Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e3fdaff-455c-48d5-bbad-e4e6f2efcd8c.roa
File: 8e3fdaff-455c-48d5-bbad-e4e6f2efcd8c.roa (raw, json)
Hash identifier: t6xw6bamCme6GGPHzzDhdRu+S6oJfrtGcNtIScXz7mc=
Subject key identifier: 86:9F:34:AC:39:EE:BE:02:CA:50:1E:F8:39:21:A1:FE:73:5A:10:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A9650FE8527E4354ADF57890A5EBC7A8AC8F387
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e3fdaff-455c-48d5-bbad-e4e6f2efcd8c.roa
Signing time: Wed 11 Feb 2026 01:20:10 +0000
ROA not before: Wed 11 Feb 2026 01:20:10 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:96:50:fe:85:27:e4:35:4a:df:57:89:0a:5e:bc:7a:8a:c8:f3:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:20:10 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=5cc6e58e69c204fce1b1b0bf9f429dcd54bec929707af20d3e3bbea9be17a790, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:98:de:2b:36:38:b0:4e:93:6e:ad:0f:9e:b9:
3f:3a:cf:e1:0b:24:65:0d:bb:ba:ba:2e:dc:a0:17:
84:76:1a:4d:d3:0c:7a:f5:9b:a9:ae:d2:dd:5f:9a:
fe:48:1e:06:d2:1a:1a:f1:ee:d1:87:5c:61:0c:6f:
bb:ef:d1:f7:ef:00:59:e2:ad:9e:97:7f:10:f3:c9:
a6:0c:30:a2:13:81:a3:af:9a:6c:08:20:84:ec:c5:
10:58:32:f3:e4:9f:ff:20:fb:1d:17:ac:5d:61:e0:
82:8e:ba:07:be:75:5b:51:5e:ea:8d:a3:6a:14:92:
de:7f:ec:5a:b2:07:20:36:5c:00:f8:ac:ee:18:6c:
5f:fc:c5:6c:52:ae:2c:35:7f:bd:9d:72:cc:f8:99:
48:d2:94:38:5d:b6:1e:07:04:b7:3e:e9:b0:3b:19:
de:dd:b4:c4:02:db:bd:72:d5:38:13:84:5a:b7:22:
11:d0:e8:d7:56:a5:51:80:41:33:25:42:f4:e7:4e:
cb:fc:b5:c3:d3:b4:ab:b9:3f:88:06:6e:32:8b:b8:
6f:3f:2b:e8:b7:4c:83:b0:40:e0:25:6c:f6:63:a2:
b4:05:37:6d:58:26:a4:7d:07:9c:b9:4c:57:b5:a8:
da:e5:8f:5f:3f:a1:6a:f2:33:c3:8a:45:2d:43:bf:
84:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9F:34:AC:39:EE:BE:02:CA:50:1E:F8:39:21:A1:FE:73:5A:10:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e3fdaff-455c-48d5-bbad-e4e6f2efcd8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:c040::/48
Signature Algorithm: sha256WithRSAEncryption
46:a4:98:09:1a:43:57:74:27:42:ad:84:a0:5d:e1:b7:1d:46:
c2:53:c7:70:11:62:12:4b:fe:78:c2:2a:b1:67:fe:9c:1c:6a:
22:09:cb:20:7f:79:d3:d2:ae:e7:dd:da:80:d8:12:9b:5f:93:
54:1b:b3:5b:20:75:9d:c5:b2:99:bf:b4:47:ff:52:11:b6:cf:
b9:4d:0d:f2:69:12:c0:07:46:0c:25:44:f7:df:28:8a:e3:39:
59:33:54:b6:08:74:19:6d:a6:3c:c1:3d:a2:ac:70:20:1f:18:
77:a6:ff:b0:6e:6b:27:57:a6:47:f6:98:c5:f2:9d:25:81:c5:
bb:19:08:6f:bd:73:87:bd:50:82:59:a3:36:81:c7:6b:79:25:
c1:b2:e8:12:09:ca:6a:56:87:f8:21:6d:db:69:6c:01:80:07:
9e:65:fc:68:b1:9e:92:b2:2a:95:3e:38:59:a0:ff:9a:a2:43:
cb:e1:c4:7c:86:7c:57:13:28:8f:09:3d:ba:02:a9:0d:df:cc:
5d:6e:4c:1c:da:30:ba:01:57:54:15:7f:9f:a9:41:a2:d6:c5:
ce:b5:26:1f:54:81:46:df:1c:7f:1f:e5:e3:3f:65:c7:9f:ba:
e3:dd:d6:56:32:44:39:44:f8:a6:a1:6b:a2:3c:ec:73:62:d1:
f4:f5:9b:81
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUapZQ/oUn5DVK31eJCl68eorI84cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTIwMTBaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjYzZlNThlNjljMjA0ZmNlMWIxYjBiZjlmNDI5ZGNkNTRiZWM5Mjk3MDdh
ZjIwZDNlM2JiZWE5YmUxN2E3OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIOY3is2OLBOk26tD565PzrP4QskZQ27urou3KAXhHYaTdMMevWbqa7S3V+a
/kgeBtIaGvHu0YdcYQxvu+/R9+8AWeKtnpd/EPPJpgwwohOBo6+abAgghOzFEFgy
8+Sf/yD7HResXWHggo66B751W1Fe6o2jahSS3n/sWrIHIDZcAPis7hhsX/zFbFKu
LDV/vZ1yzPiZSNKUOF22HgcEtz7psDsZ3t20xALbvXLVOBOEWrciEdDo11alUYBB
MyVC9OdOy/y1w9O0q7k/iAZuMou4bz8r6LdMg7BA4CVs9mOitAU3bVgmpH0HnLlM
V7Wo2uWPXz+havIzw4pFLUO/hDUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSGnzSs
Oe6+AspQHvg5IaH+c1oQcjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGUzZmRhZmYtNDU1Yy00OGQ1LWJiYWQtZTRlNmYyZWZjZDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GrA
QDANBgkqhkiG9w0BAQsFAAOCAQEARqSYCRpDV3QnQq2EoF3htx1GwlPHcBFiEkv+
eMIqsWf+nBxqIgnLIH9509Ku593agNgSm1+TVBuzWyB1ncWymb+0R/9SEbbPuU0N
8mkSwAdGDCVE998oiuM5WTNUtgh0GW2mPME9oqxwIB8Yd6b/sG5rJ1emR/aYxfKd
JYHFuxkIb71zh71QglmjNoHHa3klwbLoEgnKalaH+CFt22lsAYAHnmX8aLGekrIq
lT44WaD/mqJDy+HEfIZ8VxMojwk9ugKpDd/MXW5MHNowugFXVBV/n6lBotbFzrUm
H1SBRt8cfx/l4z9lx5+6493WVjJEOUT4pqFrojzsc2LR9PWbgQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:25:54 2026 by rpki-client