Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26edcf2c-2157-4412-a725-5f726d1db93b.roa
File: 26edcf2c-2157-4412-a725-5f726d1db93b.roa (raw, json)
Hash identifier: KSNu1kjD++6PBHZnyt5aOHEZVSKXu83DoLojDZln/78=
Subject key identifier: 0D:89:65:5C:91:B6:37:37:BF:6C:D2:2A:84:80:C5:79:D2:FD:F5:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 427EBA2324DC782467C5184F8D4C6970C7340D34
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26edcf2c-2157-4412-a725-5f726d1db93b.roa
Signing time: Wed 11 Feb 2026 01:20:06 +0000
ROA not before: Wed 11 Feb 2026 01:20:06 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:7e:ba:23:24:dc:78:24:67:c5:18:4f:8d:4c:69:70:c7:34:0d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:20:06 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=ae816308cbf41ac9d919de2b69c904e4139fac5065ce3607731eb05f251e9149, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9c:45:89:d8:b0:c2:9b:56:be:ec:16:cc:50:
54:a8:d9:72:c7:65:4c:00:fd:8f:67:82:1b:72:80:
61:78:dd:06:0e:26:e2:e9:df:9c:b2:99:6e:62:d5:
66:d8:21:e4:69:91:c2:c4:b8:e1:43:80:da:d2:88:
ec:c6:cf:19:21:f9:85:45:39:fa:e4:bf:aa:58:9a:
ea:f4:e3:b6:c7:3c:cb:ff:3f:92:72:b5:7e:0d:04:
8b:64:0f:3a:dd:fb:b6:bc:f3:9a:d8:b5:b9:fd:49:
d6:2c:9a:19:c4:7d:67:37:9a:87:fe:3b:a5:84:00:
29:73:1e:fe:18:b5:f6:45:05:c6:7e:f6:5f:6a:fe:
22:b2:7c:5b:a0:e0:a7:90:50:87:32:e8:8f:08:7e:
34:b5:c4:cd:54:26:69:fa:53:c5:3b:d4:bb:94:76:
c9:23:e6:df:67:d9:7b:cc:3d:87:c2:44:03:04:bb:
03:bf:9d:7c:02:b1:79:0b:fe:30:f5:7f:96:d8:02:
af:06:4e:9b:85:58:45:59:8b:6e:f3:c3:bf:04:a1:
85:e5:f8:5c:61:bc:e0:f2:4f:95:91:aa:32:cf:10:
9b:4e:66:49:28:8e:74:2d:be:a7:c8:ab:91:ab:15:
c3:8f:61:34:56:b2:77:b3:75:20:ed:be:4f:12:0d:
f1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:89:65:5C:91:B6:37:37:BF:6C:D2:2A:84:80:C5:79:D2:FD:F5:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26edcf2c-2157-4412-a725-5f726d1db93b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
98:12:9f:2e:97:b5:e5:9c:8f:fd:25:b8:f2:38:af:2e:a6:fa:
a6:42:18:56:d5:3d:cd:61:02:ee:54:37:d3:3d:de:be:65:16:
9a:c0:a7:57:1e:61:07:bd:8d:94:8d:ab:92:03:e0:04:28:72:
60:b5:97:5c:5c:92:de:b5:62:4b:cb:a5:a1:ab:4a:f1:57:31:
19:49:3d:6a:44:68:ee:18:dc:68:ad:26:fe:f1:3a:6d:d6:d9:
13:51:e4:7e:80:2c:c8:2f:9f:f6:d3:09:47:91:9e:bb:98:45:
aa:8e:18:57:13:0b:04:ea:26:06:9d:98:85:e5:92:87:52:a3:
7f:09:b9:6b:09:40:0e:2d:fe:55:4e:04:86:e7:a5:c4:61:58:
d6:ea:b8:39:87:43:5e:a0:3b:de:33:ff:c3:0b:9e:01:79:ed:
46:f2:e1:58:6e:f9:e7:75:f3:42:62:f5:e4:d2:8a:8d:17:04:
60:9f:c9:96:b9:a1:0a:87:6b:0b:8d:07:d1:7e:33:26:54:95:
a4:90:c6:c3:b1:1f:bf:01:1b:98:50:92:59:55:72:d7:39:6b:
79:de:3e:70:4a:0d:72:c9:fe:d1:ca:86:7a:9a:c4:0e:68:7d:
7e:27:df:62:c1:88:60:ad:9a:e1:5b:f5:97:0e:0a:b1:c7:72:
3a:8f:87:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQn66IyTceCRnxRhPjUxpcMc0DTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTIwMDZaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlODE2MzA4Y2JmNDFhYzlkOTE5ZGUyYjY5YzkwNGU0MTM5ZmFjNTA2NWNl
MzYwNzczMWViMDVmMjUxZTkxNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJycRYnYsMKbVr7sFsxQVKjZcsdlTAD9j2eCG3KAYXjdBg4m4unfnLKZbmLV
Ztgh5GmRwsS44UOA2tKI7MbPGSH5hUU5+uS/qlia6vTjtsc8y/8/knK1fg0Ei2QP
Ot37trzzmti1uf1J1iyaGcR9Zzeah/47pYQAKXMe/hi19kUFxn72X2r+IrJ8W6Dg
p5BQhzLojwh+NLXEzVQmafpTxTvUu5R2ySPm32fZe8w9h8JEAwS7A7+dfAKxeQv+
MPV/ltgCrwZOm4VYRVmLbvPDvwShheX4XGG84PJPlZGqMs8Qm05mSSiOdC2+p8ir
kasVw49hNFayd7N1IO2+TxIN8RECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQNiWVc
kbY3N79s0iqEgMV50v31WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjZlZGNmMmMtMjE1Ny00NDEyLWE3MjUtNWY3MjZkMWRiOTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GrA
wDANBgkqhkiG9w0BAQsFAAOCAQEAmBKfLpe15ZyP/SW48jivLqb6pkIYVtU9zWEC
7lQ30z3evmUWmsCnVx5hB72NlI2rkgPgBChyYLWXXFyS3rViS8uloatK8VcxGUk9
akRo7hjcaK0m/vE6bdbZE1HkfoAsyC+f9tMJR5Geu5hFqo4YVxMLBOomBp2YheWS
h1Kjfwm5awlADi3+VU4EhuelxGFY1uq4OYdDXqA73jP/wwueAXntRvLhWG7553Xz
QmL15NKKjRcEYJ/JlrmhCodrC40H0X4zJlSVpJDGw7EfvwEbmFCSWVVy1zlred4+
cEoNcsn+0cqGeprEDmh9fiffYsGIYK2a4Vv1lw4KscdyOo+H9g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:14 2026 by rpki-client