Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
File: f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa (raw, json)
Hash identifier: d4oMwSHT5crOmdpsUaG/lFKOwN7Agd3eCtQAto4oRsQ=
Subject key identifier: CE:77:69:7E:8D:19:0C:9E:14:9F:99:3C:96:82:9C:A6:B6:E7:C7:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4120CDEA5B7A6D5FF05B0F4DB15EDF096E5B2684
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
Signing time: Sat 14 Feb 2026 00:00:08 +0000
ROA not before: Sat 14 Feb 2026 00:00:08 +0000
ROA not after: Fri 15 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:f080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:20:cd:ea:5b:7a:6d:5f:f0:5b:0f:4d:b1:5e:df:09:6e:5b:26:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 14 00:00:08 2026 GMT
Not After : May 15 23:59:59 2026 GMT
Subject: serialNumber=d3666a46bc04dc0e6f241b666fba8fd1a0f7fb4c5731297f0e77ebe010cd6acd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a1:31:d7:65:80:9c:11:69:59:46:79:39:26:
c1:77:e1:d9:f1:ed:ec:a6:56:e3:27:47:89:9f:03:
d4:db:2b:96:90:00:dd:9a:0e:54:f3:43:71:e2:01:
fb:bf:8e:c3:28:e4:49:4b:c1:3a:38:77:66:21:fd:
04:a4:04:6b:41:7d:6f:c3:06:23:fe:f2:e2:cb:df:
39:ca:e1:c6:5a:f4:8e:66:f5:59:a5:2c:93:bd:15:
57:59:23:78:5a:5d:b5:6b:48:00:fc:33:7c:c6:f0:
ef:06:8a:ab:00:4e:bd:42:67:57:bf:07:af:74:6a:
b8:e4:5f:51:a9:a4:7a:9d:9d:67:9e:c0:ae:42:d2:
c0:46:0b:1f:3b:e1:28:ef:d8:75:ef:8d:ed:5c:fa:
8e:80:f6:57:3b:ad:d7:73:84:ce:fd:1e:65:bf:8c:
30:12:c5:e0:15:e0:6a:ca:83:6b:e8:58:8a:ad:f1:
e5:b0:a4:50:1f:f0:e6:69:1b:35:81:3f:04:b4:d3:
38:d5:2f:8b:fb:c2:74:aa:ee:de:d1:95:4f:77:4f:
c0:bb:84:f7:1f:0a:b6:53:05:1c:ff:7b:89:09:cd:
e3:2b:7a:a0:59:16:cf:78:f1:54:89:51:27:f2:e3:
39:be:ee:c9:bd:c1:ea:46:49:9c:e9:4b:34:8b:42:
62:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:77:69:7E:8D:19:0C:9E:14:9F:99:3C:96:82:9C:A6:B6:E7:C7:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:f080::/48
Signature Algorithm: sha256WithRSAEncryption
2f:0a:10:4a:82:0f:ea:8b:7c:30:8c:7e:91:78:2a:11:6d:30:
eb:bc:4f:23:22:da:e2:b3:c7:f1:74:ed:b0:95:8c:52:20:17:
b5:d6:d6:03:ce:27:40:91:58:70:81:8c:f0:78:42:c7:92:62:
f1:ab:13:a9:76:1c:61:fc:d7:d4:5a:08:d6:02:e2:fc:0a:f3:
30:5f:76:71:98:86:b1:f4:09:9a:e4:74:5b:87:13:d1:98:06:
9f:0f:63:a5:cf:9b:e5:30:14:c9:1a:9e:d7:6f:74:91:8a:e1:
44:06:1f:23:2f:80:32:af:67:be:51:6b:44:18:d5:53:93:fa:
14:11:69:0d:ce:d7:77:28:64:45:0b:34:54:3d:b9:73:04:c0:
29:e3:cc:9c:1b:18:82:50:c4:8a:28:34:1e:c7:65:37:e3:eb:
20:02:18:4a:fa:a6:7e:84:fc:83:17:d0:53:8c:00:c8:9e:37:
d6:e0:c8:14:b1:12:00:fe:15:04:e7:8d:b1:a3:91:a4:85:1e:
b0:fa:a1:5f:1a:40:dc:db:a1:6f:c1:13:93:ca:34:9e:1e:d8:
1b:e7:68:a9:df:b8:4b:2d:c0:81:58:fc:cc:15:2e:38:e7:57:
8a:32:a9:6d:90:b2:c4:ec:ae:07:8c:7a:df:7d:1b:5c:97:fe:
99:fb:47:57
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQSDN6lt6bV/wWw9NsV7fCW5bJoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTQwMDAwMDhaFw0yNjA1MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzNjY2YTQ2YmMwNGRjMGU2ZjI0MWI2NjZmYmE4ZmQxYTBmN2ZiNGM1NzMx
Mjk3ZjBlNzdlYmUwMTBjZDZhY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2hMddlgJwRaVlGeTkmwXfh2fHt7KZW4ydHiZ8D1NsrlpAA3ZoOVPNDceIB
+7+OwyjkSUvBOjh3ZiH9BKQEa0F9b8MGI/7y4svfOcrhxlr0jmb1WaUsk70VV1kj
eFpdtWtIAPwzfMbw7waKqwBOvUJnV78Hr3RquORfUamkep2dZ57ArkLSwEYLHzvh
KO/Yde+N7Vz6joD2Vzut13OEzv0eZb+MMBLF4BXgasqDa+hYiq3x5bCkUB/w5mkb
NYE/BLTTONUvi/vCdKru3tGVT3dPwLuE9x8KtlMFHP97iQnN4yt6oFkWz3jxVIlR
J/LjOb7uyb3B6kZJnOlLNItCYvUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTOd2l+
jRkMnhSfmTyWgpymtufHGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjI5OGM5ZDEtNWY1ZS00YTJhLWEyMDMtMjllMmNiZGIzNzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/w
gDANBgkqhkiG9w0BAQsFAAOCAQEALwoQSoIP6ot8MIx+kXgqEW0w67xPIyLa4rPH
8XTtsJWMUiAXtdbWA84nQJFYcIGM8HhCx5Ji8asTqXYcYfzX1FoI1gLi/ArzMF92
cZiGsfQJmuR0W4cT0ZgGnw9jpc+b5TAUyRqe1290kYrhRAYfIy+AMq9nvlFrRBjV
U5P6FBFpDc7XdyhkRQs0VD25cwTAKePMnBsYglDEiig0HsdlN+PrIAIYSvqmfoT8
gxfQU4wAyJ431uDIFLESAP4VBOeNsaORpIUesPqhXxpA3Nuhb8ETk8o0nh7YG+do
qd+4Sy3AgVj8zBUuOOdXijKpbZCyxOyuB4x6330bXJf+mftHVw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:21 2026 by rpki-client