Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
File: 88e98e26-39c9-4a1c-82e8-cc63267ca942.roa (raw, json)
Hash identifier: fKUpqxHp4X5QhkrVVtSzFc5H5+T8hPyYuqvequeAKPY=
Subject key identifier: E8:D3:D9:D2:18:DD:16:C1:66:BB:F9:70:A2:38:EC:B4:52:D9:9B:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 269AA76F50652637D4F75A4C16D4293B17CEEAAF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
Signing time: Fri 13 Feb 2026 15:20:06 +0000
ROA not before: Fri 13 Feb 2026 15:20:06 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:9a:a7:6f:50:65:26:37:d4:f7:5a:4c:16:d4:29:3b:17:ce:ea:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:06 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=31650dc0082f62c68877dcadc12eca6c90432f64f3331837d20b0f444ec9136a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ef:fe:6a:cb:88:dd:df:58:8a:49:e7:a3:e2:
4e:a2:96:65:47:13:17:c1:63:99:de:22:56:72:44:
1f:01:01:42:52:92:4e:21:f6:52:39:dd:06:fd:42:
cb:82:b1:aa:62:14:bd:b2:7b:ca:d8:af:01:8a:e2:
ea:0e:e0:a2:74:2b:b1:fb:81:ec:f5:05:9f:26:4f:
09:56:6d:b9:20:ce:ce:f5:97:86:a0:33:0d:d7:e8:
d2:7f:91:34:a1:05:d0:8c:fe:f0:61:34:37:11:e8:
84:7a:0c:20:d8:92:af:3b:1c:17:f3:1f:88:92:2f:
62:43:c9:e2:9f:5b:4f:f6:d3:15:74:05:d4:f2:20:
12:33:64:8d:5a:0b:67:0d:5b:29:62:d4:75:7a:32:
53:46:15:17:8e:94:0b:b8:3c:7a:3f:26:22:15:f0:
3e:c9:46:7c:6a:8e:df:e8:f1:70:1c:3c:7d:94:fb:
b3:7d:41:73:08:92:20:97:bf:08:9c:c1:49:95:a6:
1c:9e:fd:7c:24:ba:45:98:81:52:d8:54:80:2b:31:
8a:08:80:be:ca:93:82:6e:4b:ee:9f:72:24:eb:dd:
72:84:da:c9:d6:08:10:b8:03:5b:5f:4e:e5:f7:12:
12:3a:a4:bf:19:c7:65:43:38:d6:97:96:32:77:94:
03:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D3:D9:D2:18:DD:16:C1:66:BB:F9:70:A2:38:EC:B4:52:D9:9B:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8020::/46
Signature Algorithm: sha256WithRSAEncryption
52:15:b4:42:cf:67:bd:76:4c:d9:1e:a3:c3:a7:47:8c:64:57:
af:3b:a0:4c:e4:dc:5d:1b:c5:67:52:45:93:12:dd:b1:c8:23:
2b:d9:27:67:dc:ce:98:89:e8:18:75:32:30:9f:43:f1:58:3a:
36:b4:d1:64:a6:ae:39:74:22:a6:fe:fa:5d:bb:69:c7:4f:3f:
c9:9d:d2:38:e7:4d:90:1a:b1:80:28:42:f8:ad:6f:f4:76:4a:
ed:2b:cc:08:22:8f:96:d7:ac:08:80:c9:4b:91:5f:26:f2:d8:
53:25:8a:26:a5:04:8c:ea:9f:9e:6d:5a:b7:f2:a6:e1:07:c1:
ca:bc:a9:65:f7:c4:4c:c3:0a:3e:1b:2d:9a:02:32:70:4f:93:
72:3c:41:8d:53:1f:bf:30:df:27:1e:a1:b4:a7:11:99:19:44:
b9:34:5c:a8:73:be:2b:78:8b:b8:47:a4:da:e8:bb:1e:cd:4b:
94:96:1f:4c:90:96:0a:5a:64:f8:62:b2:3d:0a:55:f0:88:3f:
6e:33:e9:69:58:84:fe:34:95:7a:6b:2e:c7:80:e5:33:19:78:
f6:6b:86:ec:d1:6e:79:21:78:21:91:20:ee:f9:c4:20:ac:7c:
8d:94:7c:ce:5f:e9:38:81:25:97:06:59:0b:5b:87:ee:e5:88:
95:ca:32:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJpqnb1BlJjfU91pMFtQpOxfO6q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMDZaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxNjUwZGMwMDgyZjYyYzY4ODc3ZGNhZGMxMmVjYTZjOTA0MzJmNjRmMzMz
MTgzN2QyMGIwZjQ0NGVjOTEzNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPv/mrLiN3fWIpJ56PiTqKWZUcTF8Fjmd4iVnJEHwEBQlKSTiH2UjndBv1C
y4KxqmIUvbJ7ytivAYri6g7gonQrsfuB7PUFnyZPCVZtuSDOzvWXhqAzDdfo0n+R
NKEF0Iz+8GE0NxHohHoMINiSrzscF/MfiJIvYkPJ4p9bT/bTFXQF1PIgEjNkjVoL
Zw1bKWLUdXoyU0YVF46UC7g8ej8mIhXwPslGfGqO3+jxcBw8fZT7s31BcwiSIJe/
CJzBSZWmHJ79fCS6RZiBUthUgCsxigiAvsqTgm5L7p9yJOvdcoTaydYIELgDW19O
5fcSEjqkvxnHZUM41peWMneUA78CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTo09nS
GN0WwWa7+XCiOOy0UtmbfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODhlOThlMjYtMzljOS00YTFjLTgyZTgtY2M2MzI2N2NhOTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
IDANBgkqhkiG9w0BAQsFAAOCAQEAUhW0Qs9nvXZM2R6jw6dHjGRXrzugTOTcXRvF
Z1JFkxLdscgjK9knZ9zOmInoGHUyMJ9D8Vg6NrTRZKauOXQipv76Xbtpx08/yZ3S
OOdNkBqxgChC+K1v9HZK7SvMCCKPltesCIDJS5FfJvLYUyWKJqUEjOqfnm1at/Km
4QfByrypZffETMMKPhstmgIycE+TcjxBjVMfvzDfJx6htKcRmRlEuTRcqHO+K3iL
uEek2ui7Hs1LlJYfTJCWClpk+GKyPQpV8Ig/bjPpaViE/jSVemsux4DlMxl49muG
7NFueSF4IZEg7vnEIKx8jZR8zl/pOIEllwZZC1uH7uWIlcoyFA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:32 2026 by rpki-client