Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
File: 7cde858d-62b0-4607-8c80-6907e7e92d59.roa (raw, json)
Hash identifier: 8oxWW6XtCDHtVN9W3c80UUYe/wLn0GJSXJX7ET3uWsA=
Subject key identifier: F0:2F:CD:F7:D4:63:03:E5:74:39:34:5E:27:8E:D9:B9:FA:28:6B:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13EB1F32E940591D56C9DE69312AF2375DBCB7DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
Signing time: Tue 17 Feb 2026 03:00:51 +0000
ROA not before: Tue 17 Feb 2026 03:00:51 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:eb:1f:32:e9:40:59:1d:56:c9:de:69:31:2a:f2:37:5d:bc:b7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:51 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=561d129c6e78bc617daa087bbebac7c25294108dc1799836ec34e2e5739af37c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d0:a0:11:e3:a6:51:98:5e:f5:b1:21:ba:9b:
11:4c:21:6b:89:40:19:be:76:07:87:2c:ee:38:6a:
25:68:49:77:d5:b4:6a:70:87:62:29:0c:54:89:71:
08:25:d9:7c:8b:58:1a:c5:01:4c:a4:be:ff:ab:98:
50:98:11:95:09:0a:5f:31:61:89:8e:98:04:d6:6b:
25:48:be:3a:18:4d:ec:55:b8:89:b3:9b:87:68:c4:
a5:e8:9f:8a:3b:c3:74:9a:72:20:c6:7b:e6:b6:28:
b2:50:d4:b1:49:a8:fb:49:e3:74:d2:7b:11:e6:d7:
dd:4c:f5:f1:76:d9:10:46:8c:40:43:60:35:50:1b:
ea:65:53:83:fc:79:98:f2:82:78:a1:39:c5:2f:97:
d3:53:25:34:ab:9d:09:92:1c:38:a3:f7:67:46:ac:
19:e9:df:ea:26:56:3b:95:aa:92:da:a4:db:56:48:
37:c0:1a:20:92:0d:ce:d0:6a:25:3d:d3:22:2f:f4:
a7:1b:cd:e9:cd:ae:d8:69:f8:b0:d9:04:89:bd:dd:
09:4d:a8:a2:df:aa:80:46:4a:85:9e:1d:19:1f:71:
07:1e:00:80:5a:a0:ca:28:5b:62:87:34:3a:44:ff:
7d:62:1a:d2:f2:65:49:4e:51:e8:fb:f4:4a:a7:98:
ef:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2F:CD:F7:D4:63:03:E5:74:39:34:5E:27:8E:D9:B9:FA:28:6B:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
6c:7f:39:25:3d:ec:3a:7f:2c:b5:8a:54:31:9c:d0:b4:db:f9:
c4:dd:a8:30:0b:51:16:3a:a7:42:b4:7c:8d:ee:b0:e6:54:f2:
9a:f6:f1:72:53:06:b5:55:38:8c:00:ce:dc:ba:f1:90:1c:e9:
03:24:ce:44:f7:c7:ce:c4:70:f4:91:48:9e:c5:6d:bb:4b:82:
2b:25:d8:c4:a4:78:fd:27:98:3b:87:e0:02:99:70:be:b7:fc:
52:05:52:c6:a6:92:b9:7c:8a:0c:06:cb:bb:9a:4c:86:59:c5:
6f:fd:2a:64:bd:ce:aa:c4:e1:f2:fa:90:19:56:e8:2e:b5:73:
82:e0:d6:8c:32:c5:4c:23:fb:a5:f5:a9:90:31:c5:81:17:d0:
09:3c:94:26:4e:e4:4a:5a:2a:88:fa:df:ef:1b:e1:9d:13:d5:
c1:f4:f9:41:11:79:d4:96:29:ae:3b:77:19:11:f0:a6:f9:5b:
c3:3f:eb:25:a2:5c:c5:22:35:ce:39:d1:a1:2a:aa:e1:b6:fe:
10:25:fb:1a:57:6e:d1:4c:db:25:34:e7:81:10:fb:32:6f:c5:
1d:c9:8f:8b:48:c4:87:d6:78:82:b6:c0:39:cc:f9:b0:e5:1d:
26:d3:fc:6d:36:e4:85:2a:23:d2:86:ea:5f:d3:bf:33:ff:81:
f6:50:ee:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE+sfMulAWR1Wyd5pMSryN128t9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwNTFaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2MWQxMjljNmU3OGJjNjE3ZGFhMDg3YmJlYmFjN2MyNTI5NDEwOGRjMTc5
OTgzNmVjMzRlMmU1NzM5YWYzN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPQoBHjplGYXvWxIbqbEUwha4lAGb52B4cs7jhqJWhJd9W0anCHYikMVIlx
CCXZfItYGsUBTKS+/6uYUJgRlQkKXzFhiY6YBNZrJUi+OhhN7FW4ibObh2jEpeif
ijvDdJpyIMZ75rYoslDUsUmo+0njdNJ7EebX3Uz18XbZEEaMQENgNVAb6mVTg/x5
mPKCeKE5xS+X01MlNKudCZIcOKP3Z0asGenf6iZWO5Wqktqk21ZIN8AaIJINztBq
JT3TIi/0pxvN6c2u2Gn4sNkEib3dCU2oot+qgEZKhZ4dGR9xBx4AgFqgyihbYoc0
OkT/fWIa0vJlSU5R6Pv0SqeY72UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTwL833
1GMD5XQ5NF4njtm5+ihrnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NkZTg1OGQtNjJiMC00NjA3LThjODAtNjkwN2U3ZTkyZDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBsfzklPew6fyy1ilQxnNC02/nE3agwC1EWOqdC
tHyN7rDmVPKa9vFyUwa1VTiMAM7cuvGQHOkDJM5E98fOxHD0kUiexW27S4IrJdjE
pHj9J5g7h+ACmXC+t/xSBVLGppK5fIoMBsu7mkyGWcVv/Spkvc6qxOHy+pAZVugu
tXOC4NaMMsVMI/ul9amQMcWBF9AJPJQmTuRKWiqI+t/vG+GdE9XB9PlBEXnUlimu
O3cZEfCm+VvDP+slolzFIjXOOdGhKqrhtv4QJfsaV27RTNslNOeBEPsyb8UdyY+L
SMSH1niCtsA5zPmw5R0m0/xtNuSFKiPShupf078z/4H2UO5E
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:12 2026 by rpki-client