Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/012c9415-fd75-453f-91b6-b57a394d548d.roa
File: 012c9415-fd75-453f-91b6-b57a394d548d.roa (raw, json)
Hash identifier: rp//5cXGe4+PiJQbuh8taYCCE+OeMXNi+FJK7iD2Wv0=
Subject key identifier: 8C:94:20:1E:17:74:02:61:84:DE:11:89:60:C8:88:09:1D:90:1B:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 250DE324180AE8468369D2F9F0C2B8945C4990A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/012c9415-fd75-453f-91b6-b57a394d548d.roa
Signing time: Tue 24 Feb 2026 00:40:10 +0000
ROA not before: Tue 24 Feb 2026 00:40:10 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:0d:e3:24:18:0a:e8:46:83:69:d2:f9:f0:c2:b8:94:5c:49:90:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 00:40:10 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=b11e96160c671df1136c25ef54877082d0695fd7555603ae177a57e531cd85d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b7:93:b9:9f:f7:86:20:5a:4c:ee:87:f3:30:
5a:31:60:af:55:30:83:cf:15:bf:76:f4:0e:53:d3:
b6:ee:30:10:a2:90:cf:47:90:b0:52:de:e1:37:b3:
49:a1:dd:fd:66:a7:90:62:34:1e:2e:cc:2b:48:78:
98:5e:da:86:95:15:02:6d:1b:ae:73:dc:57:80:fe:
98:fc:0a:4a:2c:80:14:04:23:c3:d5:13:59:51:0b:
78:1c:8e:86:a8:92:5a:6c:fc:e3:49:77:2c:f8:1c:
35:8b:5e:be:04:92:13:f2:e5:4c:f6:3d:74:8a:60:
ed:5a:8e:df:0b:ca:30:6d:d9:50:b3:94:bd:ee:0e:
cb:58:99:18:78:63:fd:55:59:e0:ad:84:84:65:c8:
e4:47:40:3e:a0:b9:73:1e:e1:f9:79:75:95:a7:9b:
3b:ac:46:4d:14:5d:5d:d3:03:1f:66:e4:37:72:08:
b0:20:dc:57:30:9f:3c:52:ad:03:d6:a6:76:09:13:
0c:1d:e6:6e:48:12:0d:23:2a:6f:6f:91:02:cf:14:
67:11:93:58:df:29:56:89:1a:98:48:ab:5a:e4:ad:
fe:7e:ef:40:f1:6b:0e:48:cd:57:5f:b3:e4:04:1c:
c3:85:99:38:f2:26:ee:06:74:30:9a:dc:e2:fc:c7:
e3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:94:20:1E:17:74:02:61:84:DE:11:89:60:C8:88:09:1D:90:1B:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/012c9415-fd75-453f-91b6-b57a394d548d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:6000::/40
Signature Algorithm: sha256WithRSAEncryption
70:09:54:06:fe:9d:3a:e9:67:55:4b:95:ca:84:6a:03:85:49:
34:4c:47:8e:59:9c:69:4c:30:59:c1:74:0e:c8:fc:ce:09:2c:
08:a3:ad:db:73:46:66:fa:9b:5e:47:cb:b6:15:41:b5:47:5a:
bf:5f:a7:9a:be:5a:82:41:27:d6:54:2d:06:57:cf:9a:e4:5e:
fd:e1:fd:da:78:38:a2:b0:02:5f:a3:cf:91:35:3c:76:d9:08:
3f:6c:1e:32:bb:0a:16:ec:7a:57:07:53:43:61:94:ae:18:3b:
92:a4:ee:14:06:74:a6:cf:f2:78:ee:c2:fe:2a:c1:d8:a2:25:
77:d3:6e:cf:bc:6d:43:99:0b:f8:4e:ef:97:8f:2f:49:b4:75:
56:44:98:9d:c1:06:34:35:58:dc:90:6a:4c:cc:3a:24:d5:81:
2b:97:b2:b6:73:26:04:3b:13:4a:63:55:4e:68:08:7c:13:19:
fd:a4:91:98:1a:7e:e4:5f:70:b3:3b:d0:0b:49:be:8c:a0:42:
33:25:e5:a5:e7:15:c6:cd:dd:55:2a:37:95:56:d4:0e:7d:bb:
13:80:3a:82:91:61:85:d6:2a:d9:3d:01:c7:e6:e1:b3:42:c2:
a4:91:bf:1e:31:67:77:f2:c7:ad:a1:56:76:44:d6:74:2f:1d:
4e:94:f3:c8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJQ3jJBgK6EaDadL58MK4lFxJkKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwMDQwMTBaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMWU5NjE2MGM2NzFkZjExMzZjMjVlZjU0ODc3MDgyZDA2OTVmZDc1NTU2
MDNhZTE3N2E1N2U1MzFjZDg1ZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALO3k7mf94YgWkzuh/MwWjFgr1Uwg88Vv3b0DlPTtu4wEKKQz0eQsFLe4Tez
SaHd/WankGI0Hi7MK0h4mF7ahpUVAm0brnPcV4D+mPwKSiyAFAQjw9UTWVELeByO
hqiSWmz840l3LPgcNYtevgSSE/LlTPY9dIpg7VqO3wvKMG3ZULOUve4Oy1iZGHhj
/VVZ4K2EhGXI5EdAPqC5cx7h+Xl1laebO6xGTRRdXdMDH2bkN3IIsCDcVzCfPFKt
A9amdgkTDB3mbkgSDSMqb2+RAs8UZxGTWN8pVokamEirWuSt/n7vQPFrDkjNV1+z
5AQcw4WZOPIm7gZ0MJrc4vzH460CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMlCAe
F3QCYYTeEYlgyIgJHZAbEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDEyYzk0MTUtZmQ3NS00NTNmLTkxYjYtYjU3YTM5NGQ1NDhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVg
MA0GCSqGSIb3DQEBCwUAA4IBAQBwCVQG/p066WdVS5XKhGoDhUk0TEeOWZxpTDBZ
wXQOyPzOCSwIo63bc0Zm+pteR8u2FUG1R1q/X6eavlqCQSfWVC0GV8+a5F794f3a
eDiisAJfo8+RNTx22Qg/bB4yuwoW7HpXB1NDYZSuGDuSpO4UBnSmz/J47sL+KsHY
oiV3027PvG1DmQv4Tu+Xjy9JtHVWRJidwQY0NVjckGpMzDok1YErl7K2cyYEOxNK
Y1VOaAh8Exn9pJGYGn7kX3CzO9ALSb6MoEIzJeWl5xXGzd1VKjeVVtQOfbsTgDqC
kWGF1irZPQHH5uGzQsKkkb8eMWd38setoVZ2RNZ0Lx1OlPPI
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:32:06 2026 by rpki-client