Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/786da755-a3b1-48c5-b605-b8cfe294d18b.roa
File: 786da755-a3b1-48c5-b605-b8cfe294d18b.roa (raw, json)
Hash identifier: clHMVDkzPi5pUVpMQNtTFoBZgGQdIkMjYNxXCUoOtJY=
Subject key identifier: B4:90:C0:F5:8D:86:7D:C7:74:C9:49:A3:6B:A6:18:D1:45:AA:CA:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CCC7FD6561B0F723290926EBEEEC40BC7979CB5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/786da755-a3b1-48c5-b605-b8cfe294d18b.roa
Signing time: Fri 13 Feb 2026 15:20:29 +0000
ROA not before: Fri 13 Feb 2026 15:20:29 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:cc:7f:d6:56:1b:0f:72:32:90:92:6e:be:ee:c4:0b:c7:97:9c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:29 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=86c037308103a5fdc43238effa28b61e8a55ea9d6d8f9c7b4d9d5a8ca112ad51, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:71:08:39:af:ad:7c:d6:79:85:e2:1d:f6:a1:
50:aa:b8:5e:87:d0:ce:28:28:49:39:51:23:80:91:
0b:ac:c9:bc:75:49:60:0f:9b:93:80:a3:13:e0:b0:
38:7b:0f:20:a1:58:1a:2a:e8:25:36:28:ce:c2:06:
3e:02:d4:68:e2:ea:3c:85:fe:c1:9e:e4:b4:10:93:
f3:be:a2:72:99:ed:51:6f:fa:f2:ce:63:b0:08:cf:
d9:c3:5c:da:3f:e8:1a:2b:56:ac:5e:2f:c2:9b:f9:
f4:a6:89:15:15:d6:e4:39:e5:1f:0f:68:e6:a7:d0:
2b:1d:6f:8b:4b:6d:fc:50:36:b2:2d:6c:df:38:77:
60:dc:83:16:70:e7:f3:7d:65:44:55:31:d2:07:12:
c8:ee:20:24:74:1d:e6:63:ce:d5:e9:ce:bb:e8:c4:
6b:5d:25:af:a3:29:34:1f:12:14:5e:d6:c2:9f:a0:
83:61:cd:f3:33:ab:c2:34:b7:25:56:9c:e3:e2:a4:
4f:d4:28:a8:44:df:d3:87:77:46:2c:54:87:4d:7b:
ed:84:db:d7:72:e0:9e:4f:15:20:21:3a:d7:ba:1e:
69:eb:83:95:b0:7d:1f:be:77:03:a8:9a:1d:70:13:
59:95:08:6e:3e:28:18:dd:8c:3f:a2:2e:3a:18:41:
22:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:90:C0:F5:8D:86:7D:C7:74:C9:49:A3:6B:A6:18:D1:45:AA:CA:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/786da755-a3b1-48c5-b605-b8cfe294d18b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
98:34:18:68:d2:7f:3b:2d:b7:3b:19:18:33:e6:e6:cf:20:08:
48:d4:81:ac:77:fb:b6:a7:60:9a:eb:28:6e:05:57:9e:c0:c2:
cf:e6:39:47:7a:42:d7:7a:49:ee:7a:ee:7a:a0:00:74:b2:58:
d5:5b:3e:e3:5d:72:e5:5a:25:6f:85:49:88:ba:43:82:b8:34:
f3:86:09:96:df:16:0e:4c:fc:2d:3a:40:8c:e7:92:bd:5e:d8:
8a:b2:b7:cb:3f:f8:ea:6d:85:f9:b7:84:e0:d0:00:09:b4:6f:
98:5e:e1:dc:a1:40:07:fc:2e:aa:b6:c2:20:e3:39:83:a8:33:
f5:05:72:8b:1a:2e:fa:c2:b1:5f:ae:49:e1:a7:fa:d4:cb:bc:
86:15:23:f6:64:23:58:e9:a4:54:ca:6b:0f:22:dc:15:97:4c:
d0:5f:1a:d8:18:2a:8b:6c:13:04:58:a8:27:19:de:05:30:46:
7e:8b:7a:f1:8c:03:4b:43:ad:73:12:fd:81:42:3c:e3:2c:3b:
b6:07:40:59:bb:f0:20:89:47:de:b1:6a:cf:d0:97:43:ed:0a:
9c:a5:dd:7a:76:f5:7b:75:7c:4c:1e:a2:05:f6:78:a6:bb:d1:
ad:05:9e:ad:3f:9e:be:12:7e:0c:45:52:f5:bb:0f:9a:54:c9:
4c:4b:f3:1f
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUDMx/1lYbD3IykJJuvu7EC8eXnLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMjlaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2YzAzNzMwODEwM2E1ZmRjNDMyMzhlZmZhMjhiNjFlOGE1NWVhOWQ2ZDhm
OWM3YjRkOWQ1YThjYTExMmFkNTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANlxCDmvrXzWeYXiHfahUKq4XofQzigoSTlRI4CRC6zJvHVJYA+bk4CjE+Cw
OHsPIKFYGiroJTYozsIGPgLUaOLqPIX+wZ7ktBCT876icpntUW/68s5jsAjP2cNc
2j/oGitWrF4vwpv59KaJFRXW5DnlHw9o5qfQKx1vi0tt/FA2si1s3zh3YNyDFnDn
831lRFUx0gcSyO4gJHQd5mPO1enOu+jEa10lr6MpNB8SFF7Wwp+gg2HN8zOrwjS3
JVac4+KkT9QoqETf04d3RixUh0177YTb13Lgnk8VICE617oeaeuDlbB9H753A6ia
HXATWZUIbj4oGN2MP6IuOhhBIsMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS0kMD1
jYZ9x3TJSaNrphjRRarK7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzg2ZGE3NTUtYTNiMS00OGM1LWI2MDUtYjhjZmUyOTRkMThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBAJg0GGjSfzsttzsZGDPm5s8gCEjUgax3+7anYJrr
KG4FV57Aws/mOUd6Qtd6Se567nqgAHSyWNVbPuNdcuVaJW+FSYi6Q4K4NPOGCZbf
Fg5M/C06QIznkr1e2Iqyt8s/+Opthfm3hODQAAm0b5he4dyhQAf8Lqq2wiDjOYOo
M/UFcosaLvrCsV+uSeGn+tTLvIYVI/ZkI1jppFTKaw8i3BWXTNBfGtgYKotsEwRY
qCcZ3gUwRn6LevGMA0tDrXMS/YFCPOMsO7YHQFm78CCJR96xas/Ql0PtCpyl3Xp2
9Xt1fEweogX2eKa70a0Fnq0/nr4SfgxFUvW7D5pUyUxL8x8=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:49 2026 by rpki-client