Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
File: 1db7d6f9-20a2-495c-9303-96004ae64814.roa (raw, json)
Hash identifier: LrcgfJw6kuYSMarF6DL+0rzmBYu22+Vs24sCdBP7cSQ=
Subject key identifier: 1E:B1:49:16:59:62:76:54:F0:0E:D4:31:7F:C2:A1:30:9F:BD:B3:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11C351C21CAEA85FC11A78A4E1383AD82C662D97
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
Signing time: Thu 26 Feb 2026 02:00:14 +0000
ROA not before: Thu 26 Feb 2026 02:00:14 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:c3:51:c2:1c:ae:a8:5f:c1:1a:78:a4:e1:38:3a:d8:2c:66:2d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:00:14 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=5f9ec06211e54e01f0f5f58cfec090abf1ca36d6e0def59406f6567ef18a52a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7a:ff:d0:ab:58:91:14:5d:58:34:7e:d6:f5:
30:b8:e3:e8:06:43:4e:d1:49:f6:c4:32:fb:1a:37:
5b:41:c6:00:ea:11:83:57:45:67:1e:cf:c6:ff:19:
29:9b:1f:78:a9:f7:31:43:d6:d8:dd:40:32:29:a3:
c3:1b:77:49:98:83:59:8f:92:97:72:4b:80:32:39:
ef:92:18:f8:0c:3f:d0:18:ac:fe:07:71:fa:ff:32:
91:18:a8:44:39:6e:87:83:0a:9d:1d:69:39:93:24:
e6:53:02:f3:b7:75:1a:63:f4:80:0a:2a:23:d6:b9:
a7:3d:85:74:fc:f9:7c:39:3f:b4:1a:23:e8:2a:02:
04:15:97:09:0c:7d:e3:3a:87:c4:00:6b:3d:44:eb:
59:de:f4:64:d9:c5:2f:3e:03:92:90:04:6d:b1:53:
9b:e7:25:1d:b6:8b:db:4a:fa:9d:bb:6c:1a:0e:3b:
f5:06:3f:3e:e2:cf:8e:60:e9:5b:7e:19:73:1f:98:
4a:23:6f:4c:59:82:66:90:4e:32:b4:6b:fc:fa:1a:
62:6b:c3:ae:99:e6:dc:88:e1:ba:ad:8d:7a:83:a2:
43:2d:ec:38:ef:2f:bb:bb:35:8a:36:b7:64:75:70:
60:05:76:a4:df:35:c7:83:51:d9:13:ae:c5:f1:04:
a5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B1:49:16:59:62:76:54:F0:0E:D4:31:7F:C2:A1:30:9F:BD:B3:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
0b:85:c3:ef:01:a0:9f:f4:db:47:1f:d5:07:d7:e6:f2:3c:fe:
07:ad:82:30:02:fb:ca:cb:fa:06:ce:99:f7:43:84:ef:cf:51:
bf:e5:a4:98:dd:e4:57:03:02:4d:dc:98:b1:88:23:0b:9b:f2:
2c:03:63:98:a2:3b:2c:ab:df:36:44:ca:8b:dc:67:db:62:42:
92:86:2d:e9:68:e0:e4:16:f9:35:04:da:c0:9c:97:0e:e5:12:
58:ac:10:33:26:ac:86:c4:c3:f7:3f:2a:91:33:5b:e9:0d:e5:
cb:80:63:bf:1b:c9:ab:84:52:04:0c:db:01:c7:db:ae:21:7c:
56:a2:27:c6:b8:3e:54:6c:37:c4:50:18:c1:ff:4e:c7:8a:72:
cf:61:e5:85:4b:a4:83:e3:f2:42:cb:ac:7c:87:89:ac:96:4d:
0b:52:0b:75:5d:cc:f3:6e:2d:8b:71:b6:56:ea:e3:b7:0d:f4:
eb:58:05:e0:6f:05:66:c0:4f:bf:83:7e:44:29:8a:d2:1a:e7:
f8:d0:18:ba:71:82:e0:0d:2e:c4:89:40:ea:f8:05:98:b8:ca:
00:d1:0c:69:84:2c:b9:34:68:c1:f5:ab:23:c8:df:49:7e:38:
e9:89:d5:cb:fa:d4:3a:83:12:e7:de:10:10:8b:10:0b:57:4b:
c2:f9:05:82
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEcNRwhyuqF/BGnik4Tg62CxmLZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjAwMTRaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmOWVjMDYyMTFlNTRlMDFmMGY1ZjU4Y2ZlYzA5MGFiZjFjYTM2ZDZlMGRl
ZjU5NDA2ZjY1NjdlZjE4YTUyYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJ6/9CrWJEUXVg0ftb1MLjj6AZDTtFJ9sQy+xo3W0HGAOoRg1dFZx7Pxv8Z
KZsfeKn3MUPW2N1AMimjwxt3SZiDWY+Sl3JLgDI575IY+Aw/0Bis/gdx+v8ykRio
RDluh4MKnR1pOZMk5lMC87d1GmP0gAoqI9a5pz2FdPz5fDk/tBoj6CoCBBWXCQx9
4zqHxABrPUTrWd70ZNnFLz4DkpAEbbFTm+clHbaL20r6nbtsGg479QY/PuLPjmDp
W34Zcx+YSiNvTFmCZpBOMrRr/PoaYmvDrpnm3Ijhuq2NeoOiQy3sOO8vu7s1ija3
ZHVwYAV2pN81x4NR2ROuxfEEpYECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQesUkW
WWJ2VPAO1DF/wqEwn72zxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWRiN2Q2ZjktMjBhMi00OTVjLTkzMDMtOTYwMDRhZTY0ODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
wDANBgkqhkiG9w0BAQsFAAOCAQEAC4XD7wGgn/TbRx/VB9fm8jz+B62CMAL7ysv6
Bs6Z90OE789Rv+WkmN3kVwMCTdyYsYgjC5vyLANjmKI7LKvfNkTKi9xn22JCkoYt
6Wjg5Bb5NQTawJyXDuUSWKwQMyashsTD9z8qkTNb6Q3ly4BjvxvJq4RSBAzbAcfb
riF8VqInxrg+VGw3xFAYwf9Ox4pyz2HlhUukg+PyQsusfIeJrJZNC1ILdV3M824t
i3G2Vurjtw3061gF4G8FZsBPv4N+RCmK0hrn+NAYunGC4A0uxIlA6vgFmLjKANEM
aYQsuTRowfWrI8jfSX446YnVy/rUOoMS594QEIsQC1dLwvkFgg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:38:55 2026 by rpki-client