Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/640a1f52-8635-44af-ae6e-cc941e49e749.roa
File: 640a1f52-8635-44af-ae6e-cc941e49e749.roa (raw, json)
Hash identifier: CS9+88u9LkHbUi2+I6aq9hsxiRBT/Mg+n5tRFYg/FfU=
Subject key identifier: 0B:B5:3F:72:92:11:2E:A8:8F:52:EC:0E:5C:9E:AC:D6:53:6C:75:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BF863997E37275C1B74C39B32D069FD784CCE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/640a1f52-8635-44af-ae6e-cc941e49e749.roa
Signing time: Fri 06 Feb 2026 00:30:14 +0000
ROA not before: Fri 06 Feb 2026 00:30:14 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:6080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:f8:63:99:7e:37:27:5c:1b:74:c3:9b:32:d0:69:fd:78:4c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:30:14 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=4a846ddba7fe9fd8d931945ef384e2fc2a9fa8f3e6dd38d321380bf9a072a413, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f6:45:9f:29:10:fa:61:d2:fe:28:5c:3d:eb:
e5:e3:fb:12:98:9c:39:8c:3c:c4:4b:ab:54:f7:a6:
d6:41:2b:23:99:77:ef:d3:d7:7b:bd:97:23:8d:08:
8e:e2:d8:36:dc:e8:f4:11:bd:2a:38:78:99:31:9e:
b7:b2:d5:6a:9e:21:f2:cc:69:9c:8e:b3:49:fe:3c:
bb:63:19:19:b3:ba:55:b4:14:4f:ec:5b:f2:76:2e:
77:27:00:50:67:f4:0b:2a:a2:a7:06:99:af:68:05:
11:84:94:7a:cb:a9:44:ce:65:7f:33:0c:4b:dc:29:
fe:2f:53:45:67:16:41:58:0f:5d:76:44:fe:ea:7c:
d7:46:81:f3:7d:85:f2:41:61:91:14:dd:d2:c3:8b:
12:f5:50:53:7e:35:69:34:b2:b1:9e:4b:23:cc:6c:
cc:03:f3:a4:34:2d:ec:fe:58:8f:86:08:1e:06:91:
24:ef:0d:f2:2e:75:9b:1d:95:f6:86:7e:c4:f0:b3:
94:b4:a6:70:9f:24:a1:31:20:4c:93:c2:69:cf:e8:
50:ba:0c:b4:e7:36:05:2a:3e:04:4b:55:fa:77:58:
e0:33:c2:c0:67:f5:99:07:fc:00:4e:b9:e3:c6:ed:
7f:74:64:87:2b:f2:dd:65:35:7a:00:3e:48:29:2f:
ea:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B5:3F:72:92:11:2E:A8:8F:52:EC:0E:5C:9E:AC:D6:53:6C:75:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/640a1f52-8635-44af-ae6e-cc941e49e749.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6080::/46
Signature Algorithm: sha256WithRSAEncryption
09:f1:69:82:84:cd:98:eb:09:d9:f7:a3:44:64:86:20:01:dc:
92:1b:91:77:1f:02:43:f6:51:45:91:5f:d6:fc:ac:d0:87:d1:
a7:13:a8:88:6f:ed:d1:76:82:82:dd:3d:bc:11:cf:54:7e:d0:
0e:4f:42:4e:d8:25:e7:90:c9:a1:4d:e3:b8:d2:bc:fc:8f:f2:
01:27:15:15:4f:2f:53:5b:ea:b8:c6:96:b1:2d:a3:b2:a8:2a:
40:b1:f7:fa:4c:95:3e:34:4e:f8:73:29:3f:b4:0c:e4:f2:d3:
e6:45:1d:b0:20:93:f5:5b:2f:52:51:df:78:50:54:98:65:c8:
03:f5:da:f0:d6:12:0c:49:36:2d:0a:59:08:e5:7c:b9:ce:77:
5d:ea:ac:22:22:62:6a:61:67:08:be:77:7f:01:6f:95:f5:f3:
c7:b3:e8:6e:27:21:5f:1a:8d:32:0a:9f:90:bc:c6:8e:3d:c2:
ed:e5:a7:11:8a:0b:0e:ca:58:78:e4:a8:e7:69:f7:f3:d3:8c:
0e:c0:83:9a:38:33:d9:c0:19:5c:f3:d7:69:95:fc:ff:d3:df:
e9:ed:ae:f5:b2:69:d1:dc:a7:0d:b4:27:4f:4b:0e:29:5d:cc:
8c:b2:01:3a:e7:eb:2a:66:4b:e4:97:40:2f:ad:b7:4c:6b:aa:
a3:cc:23:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITO/hjmX43J1wbdMObMtBp/XhMzjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI2MDIwNjAwMzAxNFoXDTI2MDUwNzIzNTk1OVowejFJMEcGA1UE
BRNANGE4NDZkZGJhN2ZlOWZkOGQ5MzE5NDVlZjM4NGUyZmMyYTlmYThmM2U2ZGQz
OGQzMjEzODBiZjlhMDcyYTQxMzEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuPZFnykQ+mHS/ihcPevl4/sSmJw5jDzES6tU96bWQSsjmXfv09d7vZcjjQiO
4tg23Oj0Eb0qOHiZMZ63stVqniHyzGmcjrNJ/jy7YxkZs7pVtBRP7Fvydi53JwBQ
Z/QLKqKnBpmvaAURhJR6y6lEzmV/MwxL3Cn+L1NFZxZBWA9ddkT+6nzXRoHzfYXy
QWGRFN3Sw4sS9VBTfjVpNLKxnksjzGzMA/OkNC3s/liPhggeBpEk7w3yLnWbHZX2
hn7E8LOUtKZwnyShMSBMk8Jpz+hQugy05zYFKj4ES1X6d1jgM8LAZ/WZB/wATrnj
xu1/dGSHK/LdZTV6AD5IKS/qwwIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFAu1P3KS
ES6oj1LsDlyerNZTbHVDMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC82
NDBhMWY1Mi04NjM1LTQ0YWYtYWU2ZS1jYzk0MWU0OWU3NDkucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgXQNGCA
MA0GCSqGSIb3DQEBCwUAA4IBAQAJ8WmChM2Y6wnZ96NEZIYgAdySG5F3HwJD9lFF
kV/W/KzQh9GnE6iIb+3RdoKC3T28Ec9UftAOT0JO2CXnkMmhTeO40rz8j/IBJxUV
Ty9TW+q4xpaxLaOyqCpAsff6TJU+NE74cyk/tAzk8tPmRR2wIJP1Wy9SUd94UFSY
ZcgD9drw1hIMSTYtClkI5Xy5zndd6qwiImJqYWcIvnd/AW+V9fPHs+huJyFfGo0y
Cp+QvMaOPcLt5acRigsOylh45Kjnaffz04wOwIOaODPZwBlc89dplfz/09/p7a71
smnR3KcNtCdPSw4pXcyMsgE65+sqZkvkl0AvrbdMa6qjzCOe
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:49 2026 by rpki-client