Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
File: 1bb27900-3531-4083-aef8-cc7656dba027.roa (raw, json)
Hash identifier: J1z6peAJDBuXVYD7cGkGx1Fgt6t5u/DgnaGp3F0k/mA=
Subject key identifier: 92:1A:69:6F:42:79:FC:9F:DF:97:35:52:43:88:52:26:9F:12:62:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D34EE3BD78730D2BB2080B335488596A2927308
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
Signing time: Fri 13 Feb 2026 15:21:06 +0000
ROA not before: Fri 13 Feb 2026 15:21:06 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:34:ee:3b:d7:87:30:d2:bb:20:80:b3:35:48:85:96:a2:92:73:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:21:06 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=9caa1b4e52a6551073036fc1350e1f87bcc10a22ba3220201fd85c983077b0e6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c6:1f:9f:23:1b:a8:7b:c3:98:2c:6a:6f:a9:
63:58:70:e1:92:b6:0a:5b:b6:1d:9f:98:f5:62:65:
f5:a7:c3:95:3d:69:90:44:ee:17:38:1d:60:b8:15:
da:4e:5f:e6:91:93:c1:cb:90:3f:59:6f:cb:ca:1f:
ee:df:ea:47:51:ac:38:e7:27:ae:c7:d8:2e:3c:6d:
e9:2c:6d:d9:b9:10:48:42:e1:12:cd:bb:93:73:34:
ff:b0:96:30:64:d3:60:2f:a7:79:24:e3:cb:28:a5:
7c:12:25:1a:38:ef:bc:ba:a8:8a:be:5c:20:b9:71:
5f:c3:94:2a:9a:09:4d:2e:03:5a:f0:5a:ce:d2:af:
97:9d:09:2d:fd:48:a3:95:0d:ed:8b:17:79:df:bf:
0c:ee:bc:17:c3:60:09:ea:ea:fe:86:8a:33:a5:12:
bc:53:f0:ec:08:f9:af:cc:26:45:98:ac:d5:c6:23:
36:7d:0d:24:c4:33:9d:63:5f:5b:80:32:ff:d7:89:
9b:66:84:e8:76:7d:0d:16:7b:dd:61:3e:a6:51:a8:
97:bb:d5:d1:33:9f:c5:c7:3b:54:c8:40:ef:ab:cb:
9e:6f:ef:eb:b7:2f:9a:c3:1b:7a:af:51:68:73:86:
85:b3:16:4c:13:a3:3f:d5:01:55:8f:48:fd:96:df:
cc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1A:69:6F:42:79:FC:9F:DF:97:35:52:43:88:52:26:9F:12:62:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:b000::/40
Signature Algorithm: sha256WithRSAEncryption
71:6f:88:34:4b:69:1c:32:a5:9d:eb:14:f9:b3:c1:29:db:fd:
53:2f:39:ca:87:43:4a:d6:9b:a3:83:a0:11:b2:76:cb:a2:fb:
13:22:85:a4:fa:7e:4e:f8:69:7e:cf:01:ec:80:49:19:b7:ee:
16:31:f9:4c:63:32:3b:5b:c7:07:a1:d4:53:bf:43:01:25:bf:
7b:d1:a0:fb:eb:30:e4:5d:0e:99:86:ac:05:d8:0b:40:36:78:
24:36:0a:38:0f:07:81:8e:83:9e:3c:94:19:5c:7e:ad:5f:3f:
a6:3a:80:71:7c:80:c7:07:db:5b:a9:14:2e:3b:83:b6:5b:d1:
ba:b8:92:f3:b4:22:73:32:dc:f0:fd:d4:bf:34:08:16:84:1b:
a2:c0:84:45:2e:d3:5b:eb:2a:4b:db:28:e3:23:81:4a:fc:fa:
0b:cd:93:f7:9a:11:03:d5:b4:ff:af:33:34:35:0b:8a:3a:2d:
50:9f:eb:fa:89:80:7d:06:51:2a:f2:dd:82:8f:fd:ed:b0:28:
93:27:d3:a7:bc:d9:31:da:52:96:ef:78:23:75:66:1e:07:6e:
8d:4d:40:6c:31:ec:fa:4e:96:53:61:5c:a9:0c:9b:9d:0c:b7:
02:8f:21:64:38:27:8d:1c:b9:0e:53:8b:e1:b1:50:18:36:12:
e8:e6:f7:70
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXTTuO9eHMNK7IICzNUiFlqKScwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIxMDZaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDljYWExYjRlNTJhNjU1MTA3MzAzNmZjMTM1MGUxZjg3YmNjMTBhMjJiYTMy
MjAyMDFmZDg1Yzk4MzA3N2IwZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnGH58jG6h7w5gsam+pY1hw4ZK2Clu2HZ+Y9WJl9afDlT1pkETuFzgdYLgV
2k5f5pGTwcuQP1lvy8of7t/qR1GsOOcnrsfYLjxt6Sxt2bkQSELhEs27k3M0/7CW
MGTTYC+neSTjyyilfBIlGjjvvLqoir5cILlxX8OUKpoJTS4DWvBaztKvl50JLf1I
o5UN7YsXed+/DO68F8NgCerq/oaKM6USvFPw7Aj5r8wmRZis1cYjNn0NJMQznWNf
W4Ay/9eJm2aE6HZ9DRZ73WE+plGol7vV0TOfxcc7VMhA76vLnm/v67cvmsMbeq9R
aHOGhbMWTBOjP9UBVY9I/ZbfzMUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSSGmlv
Qnn8n9+XNVJDiFImnxJiHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJiMjc5MDAtMzUzMS00MDgzLWFlZjgtY2M3NjU2ZGJhMDI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOw
MA0GCSqGSIb3DQEBCwUAA4IBAQBxb4g0S2kcMqWd6xT5s8Ep2/1TLznKh0NK1puj
g6ARsnbLovsTIoWk+n5O+Gl+zwHsgEkZt+4WMflMYzI7W8cHodRTv0MBJb970aD7
6zDkXQ6ZhqwF2AtANngkNgo4DweBjoOePJQZXH6tXz+mOoBxfIDHB9tbqRQuO4O2
W9G6uJLztCJzMtzw/dS/NAgWhBuiwIRFLtNb6ypL2yjjI4FK/PoLzZP3mhED1bT/
rzM0NQuKOi1Qn+v6iYB9BlEq8t2Cj/3tsCiTJ9OnvNkx2lKW73gjdWYeB26NTUBs
Mez6TpZTYVypDJudDLcCjyFkOCeNHLkOU4vhsVAYNhLo5vdw
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:25 2026 by rpki-client