Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa
File: 7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa (raw, json)
Hash identifier: CQqdULetQMZHC1I9MoQ8425b24Liqtp2KSzXZ0tA6FM=
Subject key identifier: CF:52:D9:DB:93:6D:BE:FE:50:25:AD:A3:2D:68:B9:09:17:7D:BA:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 637E1F743B702B3FAA678492FD34327E587B3E23
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa
Signing time: Wed 11 Feb 2026 01:30:31 +0000
ROA not before: Wed 11 Feb 2026 01:30:31 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:7e:1f:74:3b:70:2b:3f:aa:67:84:92:fd:34:32:7e:58:7b:3e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:31 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=7ee2214547909b9e40d6129ab7c0f21f8f668eb1d54a1bb694d1ab43920f052d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4b:d0:14:e1:e0:ad:b6:dc:3e:58:25:ba:89:
9b:40:06:07:87:b3:fd:9e:29:e3:93:89:00:d2:8d:
92:9f:0f:df:4a:e1:9f:f0:a7:12:99:60:90:6c:61:
b5:ee:a3:85:57:71:b1:19:a2:c4:78:f2:00:b6:de:
58:4c:bd:c7:fe:df:6a:ab:5b:4f:29:98:c2:9e:31:
fe:28:60:26:c5:b4:22:7a:66:26:9c:57:57:b2:12:
d2:ba:e9:d8:e3:06:27:b6:c7:bd:e3:68:78:60:3f:
2d:c1:ea:7b:6e:75:ff:a6:40:89:72:bd:8e:93:c3:
2e:fa:de:be:f8:08:07:e4:d5:8f:f0:db:c8:70:75:
44:a9:3b:10:ac:51:80:3a:fc:f5:ba:74:1c:fb:f6:
68:0d:dc:11:14:37:94:8c:ca:b2:50:bf:fd:22:31:
76:cf:bc:4c:de:65:b9:ac:18:68:cd:94:2c:b3:72:
61:55:21:b8:5c:ed:89:0b:62:0c:79:06:6a:e7:70:
84:ca:e8:3e:17:07:29:9a:68:77:fe:0c:e2:6a:54:
62:a6:92:72:18:7e:0b:b6:56:a9:69:df:c9:00:17:
60:bf:4a:68:de:26:dc:d3:10:3f:55:0e:c2:ee:36:
76:3f:26:84:01:a2:3f:e2:c6:ae:e8:02:37:26:99:
cd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:52:D9:DB:93:6D:BE:FE:50:25:AD:A3:2D:68:B9:09:17:7D:BA:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:e080::/48
Signature Algorithm: sha256WithRSAEncryption
61:e3:e6:c0:f2:db:c3:22:c8:6a:3e:fb:bf:a9:69:15:ba:3e:
c3:79:1a:d2:29:2a:cd:7b:b6:07:61:ce:b2:6c:01:87:73:79:
c8:89:68:2c:2c:53:45:6b:63:e5:10:58:9d:50:03:9d:62:e8:
d9:c3:e9:15:5c:6f:52:23:0e:ad:7b:da:88:78:ea:7d:01:b8:
c8:5e:68:e4:2c:21:a5:bd:d6:3a:4e:67:e3:fc:8d:bd:1f:71:
ce:62:ce:22:74:f9:97:b3:f8:bc:c3:f8:04:b0:c0:5e:51:e9:
3b:09:74:42:5b:ba:ff:f0:ff:ea:6b:5a:9e:de:cc:ad:04:f2:
1a:f2:d5:5f:29:8f:38:f6:c9:cf:c1:93:a5:ed:70:21:39:ec:
63:74:74:17:e3:9a:d6:d7:cc:6d:6a:90:c7:62:c8:ba:80:17:
50:32:f0:7e:5d:90:aa:6f:ad:1e:80:8f:bb:79:64:27:5f:b3:
0c:e6:0f:cf:2d:bf:5b:88:b6:ea:24:55:5a:74:71:55:fc:05:
c8:de:e0:fc:f5:f6:76:cf:c1:b2:51:4d:ad:a4:68:0e:46:8f:
32:4e:a3:64:06:4e:a1:8e:8c:ad:bd:e2:d3:a3:ee:13:69:28:
64:45:63:88:82:64:86:b5:f8:86:d3:fc:e1:76:5d:d7:a2:a4:
e7:d4:f9:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUY34fdDtwKz+qZ4SS/TQyflh7PiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwMzFaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlZTIyMTQ1NDc5MDliOWU0MGQ2MTI5YWI3YzBmMjFmOGY2NjhlYjFkNTRh
MWJiNjk0ZDFhYjQzOTIwZjA1MmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5L0BTh4K223D5YJbqJm0AGB4ez/Z4p45OJANKNkp8P30rhn/CnEplgkGxh
te6jhVdxsRmixHjyALbeWEy9x/7faqtbTymYwp4x/ihgJsW0InpmJpxXV7IS0rrp
2OMGJ7bHveNoeGA/LcHqe251/6ZAiXK9jpPDLvrevvgIB+TVj/DbyHB1RKk7EKxR
gDr89bp0HPv2aA3cERQ3lIzKslC//SIxds+8TN5luawYaM2ULLNyYVUhuFztiQti
DHkGaudwhMroPhcHKZpod/4M4mpUYqaSchh+C7ZWqWnfyQAXYL9KaN4m3NMQP1UO
wu42dj8mhAGiP+LGrugCNyaZzfkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTPUtnb
k22+/lAlraMtaLkJF326KjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2QxNzI2ZTUtZTljNC00ZDA1LWFmMDktZGQzMmYyMjE5Y2M4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Grg
gDANBgkqhkiG9w0BAQsFAAOCAQEAYePmwPLbwyLIaj77v6lpFbo+w3ka0ikqzXu2
B2HOsmwBh3N5yIloLCxTRWtj5RBYnVADnWLo2cPpFVxvUiMOrXvaiHjqfQG4yF5o
5Cwhpb3WOk5n4/yNvR9xzmLOInT5l7P4vMP4BLDAXlHpOwl0Qlu6//D/6mtant7M
rQTyGvLVXymPOPbJz8GTpe1wITnsY3R0F+Oa1tfMbWqQx2LIuoAXUDLwfl2Qqm+t
HoCPu3lkJ1+zDOYPzy2/W4i26iRVWnRxVfwFyN7g/PX2ds/BslFNraRoDkaPMk6j
ZAZOoY6Mrb3i06PuE2koZEVjiIJkhrX4htP84XZd16Kk59T5Qw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:55 2026 by rpki-client