Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
File: 76526233-4062-463b-bfd0-bbe1d12891fa.roa (raw, json)
Hash identifier: 1eSBU+wXRVB2R5gAwQMqfSIcpZWcy5Df+g2yEP7yMBU=
Subject key identifier: 33:9B:B7:71:C5:14:4A:60:05:62:FA:36:E7:13:EF:43:DA:6E:DF:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CCA26BE6D486F800C4543F15A86A7D6712DBE5B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
Signing time: Tue 24 Feb 2026 04:10:43 +0000
ROA not before: Tue 24 Feb 2026 04:10:43 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ca:26:be:6d:48:6f:80:0c:45:43:f1:5a:86:a7:d6:71:2d:be:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 04:10:43 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=3d849fbcc6c31ba39fa5459469303b87a5fe8645f0574f4f32a06340db9be391, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:91:63:e9:f5:dc:6e:16:55:f4:96:04:5f:29:
7f:70:b4:13:78:de:ae:17:0b:46:be:d9:27:54:cf:
52:3c:b8:05:54:58:c2:2c:28:ce:94:61:2e:70:79:
0f:eb:bb:0e:f1:29:ef:20:75:f3:05:f4:1f:ad:ae:
6f:58:2e:b2:a6:6a:14:7b:a5:7e:2a:df:54:45:e4:
2e:83:e4:b3:f4:4a:c5:00:aa:1c:db:d1:0d:6a:e6:
06:a0:f1:31:eb:3c:f4:46:63:55:bf:60:97:90:d6:
78:84:1a:6b:49:5d:80:c9:1f:97:4b:52:30:7d:03:
19:cc:16:d6:65:17:01:ae:fd:d7:13:a9:40:f3:72:
a4:51:aa:69:1a:8e:e3:fd:8d:25:46:cb:87:34:4a:
1d:62:42:fa:d2:40:53:6a:fd:87:ca:9c:23:4b:f2:
7f:ac:f2:9e:bf:d1:79:3d:4d:d4:38:aa:77:ac:0f:
61:ca:83:e7:ab:a2:55:7d:13:41:14:6d:75:f1:58:
72:0c:35:11:93:22:fe:3a:0a:52:36:cc:36:54:01:
4c:95:5f:e9:27:1c:ce:2e:fc:2b:2d:58:2c:1c:2c:
72:63:4f:72:e5:8b:ab:ca:02:8a:af:25:f6:66:9e:
f7:36:75:15:d7:5f:34:01:ce:b8:27:f1:33:de:0e:
82:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9B:B7:71:C5:14:4A:60:05:62:FA:36:E7:13:EF:43:DA:6E:DF:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4010::/48
Signature Algorithm: sha256WithRSAEncryption
8c:56:87:ec:9d:bf:e2:cc:78:f6:97:b0:b5:1e:68:1c:63:f2:
3b:48:ec:92:06:c7:0d:92:db:da:b0:cb:f4:a3:e1:4e:6a:3e:
1b:b2:a8:7c:4d:04:c0:7e:ff:57:8b:5d:de:41:d4:f4:2c:06:
6b:2d:ee:d4:af:95:1a:d7:d8:6e:f3:72:6b:44:f9:b7:d3:14:
c5:80:3c:ff:33:2a:79:ee:e6:76:35:5c:91:d4:d1:0a:2a:4e:
7f:b1:41:13:64:91:ac:18:1c:fd:8c:cb:40:4f:ea:08:fb:48:
eb:53:61:51:1b:1f:70:13:a5:a4:e5:5a:8e:c5:73:8a:91:c4:
64:6d:9e:dd:05:dd:84:19:81:66:28:55:d8:39:18:7f:40:83:
76:08:59:65:7b:66:06:65:82:63:02:d4:bf:49:7e:e2:53:d5:
9f:6d:f9:3c:6f:27:ee:a5:a2:ec:11:b8:07:ef:8d:c3:34:72:
ab:92:bb:01:5b:95:a4:d3:d5:2e:59:ed:0c:9a:3c:9c:17:38:
7e:ac:eb:52:47:02:5c:e1:c2:3f:67:b1:04:82:28:d6:98:5a:
cf:0d:95:a5:d1:76:e8:34:e1:28:d7:42:62:b0:d0:87:13:ab:
45:cc:86:7a:c3:b2:86:3f:c3:10:98:4d:4c:8a:99:6b:b4:2c:
26:b1:e5:e3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbMomvm1Ib4AMRUPxWoan1nEtvlswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwNDEwNDNaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkODQ5ZmJjYzZjMzFiYTM5ZmE1NDU5NDY5MzAzYjg3YTVmZTg2NDVmMDU3
NGY0ZjMyYTA2MzQwZGI5YmUzOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKRY+n13G4WVfSWBF8pf3C0E3jerhcLRr7ZJ1TPUjy4BVRYwiwozpRhLnB5
D+u7DvEp7yB18wX0H62ub1gusqZqFHulfirfVEXkLoPks/RKxQCqHNvRDWrmBqDx
Mes89EZjVb9gl5DWeIQaa0ldgMkfl0tSMH0DGcwW1mUXAa791xOpQPNypFGqaRqO
4/2NJUbLhzRKHWJC+tJAU2r9h8qcI0vyf6zynr/ReT1N1Diqd6wPYcqD56uiVX0T
QRRtdfFYcgw1EZMi/joKUjbMNlQBTJVf6Scczi78Ky1YLBwscmNPcuWLq8oCiq8l
9mae9zZ1FddfNAHOuCfxM94OglECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQzm7dx
xRRKYAVi+jbnE+9D2m7frzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY1MjYyMzMtNDA2Mi00NjNiLWJmZDAtYmJlMWQxMjg5MWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
EDANBgkqhkiG9w0BAQsFAAOCAQEAjFaH7J2/4sx49pewtR5oHGPyO0jskgbHDZLb
2rDL9KPhTmo+G7KofE0EwH7/V4td3kHU9CwGay3u1K+VGtfYbvNya0T5t9MUxYA8
/zMqee7mdjVckdTRCipOf7FBE2SRrBgc/YzLQE/qCPtI61NhURsfcBOlpOVajsVz
ipHEZG2e3QXdhBmBZihV2DkYf0CDdghZZXtmBmWCYwLUv0l+4lPVn235PG8n7qWi
7BG4B++NwzRyq5K7AVuVpNPVLlntDJo8nBc4fqzrUkcCXOHCP2exBIIo1phazw2V
pdF26DThKNdCYrDQhxOrRcyGesOyhj/DEJhNTIqZa7QsJrHl4w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:40 2026 by rpki-client