Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
File: 1977ffde-7d26-418c-800c-ccacd18fe560.roa (raw, json)
Hash identifier: dEryJet9FzD6plzOCjhKot+lNNcH7XeTeasLIMzqqG0=
Subject key identifier: 84:59:89:62:DE:67:A1:F8:5D:47:F2:96:9B:9F:6D:6D:15:1C:30:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26E9F69BA3D074685D26617B47E51B79166218DF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
Signing time: Fri 13 Feb 2026 15:20:28 +0000
ROA not before: Fri 13 Feb 2026 15:20:28 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 8987
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:e9:f6:9b:a3:d0:74:68:5d:26:61:7b:47:e5:1b:79:16:62:18:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:28 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=2512d7d20349775ee3e7bd747aa0299f41a0b0323c5b810f6cf61c8bec395675, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:59:54:93:2d:da:c1:43:f3:73:96:0e:68:a4:
f2:91:4c:f3:e2:6e:00:d1:9b:8f:4d:2f:d3:79:71:
44:8b:dd:d7:25:ca:cb:ea:bf:a3:6b:47:0a:c5:f6:
7e:a2:aa:29:d3:ae:13:1e:4b:b4:b8:34:34:6e:1a:
0d:3f:5f:b0:50:01:cf:69:1d:6e:57:18:12:81:b4:
ca:e3:59:84:bd:8b:16:e7:c6:be:64:f0:36:5a:63:
08:9c:e6:77:4b:81:38:ce:fe:01:76:66:45:5f:3b:
56:ee:18:27:0a:2e:b4:62:aa:ee:80:72:f6:ee:5e:
25:2b:88:9a:62:27:b4:8a:e6:41:9b:44:9e:dc:64:
cf:f6:a8:ce:08:16:cf:27:a7:df:00:43:92:23:96:
33:6f:01:d5:96:04:d4:d8:a7:44:09:a5:e2:3e:6b:
8d:89:a8:37:54:50:b0:4d:31:a5:04:ab:67:7a:e2:
c0:6e:16:82:2a:a4:ff:ce:8c:f9:fe:87:0b:08:db:
23:c9:9e:07:47:2e:5c:23:f1:b3:0b:3f:5d:c5:39:
4b:72:21:5a:00:35:5c:7c:e0:62:7e:fe:0b:18:ae:
b7:c2:6d:ab:3e:ca:b0:12:8e:7e:d3:6b:90:1f:d1:
3f:ee:8b:5e:18:80:e6:03:91:73:88:66:c7:d6:3d:
c0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:59:89:62:DE:67:A1:F8:5D:47:F2:96:9B:9F:6D:6D:15:1C:30:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
c9:58:04:6c:58:5d:9c:0e:92:2f:ae:50:eb:fa:91:ac:88:9b:
60:8a:b5:2a:29:fe:33:8b:cb:dc:1c:5d:18:81:8a:07:3f:5f:
6c:07:6d:13:4f:41:1b:d7:d4:42:a5:5e:3a:d2:79:9d:7a:db:
11:cb:da:ad:0e:c1:28:90:4b:2c:47:ab:ea:20:5b:c9:fb:a0:
3a:f7:cc:9a:10:91:fc:ca:0d:21:42:94:e4:72:24:23:46:68:
b2:01:bb:77:d5:56:49:f9:c2:b4:cf:70:21:3b:32:1d:ef:e3:
5d:e8:59:c8:60:8c:7e:95:f9:6c:2a:3b:33:88:5a:90:ba:07:
b9:ed:8b:ff:a8:41:ce:2c:48:ab:b9:a6:e0:44:c4:39:dd:eb:
9c:08:84:4e:10:80:5a:61:54:93:45:4e:2e:8b:d7:49:8e:4a:
b5:5f:a5:b9:9a:de:97:90:b1:90:c3:82:f8:e3:bd:23:a0:8f:
1d:38:15:88:5e:9b:8e:4d:53:2e:07:d1:d5:99:1c:cf:18:81:
87:b6:67:78:45:b8:53:7c:6a:3c:9d:85:a8:0d:29:c6:0d:07:
4d:42:73:2c:cf:05:e4:47:06:d5:7d:d6:20:5d:92:8e:64:0c:
30:3d:f2:d2:5b:95:22:4e:8f:0b:18:8f:66:35:67:61:86:71:
49:11:42:0a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUJun2m6PQdGhdJmF7R+UbeRZiGN8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMjhaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1MTJkN2QyMDM0OTc3NWVlM2U3YmQ3NDdhYTAyOTlmNDFhMGIwMzIzYzVi
ODEwZjZjZjYxYzhiZWMzOTU2NzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVZVJMt2sFD83OWDmik8pFM8+JuANGbj00v03lxRIvd1yXKy+q/o2tHCsX2
fqKqKdOuEx5LtLg0NG4aDT9fsFABz2kdblcYEoG0yuNZhL2LFufGvmTwNlpjCJzm
d0uBOM7+AXZmRV87Vu4YJwoutGKq7oBy9u5eJSuImmIntIrmQZtEntxkz/aozggW
zyen3wBDkiOWM28B1ZYE1NinRAml4j5rjYmoN1RQsE0xpQSrZ3riwG4Wgiqk/86M
+f6HCwjbI8meB0cuXCPxsws/XcU5S3IhWgA1XHzgYn7+Cxiut8Jtqz7KsBKOftNr
kB/RP+6LXhiA5gORc4hmx9Y9wFECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSEWYli
3meh+F1H8pabn21tFRwwfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTk3N2ZmZGUtN2QyNi00MThjLTgwMGMtY2NhY2QxOGZlNTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBAMlYBGxYXZwOki+uUOv6kayIm2CKtSop/jOLy9wc
XRiBigc/X2wHbRNPQRvX1EKlXjrSeZ162xHL2q0OwSiQSyxHq+ogW8n7oDr3zJoQ
kfzKDSFClORyJCNGaLIBu3fVVkn5wrTPcCE7Mh3v413oWchgjH6V+WwqOzOIWpC6
B7nti/+oQc4sSKu5puBExDnd65wIhE4QgFphVJNFTi6L10mOSrVfpbma3peQsZDD
gvjjvSOgjx04FYhem45NUy4H0dWZHM8YgYe2Z3hFuFN8ajydhagNKcYNB01CcyzP
BeRHBtV91iBdko5kDDA98tJblSJOjwsYj2Y1Z2GGcUkRQgo=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:39:32 2026 by rpki-client