Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
File: 66a53b3f-eb55-4869-ac1a-f83569ee728f.roa (raw, json)
Hash identifier: LNQueatCgiFALH0XVZVXR5wyDUE23kyihUczvEpiFF0=
Subject key identifier: D4:D3:84:5F:DD:45:FF:24:F7:76:6F:2E:F5:78:62:A1:D8:57:BB:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E48060CB5540EBCAEBCC4016190AF5BECBCCF08
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
Signing time: Fri 20 Feb 2026 01:40:10 +0000
ROA not before: Fri 20 Feb 2026 01:40:10 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:48:06:0c:b5:54:0e:bc:ae:bc:c4:01:61:90:af:5b:ec:bc:cf:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:40:10 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=28f8f6be0a7d50ea1d9dc5f475789a7a44f19df8af2688cce9bd93f12679f897, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9b:65:bb:c5:56:c8:f5:4c:42:0a:b1:78:cf:
25:e7:34:08:c2:98:a1:15:23:d2:29:2c:58:0f:0c:
30:dd:d9:ad:04:d8:4b:93:ff:af:f8:3b:c7:2e:d8:
e8:c4:d1:00:cd:76:35:bb:38:9f:36:8f:7c:7d:2f:
24:06:c2:8b:13:16:20:4e:7d:b6:16:03:eb:c2:64:
b4:ef:fd:ca:e9:a1:a4:af:21:db:56:0e:da:e6:ae:
db:56:8a:a8:0b:16:85:12:60:fe:50:86:85:1e:a3:
6c:60:c8:89:15:bc:c6:ba:3c:10:05:fc:68:11:d2:
1a:60:7b:33:5f:55:5f:0b:f0:1a:b8:2d:b6:87:2f:
25:15:2d:3f:38:76:e6:28:89:f7:32:81:e1:78:e7:
98:af:4d:ee:64:ae:9f:96:06:b5:ff:85:8e:9d:59:
d9:71:aa:9e:8f:7c:4c:fe:f3:40:86:24:07:87:05:
ec:5c:97:d4:1e:41:c2:8c:c0:b7:27:9a:48:7d:cc:
11:e1:d6:00:36:28:b9:59:c0:68:c4:68:f8:74:dd:
6b:46:c3:5c:b2:e1:84:c4:6b:be:a7:e3:28:c3:70:
48:e4:ff:11:54:6a:7f:a7:ba:01:97:db:4d:32:6d:
87:23:15:dd:00:71:d0:e6:06:d9:c9:cd:e5:25:ea:
ca:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D3:84:5F:DD:45:FF:24:F7:76:6F:2E:F5:78:62:A1:D8:57:BB:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:74:58:d8:f3:28:12:de:1a:4f:73:18:a3:49:b9:06:e3:a9:
09:28:9a:d6:14:10:ea:32:34:cf:25:10:d3:c1:d4:18:18:fc:
30:92:25:75:24:8b:39:9e:26:d4:f0:aa:2d:6b:12:b0:9e:90:
4c:c3:90:c4:c1:cb:68:0f:43:bf:aa:1b:85:be:fa:d7:0b:1f:
4d:9b:d3:96:c5:91:c4:e4:43:9a:1f:74:db:72:12:b3:9e:3f:
bb:c7:cd:be:af:f6:66:15:07:bf:28:ad:9c:30:59:bd:ba:f7:
b2:74:d1:aa:d4:1a:d7:54:8c:bd:77:31:c3:4d:51:db:5d:f9:
74:8b:8a:64:91:35:5b:ff:f6:91:01:75:f0:50:e8:ad:2e:a6:
73:87:9c:b2:c7:10:56:a9:7d:16:3b:b0:3e:b3:81:fd:b9:1d:
a5:69:1b:54:9f:e4:f9:4a:56:9d:49:93:3b:b6:4a:9e:ec:8e:
40:82:0a:70:d2:0c:37:8c:76:79:10:7d:66:51:27:5c:a2:b5:
e0:1f:79:e9:dc:71:a2:a4:7f:88:fc:5a:b7:27:df:ef:e8:83:
b2:fe:45:cd:ec:b7:71:5a:0c:2e:1b:3b:ca:ba:9e:c6:2e:79:
ff:a2:b2:c8:d5:c1:81:2a:a3:33:1e:41:da:11:56:4a:73:42:
87:f2:14:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbkgGDLVUDryuvMQBYZCvW+y8zwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTQwMTBaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4ZjhmNmJlMGE3ZDUwZWExZDlkYzVmNDc1Nzg5YTdhNDRmMTlkZjhhZjI2
ODhjY2U5YmQ5M2YxMjY3OWY4OTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmbZbvFVsj1TEIKsXjPJec0CMKYoRUj0iksWA8MMN3ZrQTYS5P/r/g7xy7Y
6MTRAM12Nbs4nzaPfH0vJAbCixMWIE59thYD68JktO/9yumhpK8h21YO2uau21aK
qAsWhRJg/lCGhR6jbGDIiRW8xro8EAX8aBHSGmB7M19VXwvwGrgttocvJRUtPzh2
5iiJ9zKB4XjnmK9N7mSun5YGtf+Fjp1Z2XGqno98TP7zQIYkB4cF7FyX1B5BwozA
tyeaSH3MEeHWADYouVnAaMRo+HTda0bDXLLhhMRrvqfjKMNwSOT/EVRqf6e6AZfb
TTJthyMV3QBx0OYG2cnN5SXqylcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTU04Rf
3UX/JPd2by71eGKh2Fe71jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjZhNTNiM2YtZWI1NS00ODY5LWFjMWEtZjgzNTY5ZWU3MjhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQDEdFjY8ygS3hpPcxijSbkG46kJKJrWFBDqMjTP
JRDTwdQYGPwwkiV1JIs5nibU8KotaxKwnpBMw5DEwctoD0O/qhuFvvrXCx9Nm9OW
xZHE5EOaH3TbchKznj+7x82+r/ZmFQe/KK2cMFm9uveydNGq1BrXVIy9dzHDTVHb
Xfl0i4pkkTVb//aRAXXwUOitLqZzh5yyxxBWqX0WO7A+s4H9uR2laRtUn+T5Slad
SZM7tkqe7I5Aggpw0gw3jHZ5EH1mUSdcorXgH3np3HGipH+I/Fq3J9/v6IOy/kXN
7LdxWgwuGzvKup7GLnn/orLI1cGBKqMzHkHaEVZKc0KH8hQw
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:04:43 2026 by rpki-client