Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
File: fc40321f-72c2-43a4-8c42-0e935f8f1943.roa (raw, json)
Hash identifier: bf3Hzf4MDpW13+9JdOZeSzRTySt5O4ZQF0enZQGpEfE=
Subject key identifier: 0E:83:C3:D1:CE:FC:FF:60:E2:78:B2:02:7B:92:AF:F9:10:9B:FD:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DA5BEFFAFA8478A26324B0B4E640087C4E5843E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
Signing time: Sat 28 Feb 2026 05:50:44 +0000
ROA not before: Sat 28 Feb 2026 05:50:44 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:a5:be:ff:af:a8:47:8a:26:32:4b:0b:4e:64:00:87:c4:e5:84:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:44 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=45938c5e2dc0d0bbb9864434da3eeca42cc0e4b9243565a7dd86fa8aac66e3ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:21:82:93:30:10:98:2c:ca:4d:98:32:e8:7c:
7b:b1:d3:c2:96:d7:97:bf:95:64:05:71:a7:85:37:
6d:a1:6b:56:56:f4:cc:96:a0:c8:3d:2f:20:57:64:
8e:fa:56:ca:06:ac:59:12:28:54:e7:eb:99:59:f8:
ec:b7:d4:6b:d4:ed:6f:50:9e:ee:6c:bb:c6:c2:71:
04:30:61:63:5d:0d:29:a4:15:f9:1f:c4:14:e4:ce:
75:9c:08:14:df:1b:03:a3:f6:eb:01:08:87:90:54:
7b:f3:59:01:51:d4:45:6a:2d:03:b0:68:3e:68:20:
3f:cf:69:4f:45:e6:8a:44:5f:80:a5:94:bf:db:6a:
de:da:30:10:a5:57:b5:1c:c0:1a:fc:1f:2f:b8:a3:
b1:43:f2:aa:45:fa:45:25:f4:a5:c4:78:40:49:3e:
77:63:9d:c1:97:a5:52:5c:f8:b4:89:fd:24:63:e5:
07:08:72:26:99:a8:34:af:04:1f:58:ea:5e:92:b7:
44:8e:29:28:a2:76:02:1a:3d:cf:cf:f1:f2:6d:a1:
5a:0d:8d:f5:13:85:77:b5:a5:f7:89:39:68:44:28:
24:b1:fd:b5:0a:a9:d2:f7:a5:51:22:3c:8f:40:df:
56:0d:8b:61:d9:69:d4:4a:db:57:f6:13:ff:8e:20:
bd:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:83:C3:D1:CE:FC:FF:60:E2:78:B2:02:7B:92:AF:F9:10:9B:FD:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:80:15:45:f8:d9:c5:79:61:d5:e9:72:9f:a3:4c:25:0f:f6:
c0:9d:58:a6:8e:c8:cb:c0:ed:a4:0c:5e:ff:18:cc:e7:68:64:
31:e5:9b:8d:22:eb:a8:ef:78:a7:d0:27:67:f3:f7:2f:78:86:
b7:17:38:44:48:6f:48:c0:20:2c:b5:ec:22:25:36:ee:67:8f:
63:70:3e:d3:83:fe:ee:4c:be:bd:3d:e9:e8:bc:6a:3c:77:ce:
9b:47:1b:65:aa:fd:1b:61:af:ce:4e:40:e0:b8:90:83:d7:a6:
e7:0b:57:db:47:31:69:1e:8a:fb:67:24:dc:5d:9d:7e:a5:15:
f0:3c:81:9d:d3:b9:b8:dd:5d:0d:ce:d2:b5:84:71:4c:87:c1:
fb:ee:2b:b9:1b:2e:b6:43:d6:c9:5d:0c:56:ed:97:1a:0f:53:
fe:8f:25:7f:29:c2:0c:15:15:d3:84:5e:fb:35:84:26:3a:92:
42:a5:a9:27:62:26:a7:bf:ca:32:58:88:43:5c:f5:6e:f2:27:
41:14:ee:db:20:1f:0c:c5:6c:b0:83:e3:39:00:3e:3c:73:b5:
a5:81:ee:7c:cf:b1:ce:52:4e:1d:0b:c3:da:48:36:f4:6f:7c:
89:09:d8:62:58:38:40:d5:46:cc:c5:d3:d6:5b:0c:8c:5e:9b:
ca:2d:df:eb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHaW+/6+oR4omMksLTmQAh8TlhD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwNDRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1OTM4YzVlMmRjMGQwYmJiOTg2NDQzNGRhM2VlY2E0MmNjMGU0YjkyNDM1
NjVhN2RkODZmYThhYWM2NmUzYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAhgpMwEJgsyk2YMuh8e7HTwpbXl7+VZAVxp4U3baFrVlb0zJagyD0vIFdk
jvpWygasWRIoVOfrmVn47LfUa9Ttb1Ce7my7xsJxBDBhY10NKaQV+R/EFOTOdZwI
FN8bA6P26wEIh5BUe/NZAVHURWotA7BoPmggP89pT0XmikRfgKWUv9tq3towEKVX
tRzAGvwfL7ijsUPyqkX6RSX0pcR4QEk+d2OdwZelUlz4tIn9JGPlBwhyJpmoNK8E
H1jqXpK3RI4pKKJ2Aho9z8/x8m2hWg2N9ROFd7Wl94k5aEQoJLH9tQqp0velUSI8
j0DfVg2LYdlp1ErbV/YT/44gvQECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQOg8PR
zvz/YOJ4sgJ7kq/5EJv9gjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0MDMyMWYtNzJjMi00M2E0LThjNDItMGU5MzVmOGYxOTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
wDANBgkqhkiG9w0BAQsFAAOCAQEAP4AVRfjZxXlh1elyn6NMJQ/2wJ1Ypo7Iy8Dt
pAxe/xjM52hkMeWbjSLrqO94p9AnZ/P3L3iGtxc4REhvSMAgLLXsIiU27mePY3A+
04P+7ky+vT3p6LxqPHfOm0cbZar9G2Gvzk5A4LiQg9em5wtX20cxaR6K+2ck3F2d
fqUV8DyBndO5uN1dDc7StYRxTIfB++4ruRsutkPWyV0MVu2XGg9T/o8lfynCDBUV
04Re+zWEJjqSQqWpJ2Imp7/KMliIQ1z1bvInQRTu2yAfDMVssIPjOQA+PHO1pYHu
fM+xzlJOHQvD2kg29G98iQnYYlg4QNVGzMXT1lsMjF6byi3f6w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:16:02 2026 by rpki-client