Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
File: 10e25f26-1142-4a43-8091-69f9ddd435c1.roa (raw, json)
Hash identifier: 8SLlrgiyo3UydGzragpcU++VbRgDlXZf6VHjv74OxzU=
Subject key identifier: 30:4F:24:A2:A5:E0:79:AC:C1:0A:40:17:A8:AE:02:28:4D:6D:2B:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7722A66C222463F054E4966D64FE9A422A2FB7BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
Signing time: Sat 28 Feb 2026 06:21:26 +0000
ROA not before: Sat 28 Feb 2026 06:21:26 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:22:a6:6c:22:24:63:f0:54:e4:96:6d:64:fe:9a:42:2a:2f:b7:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:26 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f989f1d6c1418ae9c287bec01a7d5795973b619b7df788bc1262698b4b807fce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d0:17:99:29:c4:29:58:bb:86:db:50:2c:a0:
5e:56:c8:29:5f:57:f4:c4:a4:0e:7c:e6:51:35:14:
af:7c:8e:7c:54:ca:d1:c3:e6:75:16:ba:57:3c:c7:
d6:36:01:e5:a0:e1:31:7a:ad:87:d4:dc:a0:7e:6b:
93:3f:61:14:a0:25:31:0f:8a:b4:30:f8:f3:ab:1b:
bd:24:82:c0:fd:e2:fa:0c:c1:4f:cc:8c:f9:73:9b:
b2:28:f1:86:97:df:01:38:d6:ef:f8:6e:39:a2:b9:
d5:98:3d:2d:7f:3d:07:b8:ef:64:0b:9c:fc:68:65:
a9:5d:44:e2:37:04:51:44:0d:ab:bb:22:0b:12:29:
f9:06:ef:32:e2:a2:9d:98:14:de:59:7d:1c:de:6c:
2f:c3:c0:6c:94:f6:ce:b2:21:a3:d8:03:80:10:71:
8a:b2:96:d7:7a:bb:4b:15:19:e5:2e:6b:69:27:ff:
21:e2:00:f3:6a:94:dc:8c:76:48:70:9b:bc:2e:18:
57:d0:5b:7b:93:28:6f:31:12:a4:64:9c:30:19:a5:
1d:31:66:11:55:1b:50:62:2e:a3:26:01:2f:42:57:
4a:01:89:eb:9f:5b:0a:c3:80:3b:01:87:67:f1:e5:
7d:8e:86:8b:18:90:af:0d:81:37:7f:33:3e:ec:94:
b0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:4F:24:A2:A5:E0:79:AC:C1:0A:40:17:A8:AE:02:28:4D:6D:2B:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:c3:52:bb:1e:89:73:b3:71:6c:97:5e:36:b4:bd:4a:81:7d:
13:c5:de:3e:5f:37:78:61:c2:c3:f4:ab:e9:aa:a3:da:98:f1:
14:e0:fc:a6:e7:02:37:b8:a1:b5:5b:66:c3:96:07:f8:91:b2:
21:5d:36:d9:c6:5f:f3:e3:94:8d:1a:45:64:7b:11:f2:c9:3c:
cb:7a:e8:71:54:62:4f:0a:a2:b7:4f:df:00:5a:ec:b1:82:7b:
fa:4a:29:b5:bf:8a:b6:13:3e:21:70:ff:4a:89:07:3f:5b:25:
82:ce:08:a9:5b:54:0c:f0:fa:b1:40:f9:2e:a6:ec:cb:7d:42:
24:fc:51:06:98:34:94:16:ad:70:b2:67:44:76:3d:1a:16:8a:
c7:b7:46:84:17:90:ce:60:ad:da:f8:6b:d9:05:20:52:62:16:
e6:29:58:15:86:5d:b6:0a:07:9d:5b:d5:c1:1c:80:fb:a7:da:
5b:fa:af:04:a7:69:85:67:ef:92:3b:98:59:1d:4b:88:12:eb:
54:dc:6c:71:69:19:dd:6d:5c:64:f7:0e:79:3a:73:21:d2:ff:
22:ed:3c:eb:9a:35:0c:05:30:fe:38:1f:85:45:d4:ea:63:7e:
7e:72:e6:23:7a:03:9b:1c:1b:83:4c:bf:dc:a2:c7:b8:f5:28:
54:cf:e3:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdyKmbCIkY/BU5JZtZP6aQiovt70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMjZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5ODlmMWQ2YzE0MThhZTljMjg3YmVjMDFhN2Q1Nzk1OTczYjYxOWI3ZGY3
ODhiYzEyNjI2OThiNGI4MDdmY2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAInQF5kpxClYu4bbUCygXlbIKV9X9MSkDnzmUTUUr3yOfFTK0cPmdRa6VzzH
1jYB5aDhMXqth9TcoH5rkz9hFKAlMQ+KtDD486sbvSSCwP3i+gzBT8yM+XObsijx
hpffATjW7/huOaK51Zg9LX89B7jvZAuc/GhlqV1E4jcEUUQNq7siCxIp+QbvMuKi
nZgU3ll9HN5sL8PAbJT2zrIho9gDgBBxirKW13q7SxUZ5S5raSf/IeIA82qU3Ix2
SHCbvC4YV9Bbe5MobzESpGScMBmlHTFmEVUbUGIuoyYBL0JXSgGJ659bCsOAOwGH
Z/HlfY6GixiQrw2BN38zPuyUsCECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwTySi
peB5rMEKQBeorgIoTW0r7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTBlMjVmMjYtMTE0Mi00YTQzLTgwOTEtNjlmOWRkZDQzNWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDEw1K7Holzs3Fsl142tL1KgX0Txd4+Xzd4YcLD
9KvpqqPamPEU4Pym5wI3uKG1W2bDlgf4kbIhXTbZxl/z45SNGkVkexHyyTzLeuhx
VGJPCqK3T98AWuyxgnv6Sim1v4q2Ez4hcP9KiQc/WyWCzgipW1QM8PqxQPkupuzL
fUIk/FEGmDSUFq1wsmdEdj0aForHt0aEF5DOYK3a+GvZBSBSYhbmKVgVhl22Cged
W9XBHID7p9pb+q8Ep2mFZ++SO5hZHUuIEutU3GxxaRndbVxk9w55OnMh0v8i7Tzr
mjUMBTD+OB+FRdTqY35+cuYjegObHBuDTL/cose49ShUz+O8
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:57:57 2026 by rpki-client