D:EF:71:FD:24:53
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 140F96BB97A1C5A839F3A07BA86C2ACE58817FC6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
Signing time: Thu 26 Feb 2026 02:10:09 +0000
ROA not before: Thu 26 Feb 2026 02:10:09 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:0f:96:bb:97:a1:c5:a8:39:f3:a0:7b:a8:6c:2a:ce:58:81:7f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:10:09 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=2cb8dc1cf118ffd1a771faea5ac7e4c6278faaec186d29dc491df1c54f9643b4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:32:80:5c:47:06:dc:28:a7:59:9f:a4:4e:c9:
bd:d4:85:77:40:7d:28:1d:db:b5:51:0b:0d:8f:5b:
38:1b:f6:d4:10:61:33:b0:dd:a7:5a:e0:96:dd:e2:
0c:dd:84:a1:b9:d4:ce:b9:d2:5f:af:45:3a:10:9e:
7b:31:bd:12:ac:65:57:df:19:fa:67:43:67:bf:2f:
7a:8a:7c:bb:32:00:fc:16:d7:ad:01:bc:98:ea:75:
e5:4a:db:39:2f:04:39:28:c0:2a:23:1e:ad:43:c0:
a7:08:3f:f6:68:1e:71:49:63:22:41:17:db:91:2c:
4f:da:5b:c3:b9:d4:fa:01:83:68:85:0d:c7:8a:94:
4d:2b:d3:8d:8e:d9:f1:c2:3f:4d:61:53:63:dc:76:
72:1a:55:e1:df:c3:b7:04:18:43:30:fc:8f:18:40:
a3:d9:cb:6f:e7:77:60:52:c0:50:ae:75:f9:d6:26:
ff:5d:3c:17:d4:ff:df:66:7d:11:8f:83:a8:e6:ed:
be:9c:d2:7c:ab:1a:f5:d3:df:ee:b1:b4:ae:50:4e:
94:fb:2d:92:b0:c8:cc:05:f7:ea:a8:16:6f:93:4a:
3c:ca:f3:22:63:65:e4:11:b7:5e:8b:e5:aa:d5:8a:
c4:cf:2f:c9:ec:3e:81:89:df:f0:4b:b5:a8:d6:b9:
f2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:58:AF:3B:35:CD:97:F5:37:14:64:04:B3:54:5D:EF:71:FD:24:53
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
a5:52:26:f0:de:48:74:08:bc:ad:87:16:f2:8a:d8:29:64:21:
fb:67:b3:4f:9f:aa:54:7d:34:36:95:14:6c:c5:7c:4a:d7:15:
ea:de:f2:b0:be:df:fe:de:01:2a:e6:b3:7a:16:66:19:73:54:
7c:fe:34:93:3b:b0:2a:ab:3b:58:6f:92:54:ae:f6:ba:7d:b6:
91:dd:e6:23:1c:18:e5:70:b5:64:f3:74:e2:36:9a:39:1f:22:
bb:62:f3:14:fd:0a:8d:1e:0e:33:d9:c5:28:87:e2:57:86:4a:
15:48:5b:96:6a:c8:d3:fc:9f:a2:71:55:ea:ee:fb:57:dc:50:
e4:1a:51:8a:e5:da:24:e2:91:41:5a:02:66:48:f7:ad:69:b6:
a2:0d:0b:32:32:4c:5a:24:85:f4:13:ff:21:72:df:96:c8:13:
71:d4:e3:2f:a9:21:d0:73:aa:a0:ae:43:57:a1:19:9e:32:ff:
c9:ae:c5:59:23:22:3b:86:75:b9:f3:80:23:6a:1a:7b:56:de:
b4:ed:e6:6e:d9:5a:08:35:3a:d5:65:9a:a0:c8:f9:a1:b4:34:
ac:d2:21:d1:ba:dd:ac:f3:e6:ea:9a:a2:19:f3:fa:da:51:58:
82:f7:7b:c2:e5:07:7e:7e:99:61:08:58:df:7b:42:5a:02:a2:
8b:73:50:a5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFA+Wu5ehxag586B7qGwqzliBf8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjEwMDlaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjYjhkYzFjZjExOGZmZDFhNzcxZmFlYTVhYzdlNGM2Mjc4ZmFhZWMxODZk
MjlkYzQ5MWRmMWM1NGY5NjQzYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0ygFxHBtwop1mfpE7JvdSFd0B9KB3btVELDY9bOBv21BBhM7Ddp1rglt3i
DN2EobnUzrnSX69FOhCeezG9EqxlV98Z+mdDZ78veop8uzIA/BbXrQG8mOp15Urb
OS8EOSjAKiMerUPApwg/9mgecUljIkEX25EsT9pbw7nU+gGDaIUNx4qUTSvTjY7Z
8cI/TWFTY9x2chpV4d/DtwQYQzD8jxhAo9nLb+d3YFLAUK51+dYm/108F9T/32Z9
EY+DqObtvpzSfKsa9dPf7rG0rlBOlPstkrDIzAX36qgWb5NKPMrzImNl5BG3Xovl
qtWKxM8vyew+gYnf8Eu1qNa58nECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT7WK87
Nc2X9TcUZASzVF3vcf0kUzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjIzMWY3YWUtN2RiZi00ZGJiLThmN2EtOTFiNDEwMzIxOGFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
wDANBgkqhkiG9w0BAQsFAAOCAQEApVIm8N5IdAi8rYcW8orYKWQh+2ezT5+qVH00
NpUUbMV8StcV6t7ysL7f/t4BKuazehZmGXNUfP40kzuwKqs7WG+SVK72un22kd3m
IxwY5XC1ZPN04jaaOR8iu2LzFP0KjR4OM9nFKIfiV4ZKFUhblmrI0/yfonFV6u77
V9xQ5BpRiuXaJOKRQVoCZkj3rWm2og0LMjJMWiSF9BP/IXLflsgTcdTjL6kh0HOq
oK5DV6EZnjL/ya7FWSMiO4Z1ufOAI2oae1betO3mbtlaCDU61WWaoMj5obQ0rNIh
0brdrPPm6pqiGfP62lFYgvd7wuUHfn6ZYQhY33tCWgKii3NQpQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:24:43 2026 by rpki-client