Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
File: f51bf20f-531a-411e-baff-37a38bc29ce9.roa (raw, json)
Hash identifier: oGYKa/zngokRIwuwjZN9FQUlgwIyjkDb8VxCuRoEEy8=
Subject key identifier: 4A:A0:E3:05:C5:91:5E:63:83:97:7D:B5:C3:D9:74:C1:28:06:BD:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DB93251E3F14E037AF2B9C36BF62A012760C579
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
Signing time: Sat 28 Feb 2026 05:51:07 +0000
ROA not before: Sat 28 Feb 2026 05:51:07 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:b9:32:51:e3:f1:4e:03:7a:f2:b9:c3:6b:f6:2a:01:27:60:c5:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:07 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=cc282ff621c880499281279e918688af2143a16c8d71ed4849961d4058df1a9d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:43:d8:88:e6:f2:7f:3b:b5:3e:db:1f:57:23:
76:1e:4d:5a:12:4c:fa:9d:76:89:f8:2c:84:91:ef:
b9:ae:f0:61:cf:08:89:82:53:c0:58:35:59:f2:37:
51:3c:e3:a0:90:45:61:ba:aa:7a:99:4a:8c:36:a7:
41:d1:74:11:bf:1a:f1:36:ce:6a:ae:c2:b1:58:0d:
d3:7d:62:2e:10:13:95:25:1f:f2:cd:75:97:57:54:
ec:8f:c5:83:52:92:19:91:0d:39:37:dc:e4:63:d8:
95:9c:d3:65:d7:e3:50:82:6e:65:d8:32:de:4a:96:
2e:c0:2d:81:22:d3:c2:42:06:bb:34:93:21:6f:d2:
43:f6:b0:1d:b3:9c:34:18:5d:de:3e:77:0f:a5:e9:
ca:d7:24:66:ff:3c:ef:ab:8f:ce:75:13:1e:2c:65:
d0:41:8b:0b:a4:1a:8d:d1:71:ee:00:a5:7f:3e:39:
93:0b:fa:e1:04:60:e8:df:52:5a:07:5b:cf:d7:46:
6d:a0:17:fa:e3:ff:d6:39:54:44:5d:19:7c:7c:a7:
87:a6:1a:e5:49:7d:82:c5:69:6c:9d:8c:4a:ab:57:
7c:5f:b2:51:6b:5e:f4:05:b5:e6:dc:4c:49:68:25:
fc:9b:88:36:3e:2d:67:18:61:51:23:ee:6e:81:e0:
b6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A0:E3:05:C5:91:5E:63:83:97:7D:B5:C3:D9:74:C1:28:06:BD:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8020::/48
Signature Algorithm: sha256WithRSAEncryption
42:94:d2:fc:24:93:e5:c5:50:da:4a:99:54:9f:63:54:97:f9:
2c:4d:ed:c4:31:74:60:cc:17:9f:7b:d6:a3:01:ac:f3:30:32:
76:b5:79:0c:d6:c0:58:f2:a1:a1:75:f6:ba:8f:54:64:75:af:
e2:1b:f8:de:0e:69:78:4d:bc:32:b5:2c:90:ae:07:42:6f:94:
e4:50:b2:6f:a9:6f:8b:e6:e1:6c:50:07:bd:4e:df:80:d4:cb:
4c:d6:0f:a3:76:89:e0:ad:c0:13:24:ed:d8:4e:80:e6:73:3b:
b5:88:d1:04:74:41:19:5c:78:40:c5:43:a6:e5:4b:79:d2:cb:
00:d2:ab:dc:1d:27:07:47:e6:68:16:c5:8a:1a:0d:c7:e1:82:
7b:dc:13:34:1c:4d:a3:35:2b:4e:1d:bc:47:1c:57:c8:0a:c0:
57:b5:02:6d:3a:1f:8a:e0:78:77:a9:ac:1e:8a:76:4f:be:af:
fc:92:b5:b7:88:d2:95:7e:05:63:c0:7b:bd:69:a9:b9:79:ae:
7d:3c:c9:7f:fb:ac:f4:fd:f5:a6:16:58:9d:15:84:70:68:ef:
9a:77:58:2f:7c:b0:76:bb:02:cd:09:4b:e7:27:d2:33:ba:e4:
db:33:ba:ee:ec:d9:19:cc:d8:9d:a3:c5:c2:af:43:9f:51:4f:
d6:bc:63:bc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULbkyUePxTgN68rnDa/YqASdgxXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjMjgyZmY2MjFjODgwNDk5MjgxMjc5ZTkxODY4OGFmMjE0M2ExNmM4ZDcx
ZWQ0ODQ5OTYxZDQwNThkZjFhOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpD2Ijm8n87tT7bH1cjdh5NWhJM+p12ifgshJHvua7wYc8IiYJTwFg1WfI3
UTzjoJBFYbqqeplKjDanQdF0Eb8a8TbOaq7CsVgN031iLhATlSUf8s11l1dU7I/F
g1KSGZENOTfc5GPYlZzTZdfjUIJuZdgy3kqWLsAtgSLTwkIGuzSTIW/SQ/awHbOc
NBhd3j53D6XpytckZv8876uPznUTHixl0EGLC6QajdFx7gClfz45kwv64QRg6N9S
Wgdbz9dGbaAX+uP/1jlURF0ZfHynh6Ya5Ul9gsVpbJ2MSqtXfF+yUWte9AW15txM
SWgl/JuINj4tZxhhUSPuboHgtr8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKoOMF
xZFeY4OXfbXD2XTBKAa94zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUxYmYyMGYtNTMxYS00MTFlLWJhZmYtMzdhMzhiYzI5Y2U5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
IDANBgkqhkiG9w0BAQsFAAOCAQEAQpTS/CST5cVQ2kqZVJ9jVJf5LE3txDF0YMwX
n3vWowGs8zAydrV5DNbAWPKhoXX2uo9UZHWv4hv43g5peE28MrUskK4HQm+U5FCy
b6lvi+bhbFAHvU7fgNTLTNYPo3aJ4K3AEyTt2E6A5nM7tYjRBHRBGVx4QMVDpuVL
edLLANKr3B0nB0fmaBbFihoNx+GCe9wTNBxNozUrTh28RxxXyArAV7UCbTofiuB4
d6msHop2T76v/JK1t4jSlX4FY8B7vWmpuXmufTzJf/us9P31phZYnRWEcGjvmndY
L3ywdrsCzQlL5yfSM7rk2zO67uzZGczYnaPFwq9Dn1FP1rxjvA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:40 2026 by rpki-client