Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
File: 8bc6184b-4b16-4844-96e2-71541ff10974.roa (raw, json)
Hash identifier: cQbFrKvfBzADfhty0nBkAAlK3nqltVwp+z4SPf9RYV8=
Subject key identifier: A1:5A:CD:14:B4:90:3E:8D:3C:86:D8:44:C5:60:B9:E2:47:6E:BE:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B4D35200894D2CFF39CFD87B917391E12040C78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
Signing time: Tue 17 Feb 2026 03:00:12 +0000
ROA not before: Tue 17 Feb 2026 03:00:12 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:4d:35:20:08:94:d2:cf:f3:9c:fd:87:b9:17:39:1e:12:04:0c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:12 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=f7930657430ff7c0727e3f774e2be38943b719c8bece5203d4903f3ac8d980fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9f:b6:be:63:bb:b1:ee:1a:c2:b1:d9:41:ad:
0d:75:3f:ff:11:fa:07:19:8a:54:56:76:c9:17:f0:
ef:5f:68:71:fa:c7:8f:ea:27:1f:d7:b2:48:7b:6f:
73:09:96:1c:87:cc:1c:59:01:45:fa:f6:f7:83:7c:
3c:d2:d3:2e:7f:87:5f:1d:b7:8f:26:d8:bc:6a:8e:
55:f8:65:d3:25:a7:f6:10:2e:b5:d4:ba:d1:46:6a:
24:99:77:7f:b2:1f:64:19:7d:a2:4f:49:e1:90:4f:
fa:f4:3e:0c:53:44:4f:2c:e9:c6:b4:c3:15:d0:db:
ac:29:58:b3:e7:80:ab:db:54:82:15:e1:39:eb:b5:
13:d0:8f:17:93:47:b2:76:23:b4:01:7f:41:6d:3b:
f7:a6:c4:90:ed:47:5d:d2:58:eb:4b:10:53:13:24:
8f:af:80:0f:b6:9a:e8:78:84:1b:0f:22:a3:f3:ca:
8c:51:6f:86:74:61:91:3d:0d:0c:6d:10:a2:93:37:
e6:b3:7d:c6:ab:11:e4:0c:2c:9e:bf:22:fd:f2:e4:
ba:f6:5c:3a:99:98:59:43:3f:77:bf:d5:5d:18:f9:
49:34:83:23:85:42:63:f8:f2:65:6a:a2:cf:32:a7:
23:78:17:8a:89:f2:5e:f2:b0:20:69:7a:60:25:c3:
ed:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:5A:CD:14:B4:90:3E:8D:3C:86:D8:44:C5:60:B9:E2:47:6E:BE:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
5a:bd:ca:c4:4a:94:54:a9:42:16:6e:8e:27:39:7f:0b:78:0b:
ab:0c:08:5d:6f:5a:e6:b2:da:33:f0:aa:a7:10:d8:b0:0b:a0:
bd:2c:19:12:79:da:5d:b5:fd:2a:d2:71:bb:9a:e2:ad:f8:dc:
5e:d3:f1:82:99:87:6f:92:e0:84:8a:2f:c2:b3:6d:24:93:ee:
f0:7d:a5:d1:05:9a:17:c4:9b:e9:91:12:b4:71:e8:f8:2e:5f:
af:a6:51:35:63:d6:e2:c4:6a:ba:38:e4:7f:dc:6e:64:36:87:
33:59:49:0b:5c:cc:cb:48:80:da:de:6d:17:94:6c:ca:67:b6:
2e:d2:b5:ed:0f:e0:d3:36:e9:54:8b:15:5d:3f:ec:bb:8d:7b:
3e:49:1e:dd:5b:73:fd:53:3b:a5:b2:7c:07:64:7a:61:74:d3:
30:07:66:06:ad:ad:5b:b1:06:db:89:c0:dc:89:c8:06:02:e6:
07:e2:05:49:a7:ad:45:03:af:9f:73:a6:1b:d6:1a:f8:22:a8:
af:f5:d4:90:cc:bc:f9:1d:c1:f4:ff:97:60:be:7d:ce:8f:92:
74:c9:de:9b:f3:9e:3d:91:1a:4b:5b:a5:60:a8:03:3c:15:d9:
e6:bc:65:0a:33:b3:1e:39:b6:f1:71:1a:6f:ea:eb:15:96:4f:
9c:ef:0e:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa001IAiU0s/znP2HuRc5HhIEDHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMTJaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3OTMwNjU3NDMwZmY3YzA3MjdlM2Y3NzRlMmJlMzg5NDNiNzE5YzhiZWNl
NTIwM2Q0OTAzZjNhYzhkOTgwZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+ftr5ju7HuGsKx2UGtDXU//xH6BxmKVFZ2yRfw719ocfrHj+onH9eySHtv
cwmWHIfMHFkBRfr294N8PNLTLn+HXx23jybYvGqOVfhl0yWn9hAutdS60UZqJJl3
f7IfZBl9ok9J4ZBP+vQ+DFNETyzpxrTDFdDbrClYs+eAq9tUghXhOeu1E9CPF5NH
snYjtAF/QW0796bEkO1HXdJY60sQUxMkj6+AD7aa6HiEGw8io/PKjFFvhnRhkT0N
DG0QopM35rN9xqsR5Awsnr8i/fLkuvZcOpmYWUM/d7/VXRj5STSDI4VCY/jyZWqi
zzKnI3gXionyXvKwIGl6YCXD7ZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShWs0U
tJA+jTyG2ETFYLniR26+/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGJjNjE4NGItNGIxNi00ODQ0LTk2ZTItNzE1NDFmZjEwOTc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQBavcrESpRUqUIWbo4nOX8LeAurDAhdb1rmstoz
8KqnENiwC6C9LBkSedpdtf0q0nG7muKt+Nxe0/GCmYdvkuCEii/Cs20kk+7wfaXR
BZoXxJvpkRK0cej4Ll+vplE1Y9bixGq6OOR/3G5kNoczWUkLXMzLSIDa3m0XlGzK
Z7Yu0rXtD+DTNulUixVdP+y7jXs+SR7dW3P9UzulsnwHZHphdNMwB2YGra1bsQbb
icDcicgGAuYH4gVJp61FA6+fc6Yb1hr4Iqiv9dSQzLz5HcH0/5dgvn3Oj5J0yd6b
8549kRpLW6VgqAM8FdnmvGUKM7MeObbxcRpv6usVlk+c7w6h
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:12:59 2026 by rpki-client