Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
File: 2678e5d7-5995-4791-9318-f087e83654a9.roa (raw, json)
Hash identifier: uM4s61aGgcJr/bzUxv0nhiAReZGfcLCrTewni4S1nqo=
Subject key identifier: C3:0F:B6:A5:30:1B:CC:97:B9:1F:9A:FC:A4:9E:10:B0:4B:D9:45:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63A1FDB2831B71F4B434ABCD2E3CA43F91715A47
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
Signing time: Wed 25 Feb 2026 03:00:12 +0000
ROA not before: Wed 25 Feb 2026 03:00:12 +0000
ROA not after: Tue 26 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:a1:fd:b2:83:1b:71:f4:b4:34:ab:cd:2e:3c:a4:3f:91:71:5a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 25 03:00:12 2026 GMT
Not After : May 26 23:59:59 2026 GMT
Subject: serialNumber=92b95368de44799a8559ffdb984c58404bfab539d40dbb9da0d5106a41872312, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:43:10:13:c9:43:c2:e9:b9:36:e1:fb:17:ac:
02:43:1b:fc:74:e5:02:13:ad:fd:83:5f:5d:64:10:
a5:01:75:06:cc:9b:a3:26:9a:fb:8e:b4:a1:fe:db:
cb:a5:4f:d7:ed:5a:bc:65:dc:86:3d:d9:6d:86:b8:
87:21:8a:39:b3:85:97:9d:8f:39:3c:52:1a:e6:ab:
9e:67:df:1e:f2:b8:f0:b2:18:29:e1:a2:04:b0:7d:
c1:6d:65:ce:05:0c:da:54:6c:ee:11:11:5e:23:25:
07:ad:2a:bc:25:0f:88:37:b2:18:2e:15:12:df:ca:
1c:7d:11:e4:d0:b2:9b:32:1d:01:ef:33:92:fa:06:
b9:ca:a7:21:01:13:f7:aa:3b:87:e0:bd:c1:25:9e:
6a:11:20:93:ee:bc:6c:a3:d5:c9:4f:39:d4:63:81:
f2:07:23:d6:b2:75:6a:c9:9d:0f:ee:42:ab:a9:78:
fd:f6:c1:3d:5f:38:4f:56:cd:07:5c:c7:45:52:b1:
1a:26:ea:3e:1c:44:29:8e:e5:6f:6b:97:46:d6:0c:
19:71:2e:f8:12:33:f5:bb:25:46:28:a2:8e:9d:c0:
8c:e9:f8:ba:43:5a:b9:3b:2b:86:31:db:ed:39:ab:
93:16:a7:57:e1:66:c5:a3:b3:51:b6:86:45:aa:b1:
70:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:0F:B6:A5:30:1B:CC:97:B9:1F:9A:FC:A4:9E:10:B0:4B:D9:45:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/48
Signature Algorithm: sha256WithRSAEncryption
a2:06:e3:91:3b:69:0d:75:e6:3d:ad:5a:d2:f8:68:08:a3:61:
88:cf:be:f1:48:95:db:f9:6b:c3:fc:77:40:da:55:09:63:46:
62:40:04:4c:1c:8e:aa:0a:ec:0b:0c:79:bd:8b:b3:c8:e9:b4:
ba:15:1e:e1:1f:6e:07:89:3c:c2:0c:7d:19:eb:c3:d2:e4:80:
3d:b3:3b:e6:d2:b0:cb:7a:78:f8:0d:92:dc:6e:76:cf:10:37:
8b:aa:8d:f1:b9:f2:70:8c:d6:1f:a1:60:a9:2e:de:48:aa:98:
46:05:c6:03:7d:09:f2:f7:1d:e3:d2:82:83:1f:25:35:26:36:
37:70:90:0c:ce:03:04:8a:9b:f6:33:a5:1f:16:5e:70:a1:5c:
fe:3d:1e:b2:da:e3:a7:13:bb:11:9a:e6:ae:d7:57:c4:f6:ce:
09:ff:0f:e8:41:69:f6:cd:43:d8:f9:b5:a4:49:83:c6:67:89:
3a:60:ef:2d:2c:1e:2e:74:15:87:5a:2d:40:36:43:3f:bb:c4:
df:63:3b:7b:78:49:22:6f:de:0b:9f:22:cf:0b:6a:81:53:be:
be:f3:22:02:e4:14:6e:77:5b:27:d4:da:5d:5c:d7:b4:30:ac:
d0:9c:6a:4c:c9:82:3c:e7:8f:23:3b:a0:92:a5:33:e3:4b:16:
35:b4:af:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUY6H9soMbcfS0NKvNLjykP5FxWkcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjUwMzAwMTJaFw0yNjA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyYjk1MzY4ZGU0NDc5OWE4NTU5ZmZkYjk4NGM1ODQwNGJmYWI1MzlkNDBk
YmI5ZGEwZDUxMDZhNDE4NzIzMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBDEBPJQ8LpuTbh+xesAkMb/HTlAhOt/YNfXWQQpQF1Bsyboyaa+460of7b
y6VP1+1avGXchj3ZbYa4hyGKObOFl52POTxSGuarnmffHvK48LIYKeGiBLB9wW1l
zgUM2lRs7hERXiMlB60qvCUPiDeyGC4VEt/KHH0R5NCymzIdAe8zkvoGucqnIQET
96o7h+C9wSWeahEgk+68bKPVyU851GOB8gcj1rJ1asmdD+5Cq6l4/fbBPV84T1bN
B1zHRVKxGibqPhxEKY7lb2uXRtYMGXEu+BIz9bslRiiijp3AjOn4ukNauTsrhjHb
7TmrkxanV+FmxaOzUbaGRaqxcNMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTDD7al
MBvMl7kfmvyknhCwS9lFeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjY3OGU1ZDctNTk5NS00NzkxLTkzMTgtZjA4N2U4MzY1NGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Hbg
ADANBgkqhkiG9w0BAQsFAAOCAQEAogbjkTtpDXXmPa1a0vhoCKNhiM++8UiV2/lr
w/x3QNpVCWNGYkAETByOqgrsCwx5vYuzyOm0uhUe4R9uB4k8wgx9GevD0uSAPbM7
5tKwy3p4+A2S3G52zxA3i6qN8bnycIzWH6FgqS7eSKqYRgXGA30J8vcd49KCgx8l
NSY2N3CQDM4DBIqb9jOlHxZecKFc/j0estrjpxO7EZrmrtdXxPbOCf8P6EFp9s1D
2Pm1pEmDxmeJOmDvLSweLnQVh1otQDZDP7vE32M7e3hJIm/eC58izwtqgVO+vvMi
AuQUbndbJ9TaXVzXtDCs0JxqTMmCPOePIzugkqUz40sWNbSv2w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:13:04 2026 by rpki-client