Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
File: 7a025e69-9e3e-460c-9734-42e9bd14485c.roa (raw, json)
Hash identifier: 5kvZ2cxVebXhSK1b3PpQKw+ISOW9/SeoQ+SBgUJ4Knc=
Subject key identifier: 1D:35:0D:A3:44:2E:B4:E8:97:34:CE:C9:3A:37:5D:EA:9B:8B:D0:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73A30A0A2C615FD8111A0D7B5DB58F835986174F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
Signing time: Fri 20 Feb 2026 01:50:05 +0000
ROA not before: Fri 20 Feb 2026 01:50:05 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:a3:0a:0a:2c:61:5f:d8:11:1a:0d:7b:5d:b5:8f:83:59:86:17:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:05 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=601e300b9cdfd8b5790ee05928f70d4bde53ff3fce8ba341ab3463451dd970e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b7:d6:74:e8:25:8d:fe:0e:02:fb:b6:5e:03:
6a:b4:90:8c:df:58:d1:99:2b:38:13:fb:60:86:59:
a5:b7:3a:07:02:da:1c:c4:28:8c:1f:33:23:b7:15:
a5:3b:1b:c1:95:37:8c:5c:83:ed:ea:fd:c7:e8:c7:
3d:db:7b:a7:2b:cf:27:11:48:bb:3c:e1:60:d4:9b:
b6:ad:89:66:28:da:ff:cd:ed:c8:0e:21:c1:9a:9c:
cc:ce:00:28:65:25:84:8b:d7:75:51:ee:c4:d5:8f:
d0:9a:42:eb:ee:71:d5:49:2a:17:5f:5c:21:34:e4:
aa:cf:0e:54:6f:9d:aa:33:a3:74:08:d8:7f:14:b0:
28:8e:5c:24:ef:ed:bf:ce:28:86:77:8f:6c:2c:fe:
b9:f3:d2:95:a6:04:02:6e:c2:ee:a8:8a:40:0f:fb:
98:ce:22:10:46:e5:95:8c:b5:68:0e:e7:17:41:78:
8c:c5:00:1f:cb:95:a2:18:51:34:9e:d1:9f:a6:a8:
52:9b:0f:76:76:32:c0:1e:e0:19:fa:a0:98:dd:b9:
df:d6:9c:10:df:a9:e8:be:17:39:b6:3b:70:42:d9:
7f:2c:e2:55:4a:7d:6e:1d:e0:1f:3c:b5:07:41:85:
41:a7:f4:6c:5a:e4:86:95:44:f8:37:a5:e5:b0:4b:
63:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:35:0D:A3:44:2E:B4:E8:97:34:CE:C9:3A:37:5D:EA:9B:8B:D0:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:b7:77:87:85:5f:54:a9:bc:e3:19:e9:2e:dd:7d:2b:1b:39:
5c:1e:9e:a9:3c:f6:cb:58:b3:14:7d:68:32:e2:24:ec:fc:d5:
60:35:c7:86:5d:4f:d6:26:fa:a2:fa:03:13:18:66:d6:40:b1:
a9:24:bc:cf:bb:f7:8b:06:e8:bf:db:c9:d1:67:10:14:d5:d2:
5c:50:02:c3:8b:2a:47:63:dd:ab:96:c4:a5:a3:cc:bf:f4:b7:
49:ba:9d:01:a6:2e:88:5c:1e:ec:36:70:78:25:db:ed:77:6e:
32:07:f6:f2:a8:9a:41:1c:9b:3d:31:a7:2c:94:22:03:67:9c:
78:2b:d5:cc:66:6f:e5:34:05:0e:bb:cb:26:05:27:ce:e0:ec:
39:8c:99:31:1e:f3:98:f1:9b:27:c5:c6:fb:3e:13:67:d8:3a:
e9:58:5e:4b:2c:8b:ad:23:29:4c:3c:2e:bb:d4:e3:d9:8a:8b:
c4:1f:a8:cc:af:ea:66:82:a4:c6:c3:b0:7b:70:0b:5b:29:ba:
db:48:20:9c:26:7e:ea:09:dc:d1:72:2a:52:a3:14:67:88:41:
5e:ac:8c:77:11:46:f5:34:6b:21:15:28:a4:e6:ea:ae:87:c3:
00:3c:d0:c5:2f:8c:70:6c:a5:c9:d3:9d:50:47:c0:b5:fb:9a:
e7:e3:0c:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc6MKCixhX9gRGg17XbWPg1mGF08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMDVaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwMWUzMDBiOWNkZmQ4YjU3OTBlZTA1OTI4ZjcwZDRiZGU1M2ZmM2ZjZThi
YTM0MWFiMzQ2MzQ1MWRkOTcwZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALS31nToJY3+DgL7tl4DarSQjN9Y0ZkrOBP7YIZZpbc6BwLaHMQojB8zI7cV
pTsbwZU3jFyD7er9x+jHPdt7pyvPJxFIuzzhYNSbtq2JZija/83tyA4hwZqczM4A
KGUlhIvXdVHuxNWP0JpC6+5x1UkqF19cITTkqs8OVG+dqjOjdAjYfxSwKI5cJO/t
v84ohnePbCz+ufPSlaYEAm7C7qiKQA/7mM4iEEbllYy1aA7nF0F4jMUAH8uVohhR
NJ7Rn6aoUpsPdnYywB7gGfqgmN2539acEN+p6L4XObY7cELZfyziVUp9bh3gHzy1
B0GFQaf0bFrkhpVE+Del5bBLY5sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdNQ2j
RC606Jc0zsk6N13qm4vQ+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EwMjVlNjktOWUzZS00NjBjLTk3MzQtNDJlOWJkMTQ0ODVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQCzt3eHhV9UqbzjGeku3X0rGzlcHp6pPPbLWLMU
fWgy4iTs/NVgNceGXU/WJvqi+gMTGGbWQLGpJLzPu/eLBui/28nRZxAU1dJcUALD
iypHY92rlsSlo8y/9LdJup0Bpi6IXB7sNnB4Jdvtd24yB/byqJpBHJs9MacslCID
Z5x4K9XMZm/lNAUOu8smBSfO4Ow5jJkxHvOY8Zsnxcb7PhNn2DrpWF5LLIutIylM
PC671OPZiovEH6jMr+pmgqTGw7B7cAtbKbrbSCCcJn7qCdzRcipSoxRniEFerIx3
EUb1NGshFSik5uquh8MAPNDFL4xwbKXJ051QR8C1+5rn4wzF
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:19:06 2026 by rpki-client