Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
File: 0e68fbde-eead-4e29-b902-4eed053693ac.roa (raw, json)
Hash identifier: V/OBNnMKSNMnlJBUprQH+7XMhKcfSysnsZpXCxxTHsU=
Subject key identifier: 26:C9:8A:18:1A:AE:EE:27:1E:31:14:0E:79:9A:3F:1A:6A:03:24:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 157B22BE1D7CFC390720D0F25BE96D255B6EF5C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
Signing time: Sat 28 Feb 2026 05:30:57 +0000
ROA not before: Sat 28 Feb 2026 05:30:57 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:7b:22:be:1d:7c:fc:39:07:20:d0:f2:5b:e9:6d:25:5b:6e:f5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:57 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=31dd2ddb9805a98e636c90b4e64b36bf689193d5df263907d24dac6d0f3743b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:95:90:d9:5e:23:58:0f:45:5d:ca:a9:68:34:
c2:7b:f9:57:88:4d:49:54:29:00:09:dd:01:ac:18:
36:df:6e:6c:bb:19:cd:5d:7d:e2:63:8f:52:56:c1:
bc:fc:2a:71:18:b5:0d:71:b8:58:2f:87:0e:e4:1f:
a9:84:e6:4c:36:1b:df:d0:f7:44:04:4b:76:b9:2b:
46:56:5c:69:9d:9f:6d:3f:65:9b:24:b0:d9:4f:b6:
b1:60:27:d7:19:96:ee:9a:fd:49:dd:30:24:cd:99:
e8:b2:2b:91:0b:76:fe:f3:d2:1b:f2:52:e6:26:92:
05:66:5d:bd:e7:08:a2:56:b2:95:c0:89:5c:eb:53:
c5:7a:c4:30:2a:ea:a7:bb:01:f6:3c:de:3f:39:d4:
5d:b2:13:6e:18:42:41:6b:b4:dc:4c:94:f9:8b:0a:
2a:ec:2f:85:26:b1:55:a0:a3:da:ee:9e:67:cb:a3:
3c:ef:a9:8b:15:a7:0e:0d:c3:65:08:85:9c:51:b6:
b1:02:80:b1:83:cb:ed:94:23:6f:59:9e:20:9a:dc:
6d:5a:74:e5:04:9a:cd:98:41:3e:b4:82:35:6d:62:
93:4f:48:5c:79:d0:e0:82:79:b9:7e:ba:e5:3b:81:
3d:32:d9:34:8c:6a:b6:c6:da:09:fd:8d:93:09:31:
5d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:C9:8A:18:1A:AE:EE:27:1E:31:14:0E:79:9A:3F:1A:6A:03:24:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/36
Signature Algorithm: sha256WithRSAEncryption
99:cc:df:ce:02:98:97:e8:21:9e:6d:f2:63:f7:09:9e:e5:6e:
72:13:ee:ef:df:57:94:e1:3c:3c:32:2a:5d:cd:77:fd:06:9a:
92:e4:91:40:5b:a7:5d:31:06:3a:58:98:eb:65:de:9e:d0:71:
ee:dc:f7:bc:9c:a4:92:f1:58:37:15:ac:57:32:c2:34:4f:52:
43:d1:6f:14:a7:e2:92:5c:ea:6a:b1:ac:bb:6d:6d:9a:16:33:
bf:dc:eb:d2:41:51:b6:c7:39:d0:96:28:12:2b:37:db:7f:4f:
cd:f8:df:16:b7:0e:59:4c:81:ce:17:b7:e5:15:a3:90:44:2d:
ca:17:08:3a:26:b7:3d:6f:a4:61:59:ca:15:e3:59:89:a5:3f:
cf:63:de:77:a6:79:db:ab:4b:d3:11:3c:5f:a2:32:23:01:d2:
cd:cc:a1:18:c0:3f:19:c3:41:75:c0:a2:8b:90:24:30:c8:9b:
40:d8:ef:35:a7:a8:65:fd:9f:eb:e7:d6:c2:f8:c5:0b:4a:1b:
eb:af:b4:78:e0:60:c8:0f:81:5d:8a:d6:37:e2:d5:1f:d7:54:
f3:21:56:af:8a:35:a7:d0:a7:1f:68:60:60:44:c9:12:2e:10:
d0:3c:ce:f5:ae:f6:05:3b:9c:7c:77:0d:49:24:9d:63:1b:1a:
8c:8b:e5:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFXsivh18/DkHINDyW+ltJVtu9cgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwNTdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxZGQyZGRiOTgwNWE5OGU2MzZjOTBiNGU2NGIzNmJmNjg5MTkzZDVkZjI2
MzkwN2QyNGRhYzZkMGYzNzQzYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+VkNleI1gPRV3KqWg0wnv5V4hNSVQpAAndAawYNt9ubLsZzV194mOPUlbB
vPwqcRi1DXG4WC+HDuQfqYTmTDYb39D3RARLdrkrRlZcaZ2fbT9lmySw2U+2sWAn
1xmW7pr9Sd0wJM2Z6LIrkQt2/vPSG/JS5iaSBWZdvecIolaylcCJXOtTxXrEMCrq
p7sB9jzePznUXbITbhhCQWu03EyU+YsKKuwvhSaxVaCj2u6eZ8ujPO+pixWnDg3D
ZQiFnFG2sQKAsYPL7ZQjb1meIJrcbVp05QSazZhBPrSCNW1ik09IXHnQ4IJ5uX66
5TuBPTLZNIxqtsbaCf2NkwkxXW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmyYoY
Gq7uJx4xFA55mj8aagMkgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU2OGZiZGUtZWVhZC00ZTI5LWI5MDItNGVlZDA1MzY5M2FjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQCZzN/OApiX6CGebfJj9wme5W5yE+7v31eU4Tw8
MipdzXf9BpqS5JFAW6ddMQY6WJjrZd6e0HHu3Pe8nKSS8Vg3FaxXMsI0T1JD0W8U
p+KSXOpqsay7bW2aFjO/3OvSQVG2xznQligSKzfbf0/N+N8Wtw5ZTIHOF7flFaOQ
RC3KFwg6Jrc9b6RhWcoV41mJpT/PY953pnnbq0vTETxfojIjAdLNzKEYwD8Zw0F1
wKKLkCQwyJtA2O81p6hl/Z/r59bC+MULShvrr7R44GDID4FditY34tUf11TzIVav
ijWn0KcfaGBgRMkSLhDQPM71rvYFO5x8dw1JJJ1jGxqMi+UE
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:01:19 2026 by rpki-client