Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a103a3a0-ff03-4978-a976-55516478c88b.roa
File: a103a3a0-ff03-4978-a976-55516478c88b.roa (raw, json)
Hash identifier: C5gubTToln8rlyPIYH+wWByenbsBMEKN8tga6nn2Dnw=
Subject key identifier: 4E:00:CC:C8:9E:B4:28:D2:0A:F6:A1:60:2F:11:CC:50:30:C8:7A:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C846ED110983670F327D6635A50DD9BE44D440D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a103a3a0-ff03-4978-a976-55516478c88b.roa
Signing time: Wed 11 Feb 2026 01:20:07 +0000
ROA not before: Wed 11 Feb 2026 01:20:07 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:84:6e:d1:10:98:36:70:f3:27:d6:63:5a:50:dd:9b:e4:4d:44:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:20:07 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=766d970e9dc53b42d068dd92d27b4a4f0a274d264a5bdd0f691cc5eacf998fe7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:4c:71:1d:68:c8:ae:b3:85:ae:d2:bf:98:6a:
75:c1:80:a1:fa:71:2d:83:52:14:d7:66:e8:30:14:
f0:b4:90:93:3a:ed:04:41:28:4a:f9:15:55:02:92:
f5:6b:78:10:1d:09:1b:c5:b6:0c:6b:d5:c7:c8:ec:
67:60:d0:ec:af:79:51:66:0a:fe:5d:f7:62:60:53:
af:f7:78:b9:74:55:e4:ad:1b:75:33:6c:04:06:24:
4d:83:1b:91:a4:3e:fb:36:68:66:d2:db:00:cd:68:
3c:02:25:10:ce:6d:76:2d:3d:72:0f:df:72:0a:c3:
70:7b:69:58:12:91:9b:cd:da:ca:61:24:94:7b:69:
a9:a9:ff:dd:f6:bc:1b:05:2a:62:d9:78:49:68:7c:
01:06:55:3a:ee:d9:c1:63:c9:e2:bb:cc:8f:65:16:
ea:fe:8f:d3:c4:6f:79:16:71:35:3b:3f:88:08:b9:
2a:06:52:25:b6:54:ba:9b:1a:86:d6:9b:b6:a7:b2:
0c:55:96:83:07:46:4a:a6:bb:81:d2:7a:50:fb:34:
7f:3b:c6:d7:da:51:3d:9d:84:be:38:1b:a4:16:94:
2c:a3:fc:b4:2a:23:f2:4e:02:3c:fe:8f:3d:ff:0c:
5a:26:23:3e:3b:d6:c1:e1:96:7f:74:35:5d:1b:7a:
12:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:00:CC:C8:9E:B4:28:D2:0A:F6:A1:60:2F:11:CC:50:30:C8:7A:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a103a3a0-ff03-4978-a976-55516478c88b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:6040::/48
Signature Algorithm: sha256WithRSAEncryption
73:08:5c:dc:13:64:a7:d4:7b:f6:66:67:32:04:9d:f7:29:5a:
f6:72:d6:96:41:9f:f5:b0:17:0f:c8:af:97:ee:26:b3:e8:8e:
fe:ec:7c:1f:75:be:7b:5e:b8:ce:14:c8:0a:d8:3f:d9:08:c7:
32:9f:ff:ce:2c:a4:a0:f8:b8:54:b8:cd:2f:f0:48:6f:6b:53:
23:13:71:8f:9d:40:66:68:9f:d0:2f:35:4c:ef:cd:02:92:fc:
5a:ad:13:4e:85:6b:8b:78:a2:3e:2d:49:79:26:b2:aa:81:27:
bb:db:1c:23:6f:a9:5d:9d:aa:77:83:ed:4b:af:34:28:1e:d8:
28:09:39:7a:97:dc:76:98:40:92:b4:46:b5:fd:ed:02:ff:cc:
db:90:98:ca:32:8f:8f:a4:32:92:28:1c:21:ec:b2:b1:a2:62:
b5:af:9b:5a:f9:88:3f:9b:87:0f:2e:e2:ed:57:ee:e9:b0:e3:
b8:7e:42:5c:c4:5f:b9:40:5b:d7:56:be:05:ca:ee:f2:19:5f:
d1:a6:fc:b9:b9:af:30:fd:6c:0a:68:33:c1:d8:31:ad:57:a9:
2d:e9:63:8b:d0:a0:83:5f:7c:4a:11:be:f4:38:2a:a7:20:dd:
2e:af:98:03:53:8e:3e:da:47:cf:30:75:63:08:25:f3:89:cf:
f4:1d:aa:8a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfIRu0RCYNnDzJ9ZjWlDdm+RNRA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTIwMDdaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NmQ5NzBlOWRjNTNiNDJkMDY4ZGQ5MmQyN2I0YTRmMGEyNzRkMjY0YTVi
ZGQwZjY5MWNjNWVhY2Y5OThmZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPdMcR1oyK6zha7Sv5hqdcGAofpxLYNSFNdm6DAU8LSQkzrtBEEoSvkVVQKS
9Wt4EB0JG8W2DGvVx8jsZ2DQ7K95UWYK/l33YmBTr/d4uXRV5K0bdTNsBAYkTYMb
kaQ++zZoZtLbAM1oPAIlEM5tdi09cg/fcgrDcHtpWBKRm83aymEklHtpqan/3fa8
GwUqYtl4SWh8AQZVOu7ZwWPJ4rvMj2UW6v6P08RveRZxNTs/iAi5KgZSJbZUupsa
htabtqeyDFWWgwdGSqa7gdJ6UPs0fzvG19pRPZ2EvjgbpBaULKP8tCoj8k4CPP6P
Pf8MWiYjPjvWweGWf3Q1XRt6EkMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBROAMzI
nrQo0gr2oWAvEcxQMMh6LzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTEwM2EzYTAtZmYwMy00OTc4LWE5NzYtNTU1MTY0NzhjODhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gpg
QDANBgkqhkiG9w0BAQsFAAOCAQEAcwhc3BNkp9R79mZnMgSd9yla9nLWlkGf9bAX
D8ivl+4ms+iO/ux8H3W+e164zhTICtg/2QjHMp//ziykoPi4VLjNL/BIb2tTIxNx
j51AZmif0C81TO/NApL8Wq0TToVri3iiPi1JeSayqoEnu9scI2+pXZ2qd4PtS680
KB7YKAk5epfcdphAkrRGtf3tAv/M25CYyjKPj6QykigcIeyysaJita+bWvmIP5uH
Dy7i7Vfu6bDjuH5CXMRfuUBb11a+Bcru8hlf0ab8ubmvMP1sCmgzwdgxrVepLelj
i9Cgg198ShG+9DgqpyDdLq+YA1OOPtpHzzB1Ywgl84nP9B2qig==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:39 2026 by rpki-client