Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
File: 11758a9b-0e07-4929-92b2-ff867af4fa4f.roa (raw, json)
Hash identifier: KNyHg0co/UtPthO1ajlc+bFZnEQNtTWt5pmrbn00DCw=
Subject key identifier: B1:84:FC:8E:CB:0B:AD:DE:C9:77:D2:3A:5C:86:01:8E:97:1F:77:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0118985BFA9BFA533A6D1C35784F1575B2EBE543
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
Signing time: Fri 20 Feb 2026 01:40:06 +0000
ROA not before: Fri 20 Feb 2026 01:40:06 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:18:98:5b:fa:9b:fa:53:3a:6d:1c:35:78:4f:15:75:b2:eb:e5:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:40:06 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=91b8f40145ea3c3b70c59c9948d9261ee993aa3be2c38872d3cba2ea1c519c6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b1:b1:ac:1f:01:b5:9d:5c:13:bd:c9:36:d3:
f8:87:1a:53:7c:9c:14:6a:e3:6a:2c:fa:7a:ff:16:
2b:e6:13:2b:25:ee:76:de:57:3e:60:2d:67:17:58:
b6:23:f2:85:72:db:52:66:5d:cb:48:13:51:cd:6d:
d6:23:00:50:34:52:cd:03:68:2b:c9:ac:84:45:99:
13:37:fd:23:bf:39:0e:68:3a:fa:81:03:9d:73:48:
28:ec:25:c2:f7:38:33:6d:a2:1a:78:f4:af:7b:6b:
a5:4b:98:2a:84:49:3f:c7:ed:06:e6:0b:72:0a:1d:
fb:74:34:f5:32:1a:7f:9c:3f:85:dd:d2:37:e5:56:
f7:91:ed:02:da:f3:05:c3:9e:6d:ea:bb:5f:4a:65:
57:f7:a2:6b:15:30:51:2d:b7:1b:12:45:de:2d:0a:
55:fb:65:f0:70:54:cb:e6:54:34:ef:10:e6:6f:de:
b6:86:c9:8b:ab:bb:57:04:e7:87:0b:3f:41:88:aa:
5a:6d:8d:f5:27:40:6f:df:c9:47:c3:e0:f2:ed:b2:
d1:60:7d:b6:e9:6c:69:d0:11:71:9a:0c:6a:c6:6d:
3b:26:ac:68:06:4e:64:fc:28:11:8d:45:2b:75:1f:
00:c3:94:01:21:75:22:10:74:82:0b:97:ed:70:f9:
10:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:84:FC:8E:CB:0B:AD:DE:C9:77:D2:3A:5C:86:01:8E:97:1F:77:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b1:1c:4b:ad:40:0d:39:18:0b:3e:52:8a:32:fa:a6:69:b5:43:
59:f1:b6:8b:a4:f7:25:c5:be:84:0f:99:95:d7:fb:9c:30:5a:
ec:17:9e:47:f5:90:e5:cc:d7:4d:f3:2f:dd:c4:fb:84:2d:8f:
8a:e9:1f:97:8e:d2:84:9e:d0:8c:93:3f:69:81:88:0f:e1:8e:
17:0f:5b:c3:e8:88:e6:ee:56:2f:f6:eb:e7:02:10:5d:89:88:
1f:40:a9:61:bd:4d:f1:e7:47:df:14:72:34:fd:6b:71:7f:eb:
65:a2:fe:13:a4:07:c1:0e:f5:bc:36:c0:de:59:88:af:9b:94:
7a:c3:77:1a:10:55:a7:44:d3:6d:e8:96:9f:39:5a:06:b1:09:
7e:c8:3e:78:8d:40:75:84:60:39:0c:41:57:99:2b:1e:58:8e:
7c:fd:0a:9f:02:3f:25:d8:ac:ab:d9:06:49:73:76:1b:6c:da:
d0:a3:c1:50:c3:61:5f:80:ec:42:75:36:9d:6f:a5:84:c8:90:
50:95:4f:ec:1c:6d:15:fe:b8:18:c4:c6:ab:22:75:f4:fa:69:
c3:9a:12:b6:ef:db:ee:d0:cd:da:0b:3f:36:dc:ef:75:4f:a2:
6f:8b:89:cc:82:a8:df:57:c0:8d:e6:c6:d9:00:51:4d:63:94:
d1:fa:ab:67
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUARiYW/qb+lM6bRw1eE8VdbLr5UMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTQwMDZaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxYjhmNDAxNDVlYTNjM2I3MGM1OWM5OTQ4ZDkyNjFlZTk5M2FhM2JlMmMz
ODg3MmQzY2JhMmVhMWM1MTljNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSxsawfAbWdXBO9yTbT+IcaU3ycFGrjaiz6ev8WK+YTKyXudt5XPmAtZxdY
tiPyhXLbUmZdy0gTUc1t1iMAUDRSzQNoK8mshEWZEzf9I785Dmg6+oEDnXNIKOwl
wvc4M22iGnj0r3trpUuYKoRJP8ftBuYLcgod+3Q09TIaf5w/hd3SN+VW95HtAtrz
BcOebeq7X0plV/eiaxUwUS23GxJF3i0KVftl8HBUy+ZUNO8Q5m/etobJi6u7VwTn
hws/QYiqWm2N9SdAb9/JR8Pg8u2y0WB9tulsadARcZoMasZtOyasaAZOZPwoEY1F
K3UfAMOUASF1IhB0gguX7XD5EEsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSxhPyO
ywut3sl30jpchgGOlx93ADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3NThhOWItMGUwNy00OTI5LTkyYjItZmY4NjdhZjRmYTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQg
MA0GCSqGSIb3DQEBCwUAA4IBAQCxHEutQA05GAs+Uooy+qZptUNZ8baLpPclxb6E
D5mV1/ucMFrsF55H9ZDlzNdN8y/dxPuELY+K6R+XjtKEntCMkz9pgYgP4Y4XD1vD
6Ijm7lYv9uvnAhBdiYgfQKlhvU3x50ffFHI0/Wtxf+tlov4TpAfBDvW8NsDeWYiv
m5R6w3caEFWnRNNt6JafOVoGsQl+yD54jUB1hGA5DEFXmSseWI58/QqfAj8l2Kyr
2QZJc3YbbNrQo8FQw2FfgOxCdTadb6WEyJBQlU/sHG0V/rgYxMarInX0+mnDmhK2
79vu0M3aCz823O91T6Jvi4nMgqjfV8CN5sbZAFFNY5TR+qtn
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:04 2026 by rpki-client