Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
File: 1fb46240-1c3f-4b2f-9927-3470c9898890.roa (raw, json)
Hash identifier: 00oOCwZFqJGTQ/iXe2MdL9P/hyS9f2T6/dVv/mbmiYU=
Subject key identifier: DA:C2:E8:12:22:F9:7E:DF:12:27:77:BF:33:60:C3:D8:BE:BF:18:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EE20F321D12FFD53C35C9C96A9714DB3C63D6C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
Signing time: Sat 28 Feb 2026 06:00:54 +0000
ROA not before: Sat 28 Feb 2026 06:00:54 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:e2:0f:32:1d:12:ff:d5:3c:35:c9:c9:6a:97:14:db:3c:63:d6:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:54 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=88550f090bc902810a0dc3416d63e5b89784f7f45332aeb67700650f9a99ca6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:50:f7:94:72:7c:a6:01:9c:de:e5:0c:12:28:
bd:bf:ba:a2:9a:ab:7a:7f:74:1d:41:06:ce:eb:ec:
ea:04:09:6c:58:10:4b:7d:a5:33:cd:c1:88:cf:37:
7c:b2:c9:29:fb:e0:8f:6d:4e:e2:22:9d:f5:3e:48:
52:9c:b5:4e:c3:6c:30:80:7e:e2:6b:30:6a:3e:45:
64:58:48:d9:df:0f:f6:ae:cf:15:a9:68:69:80:57:
27:c7:c8:a6:e8:47:84:4c:37:d6:59:10:62:06:e1:
59:d4:8b:3f:2e:37:d9:66:ef:9f:04:1b:df:e8:52:
df:b0:b1:04:df:7f:15:a6:61:34:44:d6:7f:c6:1c:
ff:7b:c8:e3:c2:39:fe:83:53:a1:51:d7:8e:99:d4:
b0:c9:e6:97:36:c8:44:2d:08:07:86:fb:da:19:3b:
eb:d7:07:6a:85:f1:dc:71:92:3c:8f:6c:c4:85:fb:
cf:d1:8e:41:47:b0:4b:c6:5a:72:14:41:ca:57:95:
4e:05:3d:bc:79:e4:d8:7b:85:3f:50:32:58:3c:d2:
4e:c6:0a:d1:7e:a1:b7:74:b6:a4:52:60:0e:11:38:
0e:a4:5c:97:bd:82:9e:10:ef:8c:c4:ce:c8:5c:6b:
8d:bb:cc:fb:08:ea:b9:b6:be:29:62:6e:05:34:e0:
5c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C2:E8:12:22:F9:7E:DF:12:27:77:BF:33:60:C3:D8:BE:BF:18:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80a0::/48
Signature Algorithm: sha256WithRSAEncryption
0f:c4:34:11:03:4a:4d:f9:84:68:f1:78:f6:8c:02:6a:55:4c:
f4:f7:5c:cb:14:b5:67:75:eb:51:f3:25:ff:09:9f:42:a8:6f:
1b:a9:36:83:72:ef:a2:84:5b:eb:c6:86:8a:22:3c:c3:a4:d3:
ea:df:5e:00:d3:ef:4d:d2:b9:e0:45:0a:80:8d:fa:87:91:5c:
d0:80:7e:3a:73:0f:61:79:2a:b8:3d:e5:a8:80:e7:0e:04:39:
4c:72:0c:b7:b6:5b:5c:fd:87:66:a5:9d:28:39:dc:7e:62:3b:
c3:fa:3c:57:2d:a3:f3:7f:05:b8:64:d0:ec:c3:f0:62:86:4b:
27:db:a9:3d:7d:9d:f7:e3:87:e0:c5:6e:d7:cb:1e:4a:76:2b:
55:cd:87:f5:28:11:1a:8c:1a:a0:cd:45:b7:97:b8:c1:c6:3e:
05:70:d7:77:83:52:a9:8b:b2:cd:75:75:c0:fc:0e:aa:6a:87:
0c:e5:93:db:85:09:e7:3c:03:90:56:f0:00:b0:2b:94:44:ab:
c8:99:3d:2c:0e:cc:82:09:30:f0:ad:29:ad:a4:32:e1:8c:3c:
02:19:ad:8e:9f:a5:80:8c:b5:16:5b:de:92:92:78:d8:b1:98:
08:44:f9:49:c4:8b:aa:20:8a:14:1b:60:74:7b:92:c4:3c:a7:
36:5d:00:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDuIPMh0S/9U8NcnJapcU2zxj1sUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4NTUwZjA5MGJjOTAyODEwYTBkYzM0MTZkNjNlNWI4OTc4NGY3ZjQ1MzMy
YWViNjc3MDA2NTBmOWE5OWNhNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJQ95RyfKYBnN7lDBIovb+6opqren90HUEGzuvs6gQJbFgQS32lM83BiM83
fLLJKfvgj21O4iKd9T5IUpy1TsNsMIB+4mswaj5FZFhI2d8P9q7PFaloaYBXJ8fI
puhHhEw31lkQYgbhWdSLPy432WbvnwQb3+hS37CxBN9/FaZhNETWf8Yc/3vI48I5
/oNToVHXjpnUsMnmlzbIRC0IB4b72hk769cHaoXx3HGSPI9sxIX7z9GOQUewS8Za
chRByleVTgU9vHnk2HuFP1AyWDzSTsYK0X6ht3S2pFJgDhE4DqRcl72CnhDvjMTO
yFxrjbvM+wjquba+KWJuBTTgXFUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTawugS
Ivl+3xInd78zYMPYvr8YjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWZiNDYyNDAtMWMzZi00YjJmLTk5MjctMzQ3MGM5ODk4ODkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
oDANBgkqhkiG9w0BAQsFAAOCAQEAD8Q0EQNKTfmEaPF49owCalVM9PdcyxS1Z3Xr
UfMl/wmfQqhvG6k2g3LvooRb68aGiiI8w6TT6t9eANPvTdK54EUKgI36h5Fc0IB+
OnMPYXkquD3lqIDnDgQ5THIMt7ZbXP2HZqWdKDncfmI7w/o8Vy2j838FuGTQ7MPw
YoZLJ9upPX2d9+OH4MVu18seSnYrVc2H9SgRGowaoM1Ft5e4wcY+BXDXd4NSqYuy
zXV1wPwOqmqHDOWT24UJ5zwDkFbwALArlESryJk9LA7Mggkw8K0praQy4Yw8Ahmt
jp+lgIy1FlvekpJ42LGYCET5ScSLqiCKFBtgdHuSxDynNl0AEg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:01:44 2026 by rpki-client