Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa
File: 075bdd7a-ba79-4543-9f8e-ac092351419b.roa (raw, json)
Hash identifier: X971bfu3GhoX5xO3y7sbKOxjEmmr65YzUvVhE2Ns/6Q=
Subject key identifier: D7:71:25:58:A5:65:62:97:3A:90:3E:C5:60:E2:30:D2:28:25:6C:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 706AAECE37687729AA78CA7F433FBBA77B1EB2F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa
Signing time: Wed 11 Feb 2026 01:20:05 +0000
ROA not before: Wed 11 Feb 2026 01:20:05 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:6a:ae:ce:37:68:77:29:aa:78:ca:7f:43:3f:bb:a7:7b:1e:b2:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:20:05 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=2bc3b229c4564a83127bc2f30c59c63c98f44dfd3894a7c73b0c476f5e078d5e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1b:75:4a:7e:b4:60:db:62:fd:4b:14:97:55:
41:4a:b9:7b:f8:5b:c2:98:56:59:a8:1a:de:54:4b:
04:08:52:a6:f2:fe:60:cf:d0:66:de:dc:61:6e:03:
51:93:0c:76:ce:15:c5:52:1e:3b:45:2f:58:25:fd:
25:7c:cf:da:2c:3c:b2:62:81:2d:85:17:2e:c9:33:
85:d7:8c:fa:f0:78:61:1c:b9:c4:23:3f:90:94:32:
cb:73:de:29:e0:d5:00:e9:80:70:9d:ab:52:b2:7c:
68:d8:02:0f:1c:87:fb:fd:b5:b3:20:07:9f:62:c2:
5b:6b:5b:13:cf:58:27:5e:d9:45:6f:02:ee:b0:00:
0f:74:40:81:88:83:49:f5:b8:c8:0c:bb:d2:b0:67:
6d:76:98:d8:e5:6e:56:04:96:fc:a0:5f:41:47:a8:
4b:eb:60:70:4c:eb:2b:ab:cf:be:0d:74:16:1d:90:
66:3b:d6:f8:ce:8c:b1:dd:ef:5a:04:eb:db:93:3c:
d5:93:32:b9:75:29:30:45:3e:fe:31:fa:e9:bf:4d:
4e:b4:b2:d3:14:60:21:8e:06:f8:a7:89:ef:96:6c:
6e:85:11:b2:89:eb:4f:ae:ee:de:07:15:8b:0c:23:
4d:00:8a:88:1d:25:bb:db:a4:45:4d:c4:b4:81:e2:
17:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:71:25:58:A5:65:62:97:3A:90:3E:C5:60:E2:30:D2:28:25:6C:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
1c:3b:13:ae:f8:07:a7:85:6d:41:2a:df:f1:71:31:84:23:c0:
56:d5:cf:99:04:0e:8c:01:d1:88:fc:9c:fb:e5:70:df:2b:83:
41:26:1c:f6:bb:d0:7f:d7:c1:a5:9f:97:5c:9d:6a:78:48:e3:
c0:b2:21:b0:0f:f4:a1:b7:47:50:fd:1d:9e:5c:95:c2:39:20:
0e:22:83:0b:62:4f:48:66:6b:fc:03:1f:e8:97:c4:36:d7:bc:
96:e9:86:5e:67:29:2a:88:b6:92:6f:03:85:92:ad:70:d5:88:
7a:1e:9c:1d:f0:fc:e0:03:b8:47:3d:c0:54:75:53:64:b5:ea:
ce:fe:28:de:de:32:c6:7e:53:16:df:45:eb:69:6d:5b:5a:56:
f0:df:f1:e9:6d:25:4d:ad:d8:9b:95:bc:7d:d3:8e:b7:a3:1e:
7d:ca:50:9f:fc:96:03:69:f5:e3:48:ec:f5:7f:8c:a1:39:ec:
88:ca:79:8a:be:44:05:87:3e:63:de:7d:88:50:1f:ee:f4:42:
fc:7c:6c:da:b5:69:11:3e:f6:d3:56:8a:1f:dc:1d:a1:ca:2a:
84:ee:d6:22:e3:17:77:aa:a4:25:2e:14:9b:38:62:2b:b3:1a:
ae:44:85:49:b8:6e:6d:24:df:9f:49:d7:24:ab:43:43:7e:a2:
3b:8e:7e:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcGquzjdodymqeMp/Qz+7p3sesvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTIwMDVaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiYzNiMjI5YzQ1NjRhODMxMjdiYzJmMzBjNTljNjNjOThmNDRkZmQzODk0
YTdjNzNiMGM0NzZmNWUwNzhkNWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEbdUp+tGDbYv1LFJdVQUq5e/hbwphWWaga3lRLBAhSpvL+YM/QZt7cYW4D
UZMMds4VxVIeO0UvWCX9JXzP2iw8smKBLYUXLskzhdeM+vB4YRy5xCM/kJQyy3Pe
KeDVAOmAcJ2rUrJ8aNgCDxyH+/21syAHn2LCW2tbE89YJ17ZRW8C7rAAD3RAgYiD
SfW4yAy70rBnbXaY2OVuVgSW/KBfQUeoS+tgcEzrK6vPvg10Fh2QZjvW+M6Msd3v
WgTr25M81ZMyuXUpMEU+/jH66b9NTrSy0xRgIY4G+KeJ75ZsboURsonrT67u3gcV
iwwjTQCKiB0lu9ukRU3EtIHiF9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTXcSVY
pWVilzqQPsVg4jDSKCVsrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDc1YmRkN2EtYmE3OS00NTQzLTlmOGUtYWMwOTIzNTE0MTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gpg
MA0GCSqGSIb3DQEBCwUAA4IBAQAcOxOu+AenhW1BKt/xcTGEI8BW1c+ZBA6MAdGI
/Jz75XDfK4NBJhz2u9B/18Gln5dcnWp4SOPAsiGwD/Sht0dQ/R2eXJXCOSAOIoML
Yk9IZmv8Ax/ol8Q217yW6YZeZykqiLaSbwOFkq1w1Yh6Hpwd8PzgA7hHPcBUdVNk
terO/ije3jLGflMW30XraW1bWlbw3/HpbSVNrdiblbx90463ox59ylCf/JYDafXj
SOz1f4yhOeyIynmKvkQFhz5j3n2IUB/u9EL8fGzatWkRPvbTVoof3B2hyiqE7tYi
4xd3qqQlLhSbOGIrsxquRIVJuG5tJN+fSdckq0NDfqI7jn6O
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:12:43 2026 by rpki-client