Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62d19016-7a77-4f9c-a163-b01636d2402b.roa
File: 62d19016-7a77-4f9c-a163-b01636d2402b.roa (raw, json)
Hash identifier: dkcN0skjEHCVKsq+irKQEKevmTQe5NuLjjL103sd3SU=
Subject key identifier: E8:58:34:60:48:88:BC:18:49:F6:68:F9:9C:AF:1D:BD:18:BD:1F:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BDB2A02CB1877EBC79E306EA6937EB46ECBABA1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62d19016-7a77-4f9c-a163-b01636d2402b.roa
Signing time: Wed 11 Feb 2026 01:30:37 +0000
ROA not before: Wed 11 Feb 2026 01:30:37 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:db:2a:02:cb:18:77:eb:c7:9e:30:6e:a6:93:7e:b4:6e:cb:ab:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:37 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=c4bc480b8fedd6567427d7a76081df9af0fe6d28d6071d63e7b6d261920646e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:21:70:33:ce:2d:2f:97:94:dc:c3:03:04:
2f:ca:49:19:90:42:d9:75:fa:68:21:39:9f:ea:0e:
ef:80:1e:84:9e:56:72:06:dd:8f:05:ac:d8:41:93:
f0:50:42:7e:c8:97:2f:ad:dd:a9:ef:8c:ce:e6:c2:
70:9c:f5:42:35:a1:6b:53:53:f5:b1:36:bd:c1:ec:
45:d8:de:a0:16:01:3f:0b:18:75:b4:5d:1c:4d:36:
9f:11:24:12:28:02:de:c2:ed:24:2e:be:b1:fc:e1:
7d:15:5a:c9:63:1e:e8:9f:99:99:5b:d0:5f:d1:52:
8e:14:7a:c3:73:55:03:64:52:96:41:ec:cb:69:c1:
c4:22:21:16:d8:41:d5:a5:63:b1:00:d8:2d:5c:81:
dd:2d:51:7a:7e:e4:2f:06:4b:1e:f9:f3:7a:1f:74:
4a:e1:fa:f6:75:76:64:41:01:7d:9b:fa:80:99:4b:
dc:07:85:86:5f:23:be:d6:17:3c:39:b4:4c:9f:13:
e7:a0:15:8f:5c:b0:27:19:ee:73:df:26:63:46:82:
06:fb:2a:fe:12:ee:2e:fb:64:31:4d:47:86:fc:b9:
39:27:1f:d0:b1:b0:0c:3b:4e:ff:a5:1f:1c:3d:22:
54:71:ab:f6:bf:d9:ab:2e:e0:28:28:f1:42:55:09:
a7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:58:34:60:48:88:BC:18:49:F6:68:F9:9C:AF:1D:BD:18:BD:1F:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62d19016-7a77-4f9c-a163-b01636d2402b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:e040::/48
Signature Algorithm: sha256WithRSAEncryption
24:1c:79:f9:79:e7:a5:e1:9a:46:08:ff:eb:3b:2b:df:10:13:
e1:08:00:30:c2:82:4d:d8:a6:dc:e6:91:e1:cc:00:fc:98:a3:
b3:ea:24:15:18:d8:93:9e:dc:98:91:80:19:a3:1c:b0:a2:72:
26:ba:b5:5e:17:19:3a:a8:45:08:96:56:3a:ab:12:f3:ab:b1:
37:c8:59:95:96:f9:92:7e:33:63:75:34:99:32:5e:8c:18:e3:
8e:ef:c4:4c:ec:48:9a:58:62:bd:15:53:ef:c1:20:89:6d:ea:
f9:93:71:d5:0b:6c:97:66:3d:d8:70:ad:12:72:32:3f:7a:3a:
ef:72:63:09:05:f5:5a:af:a9:a8:2f:3e:08:29:c4:64:8a:46:
ef:ae:c2:b9:05:a5:20:79:87:85:35:82:44:e3:a8:1a:ca:a4:
90:df:4b:82:a4:88:9a:5b:61:13:50:fa:ab:37:59:1f:8d:8f:
85:11:e4:78:93:9d:58:87:a9:77:ee:94:6d:c5:93:89:c2:56:
46:4d:00:01:27:8d:73:d1:86:84:e7:18:20:1d:bf:a2:e1:08:
4b:36:9a:16:c9:8d:55:e0:33:94:c6:53:6c:f0:d4:dc:c2:58:
19:cd:1e:dc:a8:d7:5b:bc:3d:ad:57:3c:09:32:78:e8:fb:35:
3d:43:72:53
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC9sqAssYd+vHnjBuppN+tG7Lq6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwMzdaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0YmM0ODBiOGZlZGQ2NTY3NDI3ZDdhNzYwODFkZjlhZjBmZTZkMjhkNjA3
MWQ2M2U3YjZkMjYxOTIwNjQ2ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALm6IXAzzi0vl5TcwwMEL8pJGZBC2XX6aCE5n+oO74AehJ5WcgbdjwWs2EGT
8FBCfsiXL63dqe+MzubCcJz1QjWha1NT9bE2vcHsRdjeoBYBPwsYdbRdHE02nxEk
EigC3sLtJC6+sfzhfRVayWMe6J+ZmVvQX9FSjhR6w3NVA2RSlkHsy2nBxCIhFthB
1aVjsQDYLVyB3S1Ren7kLwZLHvnzeh90SuH69nV2ZEEBfZv6gJlL3AeFhl8jvtYX
PDm0TJ8T56AVj1ywJxnuc98mY0aCBvsq/hLuLvtkMU1Hhvy5OScf0LGwDDtO/6Uf
HD0iVHGr9r/Zqy7gKCjxQlUJp3ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBToWDRg
SIi8GEn2aPmcrx29GL0fJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJkMTkwMTYtN2E3Ny00ZjljLWExNjMtYjAxNjM2ZDI0MDJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Grg
QDANBgkqhkiG9w0BAQsFAAOCAQEAJBx5+XnnpeGaRgj/6zsr3xAT4QgAMMKCTdim
3OaR4cwA/Jijs+okFRjYk57cmJGAGaMcsKJyJrq1XhcZOqhFCJZWOqsS86uxN8hZ
lZb5kn4zY3U0mTJejBjjju/ETOxImlhivRVT78EgiW3q+ZNx1Qtsl2Y92HCtEnIy
P3o673JjCQX1Wq+pqC8+CCnEZIpG767CuQWlIHmHhTWCROOoGsqkkN9LgqSImlth
E1D6qzdZH42PhRHkeJOdWIepd+6UbcWTicJWRk0AASeNc9GGhOcYIB2/ouEISzaa
FsmNVeAzlMZTbPDU3MJYGc0e3KjXW7w9rVc8CTJ46Ps1PUNyUw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:15 2026 by rpki-client