Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: 54B/+qG3n/tyzLsDCtfxltfp1hmU6K8ASrJPzMAsWKE=
Subject key identifier: D2:FC:4E:E3:74:CD:FC:9C:72:F6:81:69:DC:C3:1E:EE:6B:BB:B9:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54AE49A394B496679AEA013C5207657224632DE5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Sat 28 Feb 2026 05:20:57 +0000
ROA not before: Sat 28 Feb 2026 05:20:57 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:ae:49:a3:94:b4:96:67:9a:ea:01:3c:52:07:65:72:24:63:2d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:57 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5b29c992e1f598c9f44bbba17a6f392fdb0aacd58020b1a2bcf89d7073c17bf5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:56:3a:f3:f0:3b:32:6b:4a:81:c6:c7:f6:63:
11:e6:06:64:23:10:2a:86:8b:1a:5e:21:67:e9:19:
63:81:d2:e1:8e:07:b2:7e:65:5d:51:46:45:e2:e3:
26:07:04:9e:d1:03:dc:38:6a:fe:5b:92:df:0d:aa:
16:df:13:36:1a:4f:02:a6:b7:7b:1f:2d:35:1c:01:
d8:42:5c:b9:8a:d9:72:10:78:3b:bf:17:0e:fd:ed:
e6:2b:da:8e:c2:5a:9b:0a:38:a0:e2:4b:76:ec:a0:
b3:c5:39:06:e7:fc:3d:f3:fc:8e:12:93:fc:cb:8a:
89:97:b6:a5:09:fd:de:6a:0a:24:3a:2e:8e:97:6a:
e3:f9:56:a6:db:02:18:ab:93:5d:ed:c8:16:a5:ee:
33:95:e8:2f:bc:60:27:5d:82:7c:45:48:e5:05:a1:
0f:17:b3:37:d1:ed:50:d3:89:78:43:87:e7:d4:45:
ed:d1:78:8e:c0:5e:83:26:e0:be:c1:de:46:92:ce:
9a:ae:44:cc:17:7f:45:23:ba:9d:05:9b:e1:b5:4e:
d3:8d:4b:5a:98:90:ff:de:42:61:3b:24:9f:69:78:
7f:18:80:4f:29:1f:cc:cc:1f:97:57:e5:43:23:30:
22:ae:ad:29:f4:de:32:13:7b:c4:cb:bf:7a:0e:a0:
23:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FC:4E:E3:74:CD:FC:9C:72:F6:81:69:DC:C3:1E:EE:6B:BB:B9:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
60:31:43:8b:a0:c4:8d:78:0a:e8:8c:e7:c7:56:9a:27:e9:38:
c0:6f:a0:d4:6d:99:e8:89:c0:f7:77:79:d1:28:1a:4b:9f:de:
f9:8d:87:5d:0a:c2:69:fa:6c:54:95:3f:7b:1a:85:69:ba:90:
bc:8f:45:5e:61:28:01:53:04:bd:6f:ed:05:2f:ea:bc:87:58:
35:75:44:43:07:c5:f8:1f:4a:a0:f4:65:3d:55:e5:c6:7d:8b:
5f:40:ca:49:fd:8b:d5:e2:d6:db:8a:63:6c:c2:c8:49:59:b8:
e7:de:38:b1:fe:57:86:aa:ea:2b:4f:37:2c:1d:4a:94:2c:35:
9f:1e:bd:64:0f:a2:d7:6b:b5:29:9a:3f:b3:e5:76:32:86:2d:
c9:45:f9:45:63:b8:f4:b1:5a:7e:13:f8:93:b3:70:33:82:94:
a0:62:e8:ac:9f:d9:1f:8e:a0:66:57:86:0d:cb:b4:94:d4:e1:
d4:86:cb:42:a7:0c:29:e7:7c:46:87:6a:50:39:2c:5b:e9:05:
6c:d4:e2:ae:9e:ac:53:ef:02:57:45:6b:23:06:31:38:ab:2b:
7d:a1:71:a8:34:b1:84:56:f1:a5:39:c3:fc:c8:72:88:2c:78:
28:72:84:60:51:eb:f0:ba:03:fe:25:14:c7:0d:60:c4:0d:ce:
87:f1:38:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVK5Jo5S0lmea6gE8UgdlciRjLeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNTdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDViMjljOTkyZTFmNTk4YzlmNDRiYmJhMTdhNmYzOTJmZGIwYWFjZDU4MDIw
YjFhMmJjZjg5ZDcwNzNjMTdiZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdWOvPwOzJrSoHGx/ZjEeYGZCMQKoaLGl4hZ+kZY4HS4Y4Hsn5lXVFGReLj
JgcEntED3Dhq/luS3w2qFt8TNhpPAqa3ex8tNRwB2EJcuYrZchB4O78XDv3t5iva
jsJamwo4oOJLduygs8U5Buf8PfP8jhKT/MuKiZe2pQn93moKJDoujpdq4/lWptsC
GKuTXe3IFqXuM5XoL7xgJ12CfEVI5QWhDxezN9HtUNOJeEOH59RF7dF4jsBegybg
vsHeRpLOmq5EzBd/RSO6nQWb4bVO041LWpiQ/95CYTskn2l4fxiATykfzMwfl1fl
QyMwIq6tKfTeMhN7xMu/eg6gI6MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTS/E7j
dM38nHL2gWncwx7ua7u5yzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBgMUOLoMSNeArojOfHVpon6TjAb6DUbZnoicD3
d3nRKBpLn975jYddCsJp+mxUlT97GoVpupC8j0VeYSgBUwS9b+0FL+q8h1g1dURD
B8X4H0qg9GU9VeXGfYtfQMpJ/YvV4tbbimNswshJWbjn3jix/leGquorTzcsHUqU
LDWfHr1kD6LXa7Upmj+z5XYyhi3JRflFY7j0sVp+E/iTs3AzgpSgYuisn9kfjqBm
V4YNy7SU1OHUhstCpwwp53xGh2pQOSxb6QVs1OKunqxT7wJXRWsjBjE4qyt9oXGo
NLGEVvGlOcP8yHKILHgocoRgUevwugP+JRTHDWDEDc6H8TiM
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:25 2026 by rpki-client