Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa
File: 08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa (raw, json)
Hash identifier: 4XkvC5sS7169cPPPLuo0DdLHDOYXTYIcOeOra8WrUJg=
Subject key identifier: 95:78:D3:16:CF:11:33:38:85:50:3F:43:FD:88:2B:AC:5E:0D:53:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10EB5E9D4FBEF6596407433D551613A45EB1789C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa
Signing time: Wed 25 Feb 2026 03:00:10 +0000
ROA not before: Wed 25 Feb 2026 03:00:10 +0000
ROA not after: Tue 26 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:eb:5e:9d:4f:be:f6:59:64:07:43:3d:55:16:13:a4:5e:b1:78:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 25 03:00:10 2026 GMT
Not After : May 26 23:59:59 2026 GMT
Subject: serialNumber=84dcf94c935e682a0e41b954eb6717d69e08e6df707fb958890d430b4af08d0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:63:99:08:b7:3c:a7:8d:f2:1b:fb:5c:d0:9c:
5a:c3:db:c0:28:3a:e0:df:f6:80:c1:ad:2b:f3:06:
45:c0:a1:db:30:51:be:92:d7:dc:f1:d5:bb:9f:dd:
a6:1c:7a:aa:e4:1e:77:ac:72:c0:5f:87:3b:3d:25:
73:94:b6:37:42:f0:73:74:50:82:9c:ab:50:3d:1b:
ce:e3:cd:c0:cb:74:10:e2:24:9a:8a:e7:a6:96:09:
96:5c:1a:89:da:91:88:ba:0d:7b:58:c4:8f:92:8d:
f7:1c:63:38:fc:0b:64:32:a8:21:ed:41:e5:e9:f4:
63:ea:32:df:77:d9:49:06:b7:ac:38:66:3d:ae:2b:
ad:78:5d:c7:da:26:a5:15:09:ee:64:a1:66:23:93:
52:73:89:80:54:66:62:35:1a:a8:3e:c8:f9:e4:c9:
64:08:50:75:e4:cc:ae:9f:31:f1:f2:19:7a:ac:3d:
e2:f4:cc:aa:92:f7:69:06:0a:ec:d3:f6:6b:e1:78:
50:b8:ec:97:05:10:6e:5f:20:21:dd:0b:45:bd:0d:
30:0c:82:89:8f:b4:a6:5a:49:2d:e1:a7:c7:44:41:
8f:14:35:2b:69:73:d4:4e:45:b0:22:7c:6a:2a:32:
6a:99:b0:59:38:4b:b4:d4:29:9b:3b:ef:b9:47:d3:
3b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:78:D3:16:CF:11:33:38:85:50:3F:43:FD:88:2B:AC:5E:0D:53:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:b000::/40
Signature Algorithm: sha256WithRSAEncryption
78:4d:c1:e7:c0:e1:ef:5e:4c:4d:af:2d:ac:d7:01:9e:c7:06:
ce:c9:6b:f5:eb:39:18:99:9b:ca:ed:13:db:59:9d:46:59:b9:
e2:e6:a2:98:e4:d8:dc:f8:7f:33:34:44:47:a3:5c:4b:59:d8:
a9:26:a7:a3:fe:95:59:13:fa:80:08:74:5c:a7:40:36:70:b5:
32:e1:e0:84:ce:69:10:9e:56:10:b8:5a:47:f5:42:69:68:a4:
ca:22:20:41:d3:24:bd:d8:b6:ac:65:a1:bd:ae:59:be:56:dd:
69:4a:9d:d8:52:76:8d:ae:bc:e2:d5:57:fd:bb:00:71:3c:ae:
6d:d3:54:b5:aa:10:68:65:c5:50:a1:1f:dd:25:b7:27:a7:a5:
e2:c2:e1:2d:a4:9a:47:12:1d:14:61:dd:d7:4f:6b:81:51:92:
40:5c:c1:fd:9a:7f:86:bf:2a:3e:cd:55:d6:4a:92:57:0f:25:
db:98:9d:5c:b8:a9:e7:d4:5a:3f:15:6e:16:99:bf:a8:ce:21:
98:66:d8:41:3a:b5:a5:ee:18:0c:04:8e:20:42:45:e8:50:1a:
5e:38:f1:0e:ee:c8:95:e2:16:bc:48:d2:38:84:0b:3b:db:4a:
16:7c:94:20:db:a4:de:ad:0f:d4:50:03:c7:22:0f:32:9e:8d:
ee:72:8a:f8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEOtenU++9llkB0M9VRYTpF6xeJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjUwMzAwMTBaFw0yNjA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0ZGNmOTRjOTM1ZTY4MmEwZTQxYjk1NGViNjcxN2Q2OWUwOGU2ZGY3MDdm
Yjk1ODg5MGQ0MzBiNGFmMDhkMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAINjmQi3PKeN8hv7XNCcWsPbwCg64N/2gMGtK/MGRcCh2zBRvpLX3PHVu5/d
phx6quQed6xywF+HOz0lc5S2N0Lwc3RQgpyrUD0bzuPNwMt0EOIkmornppYJllwa
idqRiLoNe1jEj5KN9xxjOPwLZDKoIe1B5en0Y+oy33fZSQa3rDhmPa4rrXhdx9om
pRUJ7mShZiOTUnOJgFRmYjUaqD7I+eTJZAhQdeTMrp8x8fIZeqw94vTMqpL3aQYK
7NP2a+F4ULjslwUQbl8gId0LRb0NMAyCiY+0plpJLeGnx0RBjxQ1K2lz1E5FsCJ8
aioyapmwWThLtNQpmzvvuUfTOzkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSVeNMW
zxEzOIVQP0P9iCusXg1TVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDhlOWYzMTEtZWUzZi00YTcyLTk0Y2QtNGI0ZWVhZTczNmY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWw
MA0GCSqGSIb3DQEBCwUAA4IBAQB4TcHnwOHvXkxNry2s1wGexwbOyWv16zkYmZvK
7RPbWZ1GWbni5qKY5Njc+H8zNERHo1xLWdipJqej/pVZE/qACHRcp0A2cLUy4eCE
zmkQnlYQuFpH9UJpaKTKIiBB0yS92LasZaG9rlm+Vt1pSp3YUnaNrrzi1Vf9uwBx
PK5t01S1qhBoZcVQoR/dJbcnp6XiwuEtpJpHEh0UYd3XT2uBUZJAXMH9mn+Gvyo+
zVXWSpJXDyXbmJ1cuKnn1Fo/FW4Wmb+oziGYZthBOrWl7hgMBI4gQkXoUBpeOPEO
7siV4ha8SNI4hAs720oWfJQg26TerQ/UUAPHIg8yno3ucor4
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:47 2026 by rpki-client