Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
File: 689f17ea-2ccc-4beb-bf91-0695da802222.roa (raw, json)
Hash identifier: VdWHrQBAXwB//zd73M/9EorV3UJs0MQP8HvUtUdmI9M=
Subject key identifier: 30:2F:67:97:73:4F:F1:45:96:76:8E:D2:FD:FF:FD:48:1A:2C:C4:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3409271B0C982774628420F201A22487986A235F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
Signing time: Fri 20 Feb 2026 01:51:07 +0000
ROA not before: Fri 20 Feb 2026 01:51:07 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:09:27:1b:0c:98:27:74:62:84:20:f2:01:a2:24:87:98:6a:23:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:51:07 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=0d1b32de1ef431a528443585a5fed216caf80c61ac3fa89ee61c41a2914638c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:72:7e:90:68:6f:cd:5e:57:05:9a:e2:77:c3:
63:21:d1:af:b4:a8:4c:55:09:24:0a:9f:97:9f:50:
a5:c1:f1:88:3c:57:8e:42:ed:7f:78:e2:5f:ea:2b:
40:49:10:2d:4a:2b:32:ec:d3:7f:f6:7a:a4:09:cd:
6a:77:9d:2c:b4:d1:0c:38:0d:37:5c:1e:41:86:e1:
ee:d6:30:24:e1:af:76:9e:79:9f:bd:58:07:60:29:
1b:69:8d:50:6f:35:f5:e9:72:9c:c4:ae:64:76:9c:
c4:a3:ac:47:0c:17:d7:cc:3c:08:05:8d:ca:6b:51:
a5:10:95:49:aa:2c:73:28:35:a5:6a:de:b6:e4:41:
e1:ae:43:a1:b2:e9:2e:58:41:9b:5c:40:06:00:f3:
04:f1:69:79:5a:0d:3a:83:78:cd:57:b7:e8:d7:30:
a7:b9:79:d2:e7:f5:c8:1e:7d:63:58:89:87:73:86:
7f:65:01:68:bd:30:b4:15:b7:21:28:88:97:1a:3e:
20:4d:e5:c0:ef:88:54:b1:cf:2c:27:69:08:ff:bc:
4e:af:2c:95:a6:8a:13:50:d4:f7:c2:5d:0a:e4:90:
cf:a9:b5:40:9f:75:38:ff:73:29:e1:18:a4:5d:ed:
02:3e:4d:19:03:79:a2:de:bf:40:91:ba:b7:17:3b:
52:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2F:67:97:73:4F:F1:45:96:76:8E:D2:FD:FF:FD:48:1A:2C:C4:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c2:ed:9e:e9:b8:a4:69:e9:5c:22:18:a5:6a:a2:9b:0a:5e:c0:
3b:fc:37:14:67:fa:05:72:3d:2c:9c:7d:3f:63:83:36:65:d5:
fa:da:96:a0:05:20:6b:2c:2b:05:f6:0d:85:3e:7e:35:fd:17:
21:27:cd:e3:c4:1a:8b:3c:a9:5f:1e:6c:2a:18:7d:a1:07:37:
0f:d8:06:5d:26:67:a6:16:7a:67:60:cf:fd:66:14:66:95:ed:
8e:d1:4e:fb:e2:3c:c4:f3:cd:74:f4:f7:8a:11:a5:ad:72:34:
e8:db:f4:61:d8:6d:04:6f:e0:cc:ce:5f:07:2c:f6:01:e3:a4:
21:7a:47:1a:3f:89:db:eb:e5:9e:b8:7f:d1:db:2e:80:8f:32:
ae:ea:90:f0:cd:dc:8c:6e:43:26:ac:ca:51:4f:bb:5b:ac:31:
ca:0b:85:42:8c:e5:db:7c:4f:5b:87:03:1b:34:52:17:c0:ef:
36:35:80:b6:fa:07:ce:02:4c:57:df:af:b2:f2:67:b1:c6:1c:
30:34:ec:13:57:d2:38:b3:1e:b9:2f:01:1e:c8:b7:1c:ee:ee:
38:11:4d:0c:8a:bd:03:d5:94:00:16:99:93:89:e0:9c:e4:60:
3b:20:20:d3:ac:23:83:7f:4a:65:23:4e:d1:d1:cd:f5:b1:24:
ae:8a:bb:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNAknGwyYJ3RihCDyAaIkh5hqI18wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUxMDdaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkMWIzMmRlMWVmNDMxYTUyODQ0MzU4NWE1ZmVkMjE2Y2FmODBjNjFhYzNm
YTg5ZWU2MWM0MWEyOTE0NjM4YzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5yfpBob81eVwWa4nfDYyHRr7SoTFUJJAqfl59QpcHxiDxXjkLtf3jiX+or
QEkQLUorMuzTf/Z6pAnNanedLLTRDDgNN1weQYbh7tYwJOGvdp55n71YB2ApG2mN
UG819elynMSuZHacxKOsRwwX18w8CAWNymtRpRCVSaoscyg1pWretuRB4a5DobLp
LlhBm1xABgDzBPFpeVoNOoN4zVe36Ncwp7l50uf1yB59Y1iJh3OGf2UBaL0wtBW3
ISiIlxo+IE3lwO+IVLHPLCdpCP+8Tq8slaaKE1DU98JdCuSQz6m1QJ91OP9zKeEY
pF3tAj5NGQN5ot6/QJG6txc7UksCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwL2eX
c0/xRZZ2jtL9//1IGizEOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg5ZjE3ZWEtMmNjYy00YmViLWJmOTEtMDY5NWRhODAyMjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDC7Z7puKRp6VwiGKVqopsKXsA7/DcUZ/oFcj0s
nH0/Y4M2ZdX62pagBSBrLCsF9g2FPn41/RchJ83jxBqLPKlfHmwqGH2hBzcP2AZd
JmemFnpnYM/9ZhRmle2O0U774jzE88109PeKEaWtcjTo2/Rh2G0Eb+DMzl8HLPYB
46QhekcaP4nb6+WeuH/R2y6AjzKu6pDwzdyMbkMmrMpRT7tbrDHKC4VCjOXbfE9b
hwMbNFIXwO82NYC2+gfOAkxX36+y8mexxhwwNOwTV9I4sx65LwEeyLcc7u44EU0M
ir0D1ZQAFpmTieCc5GA7ICDTrCODf0plI07R0c31sSSuirtd
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:58 2026 by rpki-client