Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa
File: a0c32c3b-d8db-4386-9538-641f27723456.roa (raw, json)
Hash identifier: eF0rg7s3Bil0tQVbTiftgi0/GbqeRzpXYwa5OMOZKN0=
Subject key identifier: FD:ED:9A:64:F2:24:FF:6A:F1:A9:E6:1D:03:D1:43:7E:7A:F5:EC:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C5A04C2B95159763DAB7AFB803B3A32BD3A064A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa
Signing time: Tue 17 Feb 2026 03:00:37 +0000
ROA not before: Tue 17 Feb 2026 03:00:37 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:5a:04:c2:b9:51:59:76:3d:ab:7a:fb:80:3b:3a:32:bd:3a:06:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:37 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=3898f1606773c831a22d0ef9947ed1c5c9efbb8ad823741a1a918dbe6f57c894, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ba:d0:3d:cb:4b:3d:b1:c6:7b:16:57:75:12:
6d:20:5b:22:c5:ef:06:8d:99:72:7e:56:65:54:de:
c4:e3:4e:13:6f:7c:3a:15:df:66:91:3f:ff:80:fc:
e3:95:ca:3e:3e:d6:2a:82:0a:24:e6:fc:ba:3f:d2:
c9:11:2d:74:93:2c:a5:8f:81:9a:b6:40:0c:98:62:
42:f3:2c:85:ee:19:a6:4f:81:24:29:df:c2:46:2e:
1f:74:39:c5:ae:8c:2b:c7:2b:45:4a:9f:57:28:15:
5d:f0:9f:3c:80:a7:05:86:54:0f:ca:82:61:dc:78:
16:0f:51:b2:73:01:98:44:19:9f:92:3f:f1:e4:07:
8d:cf:48:e0:96:d4:ba:c0:d0:c6:18:43:c8:ab:28:
9c:9f:35:b3:99:2c:ac:76:a3:12:b6:e3:52:3b:70:
67:97:14:64:ad:89:fd:25:73:dc:32:ad:dc:d9:21:
00:18:78:1a:d1:f2:75:02:1a:79:a7:56:e2:f7:0d:
7b:60:26:e2:dd:f7:94:17:50:c2:2c:a9:d5:dc:2f:
f9:7a:55:5a:bd:c8:32:02:95:54:8d:02:fd:2b:4a:
81:94:80:19:18:e8:88:96:8c:14:47:f7:a5:b7:89:
1f:90:e4:46:2f:f6:c4:3d:0b:08:45:e2:7b:13:c8:
23:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:ED:9A:64:F2:24:FF:6A:F1:A9:E6:1D:03:D1:43:7E:7A:F5:EC:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:5000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:10:c6:27:8c:15:cd:cc:d1:ba:9b:fa:07:6f:31:eb:40:fd:
b2:50:43:90:39:f0:e3:33:54:0e:5b:fb:cf:43:8f:9a:a3:46:
ba:3b:f7:02:ba:75:e7:c4:f1:ed:11:b6:81:38:5f:0a:26:e2:
7f:4f:85:37:ac:ea:5f:d3:c0:a3:60:49:ce:11:23:b5:71:af:
3b:73:b2:93:25:2e:54:45:59:a5:cb:8f:d1:5b:3d:b4:6f:90:
9c:06:76:b3:06:fa:0b:7c:55:0f:20:f0:28:b7:97:10:cf:81:
43:c9:e9:43:e2:cc:ce:48:4b:10:ad:4d:ea:dd:cd:90:7c:7a:
10:c4:0f:e0:dc:0b:6e:a8:15:9d:3b:bb:fa:9f:9c:f5:6e:b5:
38:01:d9:bd:d7:6b:54:1b:6e:d4:b2:be:58:74:e2:d5:60:28:
65:50:c4:67:f0:1b:5b:55:0d:8e:1e:00:6f:47:6b:b4:76:90:
83:0e:ba:7f:11:59:ff:6f:21:74:a1:1a:5f:3c:ac:e4:d4:27:
bf:4a:23:22:15:16:1f:c3:dc:06:35:e2:a0:09:5c:a8:47:c9:
97:78:f9:c1:5e:b3:2e:77:fb:8c:76:7c:d7:5b:a3:c2:c5:71:
d4:ee:83:72:8d:53:ed:f6:31:de:d9:ce:08:23:1a:c0:a5:61:
00:17:d5:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULFoEwrlRWXY9q3r7gDs6Mr06BkowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMzdaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4OThmMTYwNjc3M2M4MzFhMjJkMGVmOTk0N2VkMWM1YzllZmJiOGFkODIz
NzQxYTFhOTE4ZGJlNmY1N2M4OTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMS60D3LSz2xxnsWV3USbSBbIsXvBo2Zcn5WZVTexONOE298OhXfZpE//4D8
45XKPj7WKoIKJOb8uj/SyREtdJMspY+BmrZADJhiQvMshe4Zpk+BJCnfwkYuH3Q5
xa6MK8crRUqfVygVXfCfPICnBYZUD8qCYdx4Fg9RsnMBmEQZn5I/8eQHjc9I4JbU
usDQxhhDyKsonJ81s5ksrHajErbjUjtwZ5cUZK2J/SVz3DKt3NkhABh4GtHydQIa
eadW4vcNe2Am4t33lBdQwiyp1dwv+XpVWr3IMgKVVI0C/StKgZSAGRjoiJaMFEf3
pbeJH5DkRi/2xD0LCEXiexPII0sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT97Zpk
8iT/avGp5h0D0UN+evXsmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTBjMzJjM2ItZDhkYi00Mzg2LTk1MzgtNjQxZjI3NzIzNDU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBeEMYnjBXNzNG6m/oHbzHrQP2yUEOQOfDjM1QO
W/vPQ4+ao0a6O/cCunXnxPHtEbaBOF8KJuJ/T4U3rOpf08CjYEnOESO1ca87c7KT
JS5URVmly4/RWz20b5CcBnazBvoLfFUPIPAot5cQz4FDyelD4szOSEsQrU3q3c2Q
fHoQxA/g3AtuqBWdO7v6n5z1brU4Adm912tUG27Usr5YdOLVYChlUMRn8BtbVQ2O
HgBvR2u0dpCDDrp/EVn/byF0oRpfPKzk1Ce/SiMiFRYfw9wGNeKgCVyoR8mXePnB
XrMud/uMdnzXW6PCxXHU7oNyjVPt9jHe2c4IIxrApWEAF9Um
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:39 2026 by rpki-client