Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: oBlvfJ/Nc3GhbxhkZjDys0QSsuo4IrKbtlqntxiAsE8=
Subject key identifier: 0E:91:6E:5E:74:90:47:D4:89:A6:C7:01:45:1B:88:FA:EB:5B:4C:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 107174FC0D0D5ED6864882E90FF5495D415D9486
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Sat 28 Feb 2026 05:30:56 +0000
ROA not before: Sat 28 Feb 2026 05:30:56 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:71:74:fc:0d:0d:5e:d6:86:48:82:e9:0f:f5:49:5d:41:5d:94:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:56 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c290170aa1a6d0f2b1cce886aff5178256993909ac77cc6308298e8df7a0097a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:28:d7:ee:aa:a1:d1:19:c3:fb:9f:0e:19:44:
d4:c4:c3:a9:0b:c2:35:54:f4:f7:f4:00:42:c8:88:
3e:9e:5b:1c:27:86:4d:0a:f4:36:54:93:03:19:74:
ba:e5:24:d1:59:fe:bd:f0:2a:43:96:f4:de:ff:8f:
ee:8c:54:f6:6d:37:0b:d2:40:0e:63:ae:92:1f:20:
5d:10:c6:ec:0e:b9:b7:b2:0e:1b:a6:56:73:c9:19:
e3:1d:7d:c5:ed:35:ff:82:8a:f5:94:f9:74:be:79:
fd:53:3a:78:d2:42:75:64:03:e4:33:68:9d:f1:2e:
55:d5:31:55:1d:c1:d0:5a:b3:58:38:53:ef:fc:3b:
49:f2:fb:27:20:e0:91:92:5d:e1:39:00:37:d7:2e:
ce:af:f0:7d:61:ca:83:db:e0:02:d2:71:4a:79:1d:
1e:05:c8:49:53:0e:58:6e:83:c0:ee:21:55:82:a0:
d7:97:41:3d:a8:bc:69:ee:f1:75:a6:3f:5a:d8:cb:
52:4e:12:45:09:fd:88:12:df:33:8e:7f:83:53:98:
6a:ea:cd:8f:a5:c2:be:15:18:a4:22:05:20:da:b5:
11:dc:a3:17:e4:89:18:89:4b:2f:9e:93:e9:bf:fd:
ce:c0:31:93:e9:04:8f:ef:0b:d1:9b:a6:dc:fd:31:
29:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:91:6E:5E:74:90:47:D4:89:A6:C7:01:45:1B:88:FA:EB:5B:4C:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
43:a0:77:e8:69:2e:d6:30:f8:1e:6e:20:af:52:35:bc:be:e6:
78:bf:c2:8d:86:f0:3f:07:28:fa:c7:ba:3d:8b:8f:b5:8d:89:
22:cf:b3:b3:93:58:54:54:f6:c0:95:59:cc:e0:57:b5:1d:91:
b1:10:c0:52:53:c3:d2:10:6b:8e:86:7c:74:e7:57:01:e3:e0:
9e:94:45:60:a6:2c:c3:85:12:69:c9:86:3d:63:50:69:f2:5e:
b7:31:86:bb:a2:01:d9:98:81:dd:9e:26:05:16:5f:ae:5f:2d:
4c:d9:47:8c:20:d5:5b:7b:a7:0d:94:3e:15:e7:68:da:92:c9:
f7:02:26:94:65:3c:e8:0f:e5:6d:f8:b6:00:ee:f1:c0:c2:61:
fd:95:53:0f:44:72:75:7a:0b:cb:b1:6b:a0:83:76:fb:4c:e9:
83:93:6c:b9:e7:fe:ba:83:90:6e:88:d5:a8:f8:03:80:2b:54:
2c:78:96:09:c7:72:e8:99:83:26:e4:1d:5d:13:3f:e9:4c:07:
87:c9:96:a1:71:82:db:a0:55:62:a6:b9:41:08:a0:5e:ee:13:
cf:85:96:96:b8:2a:f1:57:31:2f:39:8d:79:4c:91:3a:1e:85:
23:f0:05:f1:10:ca:fe:50:30:3a:e6:ad:30:3c:c5:ce:f0:ef:
f7:99:3a:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEHF0/A0NXtaGSILpD/VJXUFdlIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwNTZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyOTAxNzBhYTFhNmQwZjJiMWNjZTg4NmFmZjUxNzgyNTY5OTM5MDlhYzc3
Y2M2MzA4Mjk4ZThkZjdhMDA5N2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQo1+6qodEZw/ufDhlE1MTDqQvCNVT09/QAQsiIPp5bHCeGTQr0NlSTAxl0
uuUk0Vn+vfAqQ5b03v+P7oxU9m03C9JADmOukh8gXRDG7A65t7IOG6ZWc8kZ4x19
xe01/4KK9ZT5dL55/VM6eNJCdWQD5DNonfEuVdUxVR3B0FqzWDhT7/w7SfL7JyDg
kZJd4TkAN9cuzq/wfWHKg9vgAtJxSnkdHgXISVMOWG6DwO4hVYKg15dBPai8ae7x
daY/WtjLUk4SRQn9iBLfM45/g1OYaurNj6XCvhUYpCIFINq1EdyjF+SJGIlLL56T
6b/9zsAxk+kEj+8L0Zum3P0xKb0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQOkW5e
dJBH1ImmxwFFG4j661tMKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQBDoHfoaS7WMPgebiCvUjW8vuZ4v8KNhvA/Byj6
x7o9i4+1jYkiz7Ozk1hUVPbAlVnM4Fe1HZGxEMBSU8PSEGuOhnx051cB4+CelEVg
pizDhRJpyYY9Y1Bp8l63MYa7ogHZmIHdniYFFl+uXy1M2UeMINVbe6cNlD4V52ja
ksn3AiaUZTzoD+Vt+LYA7vHAwmH9lVMPRHJ1egvLsWugg3b7TOmDk2y55/66g5Bu
iNWo+AOAK1QseJYJx3LomYMm5B1dEz/pTAeHyZahcYLboFViprlBCKBe7hPPhZaW
uCrxVzEvOY15TJE6HoUj8AXxEMr+UDA65q0wPMXO8O/3mTqh
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:23 2026 by rpki-client