Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
File: 8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa (raw, json)
Hash identifier: IQOOVPEOaYa/MCgOQNTEpo3JLN87XjnYpons6Ikl6yU=
Subject key identifier: C7:6C:77:6E:77:E0:53:20:19:42:E4:0A:63:2F:3C:A1:32:95:EB:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AEA7CE37FA4E20B9DD52ABAE7074BE66CAE0E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
Signing time: Fri 13 Feb 2026 15:20:33 +0000
ROA not before: Fri 13 Feb 2026 15:20:33 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:ea:7c:e3:7f:a4:e2:0b:9d:d5:2a:ba:e7:07:4b:e6:6c:ae:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:33 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=c4ec72f04fa650153cd811013c2aac6f1e4ea450ab8709b0f97b51ee1915a07a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1f:5c:49:fb:e7:2b:1c:b4:e1:0b:89:22:a8:
e2:33:6a:c6:9d:1e:83:00:9d:30:50:9e:9b:b5:e7:
27:62:1b:d2:43:72:17:e0:7d:de:65:8d:29:67:9a:
40:b5:94:25:66:2f:a1:9c:27:52:60:42:a3:93:56:
f4:81:bd:78:c4:5c:02:b8:34:ad:0a:63:61:c5:2b:
f3:8f:77:5f:7f:5b:9d:ff:fa:7f:df:8c:79:e4:19:
bc:a0:c1:b3:30:28:ce:3e:31:ac:35:04:3d:dc:fd:
4e:ec:67:49:43:ef:57:21:69:e2:b3:2f:3e:bf:1c:
c0:e5:b8:04:d0:e4:b2:91:75:39:e3:5b:63:28:48:
2c:f5:f1:de:ce:9f:42:6e:a1:98:6e:c2:b6:44:c0:
ea:17:21:cf:a2:05:b9:e2:49:6a:60:32:dc:e5:bf:
e7:ad:4a:f7:17:28:99:4b:8a:7d:4e:8e:58:7c:db:
b8:44:60:05:9c:1a:fb:1a:56:5e:30:a4:89:02:92:
64:75:e1:b3:8a:f5:49:df:01:14:ec:78:05:d0:9f:
7f:35:fb:33:e5:5d:20:ab:10:70:20:a4:c0:26:46:
51:b3:d4:8a:c2:0c:fd:65:25:80:24:12:6c:63:60:
a2:03:3b:57:c0:2e:5c:4f:c4:38:1a:15:b6:29:8a:
45:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:6C:77:6E:77:E0:53:20:19:42:E4:0A:63:2F:3C:A1:32:95:EB:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9040::/46
Signature Algorithm: sha256WithRSAEncryption
26:8b:db:96:c7:4e:7b:2d:cd:2e:36:c4:75:64:bb:f1:d9:78:
50:17:a4:aa:5e:67:91:10:ae:8c:79:72:66:52:a1:13:2f:9d:
d9:75:ab:50:ae:82:ea:6b:98:c9:26:21:17:c9:92:75:ad:f5:
97:48:7a:4a:70:6d:23:cf:6c:fb:a7:07:af:45:09:00:dc:5d:
c4:f9:bc:59:bd:41:85:6a:62:f8:93:e0:08:d0:a9:f5:0c:00:
cc:1f:ca:c8:c3:29:f4:f7:a8:80:99:77:30:bc:9b:66:19:1e:
11:44:d4:c9:d2:ea:49:be:b0:34:bd:a6:a6:a6:08:fd:03:3e:
a3:6c:8c:2c:7f:4a:aa:51:18:20:02:99:bc:74:25:4f:a5:29:
ca:ea:04:1f:11:bd:25:16:a8:65:e7:27:be:60:05:c0:86:fe:
6c:24:26:5b:12:bf:37:8d:23:dc:67:09:c2:da:c0:a2:f2:64:
4c:58:9d:ee:58:6a:dd:ae:8e:af:67:92:55:4e:13:f4:25:cf:
15:ea:c7:d7:96:0a:ae:53:70:34:58:7c:c6:cd:d5:69:4d:fc:
fe:d8:f6:b6:ab:fb:da:fb:d2:be:77:7f:90:38:54:13:58:74:
e3:06:39:38:5f:1b:95:23:2f:25:0c:0e:6c:41:79:6d:42:9c:
1a:89:05:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITWup843+k4gud1Sq65wdL5myuDjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI2MDIxMzE1MjAzM1oXDTI2MDUxNDIzNTk1OVowejFJMEcGA1UE
BRNAYzRlYzcyZjA0ZmE2NTAxNTNjZDgxMTAxM2MyYWFjNmYxZTRlYTQ1MGFiODcw
OWIwZjk3YjUxZWUxOTE1YTA3YTEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqR9cSfvnKxy04QuJIqjiM2rGnR6DAJ0wUJ6btecnYhvSQ3IX4H3eZY0pZ5pA
tZQlZi+hnCdSYEKjk1b0gb14xFwCuDStCmNhxSvzj3dff1ud//p/34x55Bm8oMGz
MCjOPjGsNQQ93P1O7GdJQ+9XIWnisy8+vxzA5bgE0OSykXU541tjKEgs9fHezp9C
bqGYbsK2RMDqFyHPogW54klqYDLc5b/nrUr3FyiZS4p9To5YfNu4RGAFnBr7GlZe
MKSJApJkdeGzivVJ3wEU7HgF0J9/Nfsz5V0gqxBwIKTAJkZRs9SKwgz9ZSWAJBJs
Y2CiAztXwC5cT8Q4GhW2KYpFbQIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFMdsd253
4FMgGULkCmMvPKEyleveMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC84
NTE4YjgxZC1jNzAwLTRkM2YtOGVmNC01YWJlOGQzNDhkM2Mucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgXQc5BA
MA0GCSqGSIb3DQEBCwUAA4IBAQAmi9uWx057Lc0uNsR1ZLvx2XhQF6SqXmeREK6M
eXJmUqETL53ZdatQroLqa5jJJiEXyZJ1rfWXSHpKcG0jz2z7pwevRQkA3F3E+bxZ
vUGFamL4k+AI0Kn1DADMH8rIwyn096iAmXcwvJtmGR4RRNTJ0upJvrA0vaampgj9
Az6jbIwsf0qqURggApm8dCVPpSnK6gQfEb0lFqhl5ye+YAXAhv5sJCZbEr83jSPc
ZwnC2sCi8mRMWJ3uWGrdro6vZ5JVThP0Jc8V6sfXlgquU3A0WHzGzdVpTfz+2Pa2
q/va+9K+d3+QOFQTWHTjBjk4XxuVIy8lDA5sQXltQpwaiQUT
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:10 2026 by rpki-client