Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
File: 758ab83f-3a25-48db-a214-04c27915b62e.roa (raw, json)
Hash identifier: uiKcoIMvRUxwYtBuBQig+tdoiACeedHNKjy2hMVUNx4=
Subject key identifier: 26:90:4C:82:D7:4C:D9:69:FC:B7:23:C9:F5:B1:7B:35:21:B9:17:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 658A1035E0112A5840129AC6428C1CBC6F010144
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
Signing time: Sat 28 Feb 2026 06:10:08 +0000
ROA not before: Sat 28 Feb 2026 06:10:08 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:8a:10:35:e0:11:2a:58:40:12:9a:c6:42:8c:1c:bc:6f:01:01:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:08 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=ed430041a0a7b3ecf64e361ded7e16c983bb2c8349d3cd33b88fe8f67866f6ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a8:20:35:2e:a5:a3:71:d4:61:df:23:7f:92:
84:46:57:27:18:f4:9d:31:e0:1a:16:6d:99:a3:a3:
a0:ab:10:19:30:14:be:ee:3e:af:ff:c2:d5:6c:0d:
b2:fc:a3:8b:47:df:73:68:7b:ee:2c:76:08:5a:85:
d5:03:52:ef:56:fe:09:7e:7c:7f:7b:36:ec:73:02:
9b:e8:c2:a9:ba:26:3f:a2:1a:88:4e:9c:59:39:fe:
35:b4:f7:68:ef:6f:cd:0d:86:d6:3d:73:32:a1:87:
ce:d5:f5:51:06:75:e0:a6:37:78:02:ee:c8:69:98:
7b:0b:f2:4c:75:91:b5:94:2c:6a:b6:c0:4f:50:ba:
84:17:5a:4f:25:5b:cb:ed:c0:dd:e4:fb:c0:ed:35:
a8:fe:89:53:5c:72:cd:2f:ae:94:bc:48:da:e4:5b:
26:2d:3e:72:05:a0:e6:14:e2:22:1d:71:bd:91:c8:
29:3d:c6:fc:dc:fc:77:7f:28:f3:d8:a3:01:99:cd:
fb:5f:a0:6f:77:3f:58:3e:07:4b:7a:92:43:c1:04:
a6:c2:88:a3:c0:58:9a:f3:19:5d:9e:f6:cc:42:6d:
83:c8:d0:82:28:d5:1c:09:87:ad:e7:2d:22:3d:50:
29:05:6c:65:5d:b9:88:db:24:f9:20:05:68:8e:df:
73:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:90:4C:82:D7:4C:D9:69:FC:B7:23:C9:F5:B1:7B:35:21:B9:17:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:a000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:14:8c:2e:a3:15:43:6e:78:d8:8b:58:a1:a5:d5:fd:00:e5:
11:b0:9d:f5:03:92:6a:94:60:dc:fe:47:89:18:cf:f2:f4:d4:
3c:bd:51:25:6f:fc:1f:a6:11:09:5c:7e:8a:30:c2:43:8c:03:
48:ae:44:2e:0c:17:fe:cc:9f:a6:0d:3d:fa:b0:1f:b1:5b:ae:
b9:09:8a:85:0d:5a:86:ab:bd:51:55:3b:24:57:ba:e5:40:5f:
db:86:a6:25:e4:1d:25:ac:f7:96:7b:21:d0:19:3b:c2:c7:1a:
b3:bc:8c:6c:4a:c9:da:cc:35:6e:04:b2:16:1d:dc:b5:4f:64:
c7:8a:a6:34:82:f3:3f:e5:aa:c9:27:3c:e8:6b:82:05:a0:05:
66:cb:75:d4:6b:04:98:0b:67:7c:d8:a3:d4:d2:6c:b7:50:15:
58:dd:76:6a:86:23:7f:db:b3:74:21:83:49:4a:4a:b4:9c:d8:
b7:46:c1:92:ce:89:12:7f:83:b8:ab:98:57:7b:22:aa:33:8a:
6d:4b:88:09:4d:92:6a:df:37:d4:b5:74:5b:db:60:2a:c3:8d:
ba:01:8d:38:22:d0:01:0f:aa:f0:ae:16:10:3d:12:1d:43:f8:
2d:7d:86:2c:6b:43:e8:15:fb:74:22:ba:8b:5d:7e:25:4d:63:
37:99:f9:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZYoQNeARKlhAEprGQowcvG8BAUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkNDMwMDQxYTBhN2IzZWNmNjRlMzYxZGVkN2UxNmM5ODNiYjJjODM0OWQz
Y2QzM2I4OGZlOGY2Nzg2NmY2ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPKoIDUupaNx1GHfI3+ShEZXJxj0nTHgGhZtmaOjoKsQGTAUvu4+r//C1WwN
svyji0ffc2h77ix2CFqF1QNS71b+CX58f3s27HMCm+jCqbomP6IaiE6cWTn+NbT3
aO9vzQ2G1j1zMqGHztX1UQZ14KY3eALuyGmYewvyTHWRtZQsarbAT1C6hBdaTyVb
y+3A3eT7wO01qP6JU1xyzS+ulLxI2uRbJi0+cgWg5hTiIh1xvZHIKT3G/Nz8d38o
89ijAZnN+1+gb3c/WD4HS3qSQ8EEpsKIo8BYmvMZXZ72zEJtg8jQgijVHAmHrect
Ij1QKQVsZV25iNsk+SAFaI7fc40CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmkEyC
10zZafy3I8n1sXs1IbkX7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU4YWI4M2YtM2EyNS00OGRiLWEyMTQtMDRjMjc5MTViNjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2g
MA0GCSqGSIb3DQEBCwUAA4IBAQCcFIwuoxVDbnjYi1ihpdX9AOURsJ31A5JqlGDc
/keJGM/y9NQ8vVElb/wfphEJXH6KMMJDjANIrkQuDBf+zJ+mDT36sB+xW665CYqF
DVqGq71RVTskV7rlQF/bhqYl5B0lrPeWeyHQGTvCxxqzvIxsSsnazDVuBLIWHdy1
T2THiqY0gvM/5arJJzzoa4IFoAVmy3XUawSYC2d82KPU0my3UBVY3XZqhiN/27N0
IYNJSkq0nNi3RsGSzokSf4O4q5hXeyKqM4ptS4gJTZJq3zfUtXRb22Aqw426AY04
ItABD6rwrhYQPRIdQ/gtfYYsa0PoFft0IrqLXX4lTWM3mfkB
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:55:57 2026 by rpki-client