Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11b6f817-9b7c-4713-a998-67a8a2a5a379.roa
File: 11b6f817-9b7c-4713-a998-67a8a2a5a379.roa (raw, json)
Hash identifier: 2/Hcn3JA4kYOlUdpCx6GViCeqkvgQI+zlAB7dnyIfKY=
Subject key identifier: E5:68:1A:F3:82:30:88:EE:1A:79:13:D2:AD:9A:F0:80:CA:8F:2B:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07BE8C3C07A80BA7DAC9CC0CD9E7145A539B9971
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11b6f817-9b7c-4713-a998-67a8a2a5a379.roa
Signing time: Wed 11 Feb 2026 01:30:14 +0000
ROA not before: Wed 11 Feb 2026 01:30:14 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:be:8c:3c:07:a8:0b:a7:da:c9:cc:0c:d9:e7:14:5a:53:9b:99:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:14 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=d5e80f214f8060ab49f1aaf0bb3f8ebaa08355fbbb4819c433a87dbcdff488ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8b:cd:77:93:3f:14:07:7c:bb:b3:76:f2:e3:
ff:bb:a7:44:a3:3e:8b:27:18:81:40:d4:d6:7a:18:
f7:cc:82:fd:88:00:fb:ab:ca:c5:7b:cd:80:ef:23:
1b:fd:94:3a:39:20:2a:92:89:72:4e:b7:e3:60:84:
a6:ba:f5:b9:9d:16:bb:7f:1c:38:7c:b0:25:34:6f:
be:d5:1c:8d:34:d0:4b:f5:41:04:f7:27:14:e9:47:
2a:db:dd:f8:37:9e:3e:b5:ae:a7:f4:34:80:3f:50:
f5:da:e9:07:a9:b9:94:b0:ae:35:6d:83:a1:cf:26:
f1:b6:16:ba:fe:68:ca:63:c1:97:85:f7:65:89:46:
ba:05:66:c4:f3:ab:d6:f9:35:1e:08:d6:24:c1:c5:
ce:75:7a:84:c2:0a:f2:01:e6:5e:6f:19:4e:b0:26:
53:df:05:d4:77:e4:22:6b:41:cc:45:fc:83:06:80:
c8:29:fc:5d:d6:f5:75:61:33:43:21:bb:85:1c:41:
35:5d:94:df:af:8d:8e:8b:4a:b1:19:0f:42:bc:3c:
ab:8e:af:1a:26:8e:0a:4a:49:f2:b6:4f:f8:45:1e:
ab:04:9b:19:84:1d:50:a0:2f:45:20:ef:f2:29:f1:
5f:d7:19:3a:ac:cb:3f:4c:61:e2:ac:ab:47:dc:48:
3d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:68:1A:F3:82:30:88:EE:1A:79:13:D2:AD:9A:F0:80:CA:8F:2B:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11b6f817-9b7c-4713-a998-67a8a2a5a379.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
75:1a:e8:89:dd:60:19:67:28:b9:cc:8b:59:bf:9f:93:a3:c5:
91:25:ad:f7:e6:56:ad:2f:50:4e:f3:90:cc:cc:eb:11:e7:df:
c5:08:ca:51:1d:8d:c4:da:78:25:93:0e:77:c5:32:ae:22:bb:
44:41:a5:ff:dd:c4:87:4c:4f:68:fa:9b:e1:3d:c3:db:52:53:
66:6b:c2:b5:c7:ed:b3:d7:27:09:00:9e:4f:2b:3b:b4:06:ba:
4a:5f:37:9f:79:df:9d:07:f8:5e:bc:c5:e5:53:67:6d:02:66:
54:7d:a4:21:18:bc:1f:41:2c:3e:82:f3:c4:0a:88:89:ab:30:
23:43:d1:3e:b1:0e:dc:4c:b5:9b:bc:61:f7:f9:4b:87:ca:04:
76:bf:96:b0:8e:87:42:67:ad:ed:96:9c:e9:3c:1c:be:d0:76:
a9:0f:e9:2a:31:79:61:4b:43:d4:cd:5a:95:42:12:b4:19:eb:
a7:5a:c0:01:1e:80:e8:d1:8b:22:9c:85:59:4b:a6:56:65:68:
4b:45:68:13:d7:0d:6f:ef:56:e7:80:03:a7:6c:dd:48:9b:14:
52:3e:df:88:75:09:80:9f:f6:a1:37:39:73:ff:d1:30:8d:3f:
56:7e:b8:18:7e:1d:13:66:df:c3:05:b2:5f:f1:f5:65:df:3c:
90:c7:96:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUB76MPAeoC6faycwM2ecUWlObmXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwMTRaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1ZTgwZjIxNGY4MDYwYWI0OWYxYWFmMGJiM2Y4ZWJhYTA4MzU1ZmJiYjQ4
MTljNDMzYTg3ZGJjZGZmNDg4Y2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOeLzXeTPxQHfLuzdvLj/7unRKM+iycYgUDU1noY98yC/YgA+6vKxXvNgO8j
G/2UOjkgKpKJck6342CEprr1uZ0Wu38cOHywJTRvvtUcjTTQS/VBBPcnFOlHKtvd
+DeePrWup/Q0gD9Q9drpB6m5lLCuNW2Doc8m8bYWuv5oymPBl4X3ZYlGugVmxPOr
1vk1HgjWJMHFznV6hMIK8gHmXm8ZTrAmU98F1HfkImtBzEX8gwaAyCn8Xdb1dWEz
QyG7hRxBNV2U36+NjotKsRkPQrw8q46vGiaOCkpJ8rZP+EUeqwSbGYQdUKAvRSDv
8inxX9cZOqzLP0xh4qyrR9xIPb0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTlaBrz
gjCI7hp5E9KtmvCAyo8rHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFiNmY4MTctOWI3Yy00NzEzLWE5OTgtNjdhOGEyYTVhMzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Grg
wDANBgkqhkiG9w0BAQsFAAOCAQEAdRroid1gGWcoucyLWb+fk6PFkSWt9+ZWrS9Q
TvOQzMzrEeffxQjKUR2NxNp4JZMOd8UyriK7REGl/93Eh0xPaPqb4T3D21JTZmvC
tcfts9cnCQCeTys7tAa6Sl83n3nfnQf4XrzF5VNnbQJmVH2kIRi8H0EsPoLzxAqI
iaswI0PRPrEO3Ey1m7xh9/lLh8oEdr+WsI6HQmet7Zac6TwcvtB2qQ/pKjF5YUtD
1M1alUIStBnrp1rAAR6A6NGLIpyFWUumVmVoS0VoE9cNb+9W54ADp2zdSJsUUj7f
iHUJgJ/2oTc5c//RMI0/Vn64GH4dE2bfwwWyX/H1Zd88kMeWOA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:47:30 2026 by rpki-client