Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
File: 68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa (raw, json)
Hash identifier: xPQVNUg5CfUDFcOhyW+TbRxez2msqBuOElcxxilarHc=
Subject key identifier: CB:86:A8:C7:7A:08:91:52:AE:D2:73:A8:64:ED:14:41:E4:1B:DD:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31BC02D4B888413CCD0BAE5A8708BA2483D4587B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
Signing time: Fri 13 Feb 2026 15:20:09 +0000
ROA not before: Fri 13 Feb 2026 15:20:09 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:bc:02:d4:b8:88:41:3c:cd:0b:ae:5a:87:08:ba:24:83:d4:58:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:09 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=1a14b9fae55f1daa7770efe5249b220cf17ebb3025b9ad837ffb1c614ac94021, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fc:0b:e2:8c:69:ed:09:6d:3b:fe:1a:76:c2:
6b:d8:7d:fb:9a:98:b9:67:05:60:20:4e:53:f2:2b:
0c:d4:fe:41:38:4c:8d:ac:72:66:04:ec:21:0c:ba:
04:46:1f:5a:e8:71:b5:69:e4:e0:bf:a5:6b:c5:1d:
25:80:76:90:d7:2c:4e:90:ab:a6:d5:ff:3f:14:e2:
a5:2b:5f:bc:20:44:fe:bb:70:03:2f:bc:36:6c:50:
80:78:5d:06:13:77:2f:da:ca:86:24:66:fd:b3:32:
2c:5b:f2:11:1f:ab:2e:2a:f9:2f:82:4e:78:1c:10:
a8:c1:53:4b:cc:e6:14:34:f1:e6:f0:fc:06:0e:19:
d8:a6:e1:78:9a:70:a4:bb:ac:a6:d7:00:97:e2:8a:
ff:cd:42:08:f6:f2:6b:5b:f1:4d:f2:cc:cc:41:4d:
68:eb:3a:da:92:92:55:8c:d9:79:2e:b7:c4:fc:26:
b1:8c:f2:26:fa:69:70:46:05:4f:33:4e:15:ac:f4:
b6:de:28:8d:e5:35:93:d8:d1:c9:28:67:e1:bf:2f:
e5:57:8f:6c:05:bb:bf:55:3f:f9:99:a9:b8:7f:3b:
3a:16:b0:64:13:2c:96:38:4b:aa:3a:67:42:48:43:
0e:09:d5:a1:c5:87:4b:8a:ff:13:16:55:7d:5f:d7:
c6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:86:A8:C7:7A:08:91:52:AE:D2:73:A8:64:ED:14:41:E4:1B:DD:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c000::/40
Signature Algorithm: sha256WithRSAEncryption
67:de:a0:a0:22:0e:a1:97:e0:cf:66:f8:22:25:43:5d:b3:2d:
65:7c:4a:f1:12:3a:6f:33:02:a1:ec:2c:3c:39:f0:5b:a3:9d:
04:a1:0e:ff:4c:46:5f:71:dc:85:2c:52:66:e4:6d:b7:f0:a3:
6a:7f:73:4e:4e:86:f7:81:1a:cf:42:45:69:cd:63:16:11:b4:
cd:6d:9a:6a:2d:50:40:e4:e8:f8:45:67:fa:d3:a4:2c:97:42:
a5:50:54:1a:0a:e6:d5:f8:a1:4d:9c:4b:0f:ab:b8:28:7c:6e:
73:ef:4c:e7:5f:dd:ea:36:f4:f9:f8:60:fa:18:70:25:2e:82:
2c:a6:ab:ee:7f:6c:c3:b4:b9:54:56:26:18:a5:38:34:db:46:
b5:e8:54:20:88:c8:ce:d8:fc:4f:f5:4e:d6:50:02:ed:7d:9b:
2f:10:b3:47:b7:4e:20:79:b3:0c:14:ba:91:97:b2:c4:14:7a:
2b:1f:e4:7d:df:27:01:b0:c7:7e:62:74:b9:a5:0b:07:ae:e8:
09:ed:f9:04:d2:32:e1:15:5f:f9:a7:ce:c9:52:56:74:4c:a7:
0d:64:a8:93:aa:e6:a9:88:d3:f1:92:ef:20:9a:a7:80:1a:b1:
13:07:8c:e7:f9:2d:16:cb:d4:35:72:77:87:eb:26:95:3f:83:
3e:d8:d7:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMbwC1LiIQTzNC65ahwi6JIPUWHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMDlaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhMTRiOWZhZTU1ZjFkYWE3NzcwZWZlNTI0OWIyMjBjZjE3ZWJiMzAyNWI5
YWQ4MzdmZmIxYzYxNGFjOTQwMjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMT8C+KMae0JbTv+GnbCa9h9+5qYuWcFYCBOU/IrDNT+QThMjaxyZgTsIQy6
BEYfWuhxtWnk4L+la8UdJYB2kNcsTpCrptX/PxTipStfvCBE/rtwAy+8NmxQgHhd
BhN3L9rKhiRm/bMyLFvyER+rLir5L4JOeBwQqMFTS8zmFDTx5vD8Bg4Z2KbheJpw
pLusptcAl+KK/81CCPbya1vxTfLMzEFNaOs62pKSVYzZeS63xPwmsYzyJvppcEYF
TzNOFaz0tt4ojeU1k9jRyShn4b8v5VePbAW7v1U/+ZmpuH87OhawZBMsljhLqjpn
QkhDDgnVocWHS4r/ExZVfV/XxhUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLhqjH
egiRUq7Sc6hk7RRB5BvdgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhiNmZkM2UtZTA2Yy00NDU2LWJkODgtNmU4ZDljZTkyYjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLA
MA0GCSqGSIb3DQEBCwUAA4IBAQBn3qCgIg6hl+DPZvgiJUNdsy1lfErxEjpvMwKh
7Cw8OfBbo50EoQ7/TEZfcdyFLFJm5G238KNqf3NOTob3gRrPQkVpzWMWEbTNbZpq
LVBA5Oj4RWf606Qsl0KlUFQaCubV+KFNnEsPq7gofG5z70znX93qNvT5+GD6GHAl
LoIspqvuf2zDtLlUViYYpTg020a16FQgiMjO2PxP9U7WUALtfZsvELNHt04gebMM
FLqRl7LEFHorH+R93ycBsMd+YnS5pQsHrugJ7fkE0jLhFV/5p87JUlZ0TKcNZKiT
quapiNPxku8gmqeAGrETB4zn+S0Wy9Q1cneH6yaVP4M+2Ncb
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:18 2026 by rpki-client