Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
File: 68ece0e7-075e-4bcd-873e-0c74882a8546.roa (raw, json)
Hash identifier: 8H7pyfBr+df9rJUpb5Usg+g/bZgjV0gzBhZ1UG+0j2g=
Subject key identifier: BA:0C:6A:66:C8:BF:9E:2C:E6:D2:DE:36:80:F5:05:41:3A:4F:F3:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 175787A739960A182C60B07849E056C1CF96B7E9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
Signing time: Sat 28 Feb 2026 06:10:10 +0000
ROA not before: Sat 28 Feb 2026 06:10:10 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:57:87:a7:39:96:0a:18:2c:60:b0:78:49:e0:56:c1:cf:96:b7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:10 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=832b9f6d8cbb6589cd8b23838e95b7dfb86280a9ff8db0019a5fe019c05824c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:22:d6:82:e7:65:be:e5:89:52:37:02:3c:13:
16:47:7f:26:36:76:94:45:21:16:85:ee:d9:1a:4d:
15:45:5b:33:22:49:b8:bd:a7:92:98:ee:d2:d5:86:
46:32:f1:a5:6d:8b:89:ae:0b:09:ec:72:e5:d1:48:
ea:02:d3:4f:7e:3d:80:1b:8c:2c:1b:18:ec:96:d8:
a4:82:33:ef:d5:5a:01:94:47:d7:ac:a6:a1:27:04:
3d:8b:a1:90:6e:7d:d2:ac:4d:78:a8:95:ef:b8:46:
8e:30:77:5b:3a:d5:e6:16:08:1b:8f:2b:20:a9:8e:
27:ca:42:b6:e3:50:56:31:bc:07:c2:f3:0a:8d:3c:
c0:5a:29:f9:2e:35:0a:57:7a:34:6c:73:41:73:8a:
17:e2:2d:69:73:a8:7d:70:58:ff:27:75:55:c3:89:
07:82:cc:73:f2:84:4a:ad:5d:12:b7:10:2c:6c:8b:
cb:25:9d:b4:a0:35:1b:1c:25:fe:c3:70:9d:2f:5c:
f6:46:f8:aa:49:2e:de:20:6f:42:e1:bb:a0:4d:30:
aa:1d:ea:cf:95:7b:15:cb:42:39:2b:ff:0a:b3:69:
92:9a:25:29:7c:3b:fb:4c:53:ac:dc:f8:2c:5d:06:
a6:73:94:74:8a:3f:79:d2:86:45:a4:ae:48:05:c8:
6c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:0C:6A:66:C8:BF:9E:2C:E6:D2:DE:36:80:F5:05:41:3A:4F:F3:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8080::/48
Signature Algorithm: sha256WithRSAEncryption
49:a7:b4:c7:d2:f0:4e:61:34:67:02:eb:8e:63:9f:da:ce:dd:
a1:b9:a0:0e:0c:5d:2a:83:d4:50:18:aa:eb:e7:c4:25:78:2c:
4c:00:61:ef:b1:ed:83:aa:2a:44:72:8b:4d:c3:03:f1:e0:d1:
6e:88:d5:b5:47:43:f3:b4:ae:d2:73:86:5f:76:54:46:16:84:
4f:a7:83:8e:94:56:16:5c:e4:3c:87:25:e4:8b:07:90:f2:3f:
5e:00:cd:90:a2:aa:a3:bb:8d:ed:07:b7:a2:07:b4:6c:7d:0c:
ea:85:a5:89:ca:07:96:89:38:22:b8:85:47:2e:76:78:a1:65:
58:bc:01:d8:b4:ef:8b:cf:2d:4f:ef:df:b0:bd:21:33:0d:94:
85:de:2a:5b:87:94:14:67:4f:d9:a8:0b:6f:77:44:be:46:d9:
4c:87:e4:d8:9b:3b:82:59:91:ca:20:43:0d:d5:0d:77:f5:ec:
8b:f7:22:07:cb:01:8c:20:da:de:39:27:fb:58:68:bc:ba:77:
ef:eb:e7:85:31:4a:b9:7f:fe:6b:4f:62:58:39:f3:f8:29:9d:
ca:96:4c:09:49:cb:ed:b5:b0:27:99:c1:5a:55:2f:d2:cd:75:
37:e1:34:83:f2:9b:d5:23:8f:ae:49:38:02:82:ca:fe:ec:74:
0e:6d:76:a7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUF1eHpzmWChgsYLB4SeBWwc+Wt+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzMmI5ZjZkOGNiYjY1ODljZDhiMjM4MzhlOTViN2RmYjg2MjgwYTlmZjhk
YjAwMTlhNWZlMDE5YzA1ODI0YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwi1oLnZb7liVI3AjwTFkd/JjZ2lEUhFoXu2RpNFUVbMyJJuL2nkpju0tWG
RjLxpW2Lia4LCexy5dFI6gLTT349gBuMLBsY7JbYpIIz79VaAZRH16ymoScEPYuh
kG590qxNeKiV77hGjjB3WzrV5hYIG48rIKmOJ8pCtuNQVjG8B8LzCo08wFop+S41
Cld6NGxzQXOKF+ItaXOofXBY/yd1VcOJB4LMc/KESq1dErcQLGyLyyWdtKA1Gxwl
/sNwnS9c9kb4qkku3iBvQuG7oE0wqh3qz5V7FctCOSv/CrNpkpolKXw7+0xTrNz4
LF0GpnOUdIo/edKGRaSuSAXIbN8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS6DGpm
yL+eLObS3jaA9QVBOk/zTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhlY2UwZTctMDc1ZS00YmNkLTg3M2UtMGM3NDg4MmE4NTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
gDANBgkqhkiG9w0BAQsFAAOCAQEASae0x9LwTmE0ZwLrjmOf2s7dobmgDgxdKoPU
UBiq6+fEJXgsTABh77Htg6oqRHKLTcMD8eDRbojVtUdD87Su0nOGX3ZURhaET6eD
jpRWFlzkPIcl5IsHkPI/XgDNkKKqo7uN7Qe3oge0bH0M6oWlicoHlok4IriFRy52
eKFlWLwB2LTvi88tT+/fsL0hMw2Uhd4qW4eUFGdP2agLb3dEvkbZTIfk2Js7glmR
yiBDDdUNd/Xsi/ciB8sBjCDa3jkn+1hovLp37+vnhTFKuX/+a09iWDnz+CmdypZM
CUnL7bWwJ5nBWlUv0s11N+E0g/Kb1SOPrkk4AoLK/ux0Dm12pw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:52 2026 by rpki-client