Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
File: 113e55fd-9531-4700-bcdc-5abe9a806b41.roa (raw, json)
Hash identifier: JHLIC2YZe2t9IvMGaTfqlgCHguqpQuXk1zot64aAedc=
Subject key identifier: 70:5F:12:E6:8E:F0:EE:B9:56:8C:CA:65:92:68:46:1A:4F:3C:65:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 268E432D1047C3E5980BCD0025AAE34443FD4B4A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
Signing time: Wed 25 Feb 2026 03:00:06 +0000
ROA not before: Wed 25 Feb 2026 03:00:06 +0000
ROA not after: Tue 26 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:8e:43:2d:10:47:c3:e5:98:0b:cd:00:25:aa:e3:44:43:fd:4b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 25 03:00:06 2026 GMT
Not After : May 26 23:59:59 2026 GMT
Subject: serialNumber=dc83e195db5180214fa65c457b92d95370bbad82ab73c3e4255b2f2a716b4b3f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a8:b1:48:a9:b1:17:cc:16:53:66:8f:77:c1:
ff:51:1b:21:28:d6:ca:b9:aa:7a:a0:7a:5c:c3:3c:
21:d5:83:fb:15:e1:d6:3c:9d:0d:db:22:55:05:d8:
c5:28:e1:07:52:a4:c0:ea:bb:dd:16:51:18:45:24:
ed:1e:d3:b0:ec:4b:88:3c:19:1b:8c:35:30:fe:43:
93:78:b5:e4:70:21:46:f6:ce:11:a9:4a:5e:bc:a5:
e6:b6:2a:05:d5:90:ce:a7:a9:98:88:aa:1c:fd:df:
cc:71:f8:5c:37:e3:6a:75:8c:f0:6f:dc:05:79:09:
e7:75:51:42:62:a2:2f:e3:36:8a:d9:b1:83:3b:63:
50:77:8f:31:48:e8:40:0d:3b:3f:c6:2d:1f:66:66:
97:f8:36:51:45:81:6a:9d:c4:5b:b8:18:48:ce:cc:
ec:e2:b2:da:d3:59:ea:5f:9a:62:fc:1d:8c:2e:de:
01:56:19:c9:e7:be:8f:b7:0d:c6:b7:7f:e0:30:01:
4b:d5:87:77:5e:74:26:dd:cc:4d:ec:a3:67:dd:da:
f1:cb:84:4f:82:c8:d8:cc:8a:ac:cd:79:e5:f9:be:
df:d4:cf:03:09:73:16:2e:d9:e5:ce:b9:c9:6a:55:
80:c3:8c:20:9e:f2:81:34:63:53:6f:18:20:d8:8d:
0e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5F:12:E6:8E:F0:EE:B9:56:8C:CA:65:92:68:46:1A:4F:3C:65:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:800::/40
Signature Algorithm: sha256WithRSAEncryption
07:9d:1a:e4:eb:59:d4:bb:c1:0a:3e:7c:17:c0:71:aa:8c:a9:
64:cd:e8:ef:df:31:00:a7:9b:5b:bb:2a:25:f8:d8:ff:29:f6:
fb:b1:d2:74:88:38:3f:b9:5c:34:d7:9e:f4:e8:cf:55:e4:66:
da:94:a2:ef:03:0c:42:46:3a:b0:60:50:88:58:29:1f:a6:33:
2c:98:fd:ce:87:b7:f7:b8:95:11:55:1c:46:71:93:18:c5:c8:
8d:93:9d:79:2c:f0:b4:ea:37:f8:37:50:ca:b3:f8:d0:a1:5a:
6a:ed:5d:9b:bf:7e:ed:32:52:9a:c7:ca:59:84:3a:b4:6f:54:
22:78:ce:72:ef:8c:b7:af:12:85:12:f5:93:85:1a:3b:9a:0c:
28:fd:70:26:73:76:4b:d1:83:8c:52:ff:e3:fd:ae:7c:26:92:
b2:e8:ac:df:6d:97:9f:1a:f3:64:9c:12:82:ed:6b:78:80:07:
7e:97:9f:4d:01:1e:a2:5c:ea:85:de:1b:86:a3:1c:1c:1a:c5:
02:fe:ab:e4:0b:72:8d:af:6e:4b:07:c3:30:3d:1d:40:bf:12:
67:30:dc:b5:ad:f6:47:11:40:38:e4:16:06:4e:70:97:15:9a:
7d:d8:6e:f2:38:6e:43:aa:dd:18:f4:20:87:42:1f:66:f5:29:
06:07:33:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJo5DLRBHw+WYC80AJarjREP9S0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjUwMzAwMDZaFw0yNjA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjODNlMTk1ZGI1MTgwMjE0ZmE2NWM0NTdiOTJkOTUzNzBiYmFkODJhYjcz
YzNlNDI1NWIyZjJhNzE2YjRiM2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCosUipsRfMFlNmj3fB/1EbISjWyrmqeqB6XMM8IdWD+xXh1jydDdsiVQXY
xSjhB1KkwOq73RZRGEUk7R7TsOxLiDwZG4w1MP5Dk3i15HAhRvbOEalKXryl5rYq
BdWQzqepmIiqHP3fzHH4XDfjanWM8G/cBXkJ53VRQmKiL+M2itmxgztjUHePMUjo
QA07P8YtH2Zml/g2UUWBap3EW7gYSM7M7OKy2tNZ6l+aYvwdjC7eAVYZyee+j7cN
xrd/4DABS9WHd150Jt3MTeyjZ93a8cuET4LI2MyKrM155fm+39TPAwlzFi7Z5c65
yWpVgMOMIJ7ygTRjU28YINiNDv8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRwXxLm
jvDuuVaMymWSaEYaTzxl3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTEzZTU1ZmQtOTUzMS00NzAwLWJjZGMtNWFiZTlhODA2YjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYI
MA0GCSqGSIb3DQEBCwUAA4IBAQAHnRrk61nUu8EKPnwXwHGqjKlkzejv3zEAp5tb
uyol+Nj/Kfb7sdJ0iDg/uVw015706M9V5GbalKLvAwxCRjqwYFCIWCkfpjMsmP3O
h7f3uJURVRxGcZMYxciNk515LPC06jf4N1DKs/jQoVpq7V2bv37tMlKax8pZhDq0
b1QieM5y74y3rxKFEvWThRo7mgwo/XAmc3ZL0YOMUv/j/a58JpKy6KzfbZefGvNk
nBKC7Wt4gAd+l59NAR6iXOqF3huGoxwcGsUC/qvkC3KNr25LB8MwPR1AvxJnMNy1
rfZHEUA45BYGTnCXFZp92G7yOG5Dqt0Y9CCHQh9m9SkGBzO3
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:27:30 2026 by rpki-client