Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
File: a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa (raw, json)
Hash identifier: okOIDv6RamOkpuEq3DlgnkUm1eE9t1/kGQDM4Qdbnk8=
Subject key identifier: B4:A7:BB:E7:6A:66:6D:67:2C:14:B8:0A:DB:2B:69:C1:48:71:6A:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 659D6A0989C485333CB7C9AEB13EA02DAF29028F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
Signing time: Fri 06 Feb 2026 00:40:07 +0000
ROA not before: Fri 06 Feb 2026 00:40:07 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:9d:6a:09:89:c4:85:33:3c:b7:c9:ae:b1:3e:a0:2d:af:29:02:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:40:07 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=5f8d717ad03249c75894cb7f23853126cf7f1f1ce06182e96a014f807cb2441e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:19:76:24:07:11:ca:e1:63:a5:29:8e:5d:18:
96:30:86:86:fe:db:ec:75:0d:39:26:06:86:17:9b:
9e:cd:72:99:63:2b:77:93:20:1e:63:e0:e7:e7:77:
15:63:4b:9e:58:88:38:a9:db:91:a8:df:bf:70:7b:
63:08:83:f5:05:c6:48:fd:e9:0d:40:5d:33:10:92:
d4:92:1e:9f:99:0f:a7:5c:12:91:76:48:cc:bb:bf:
c9:cc:ef:fc:b1:51:04:ef:9c:37:bb:bd:45:bd:51:
49:68:04:38:95:4a:77:f5:d3:af:5b:92:3b:89:a2:
67:28:e0:0a:17:13:7e:f6:7f:a0:94:86:2a:f1:0a:
90:60:fe:66:b1:c1:c9:4a:e9:20:86:1a:39:fb:38:
82:77:19:11:07:2c:32:e8:6e:ab:46:eb:d1:dc:23:
76:78:f4:d7:07:19:f8:a3:be:f4:c5:d9:d5:0c:d3:
3a:9d:bb:15:d5:72:1d:c7:3f:96:68:62:d3:24:c9:
e7:5e:01:de:00:36:3d:bd:1a:28:69:88:07:db:79:
38:dd:2d:84:bc:e0:f8:86:0b:d4:d4:4b:14:75:d7:
84:f6:66:eb:3b:c7:34:4c:37:da:c9:e5:a8:4b:66:
57:66:4c:4d:1f:05:59:bf:5c:d1:d0:cc:32:27:55:
c7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A7:BB:E7:6A:66:6D:67:2C:14:B8:0A:DB:2B:69:C1:48:71:6A:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2ae01f1-ad20-4e92-9bc6-f03ede97e16c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
1a:34:73:7b:4b:fc:1c:8d:79:03:6d:48:fc:fb:65:77:33:37:
84:00:08:a0:a8:7e:f0:4f:20:54:1c:c1:24:8a:d8:ec:6d:cb:
8d:b6:0b:6b:6b:d5:ef:5f:f8:e9:72:aa:e7:c6:ec:74:00:5c:
d9:35:57:7e:3e:ef:c9:01:d5:af:58:3a:91:3e:97:79:72:32:
e5:85:eb:c8:1f:07:36:24:32:2b:68:da:0e:79:ff:c5:72:86:
d9:06:d2:33:d3:f4:4b:37:b4:4d:21:73:3c:32:71:a8:e9:0c:
43:d0:9f:33:9f:eb:d9:16:d3:40:d3:05:03:91:ef:d2:82:44:
73:7c:11:b3:e7:c7:ed:b7:7f:49:b1:69:21:73:8c:d7:57:8a:
14:12:c6:9e:54:54:64:2e:be:73:48:9c:b8:fe:b9:2f:28:33:
37:83:af:57:d3:be:e1:a0:6c:64:cb:e6:5f:90:32:c2:c1:6a:
e5:9d:3f:2f:c5:c5:6d:15:f0:63:4d:ba:44:39:c1:c0:4d:cb:
cc:85:a6:ad:8a:18:39:e2:b3:73:3f:11:68:3d:c6:4d:0c:22:
e3:c4:ec:d2:78:34:ef:87:42:6d:46:ca:59:05:a9:ad:97:51:
92:56:64:e0:36:74:ce:ad:79:f2:23:77:4e:47:5a:75:08:9b:
88:f6:5b:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZZ1qCYnEhTM8t8musT6gLa8pAo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDQwMDdaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmOGQ3MTdhZDAzMjQ5Yzc1ODk0Y2I3ZjIzODUzMTI2Y2Y3ZjFmMWNlMDYx
ODJlOTZhMDE0ZjgwN2NiMjQ0MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcZdiQHEcrhY6Upjl0YljCGhv7b7HUNOSYGhhebns1ymWMrd5MgHmPg5+d3
FWNLnliIOKnbkajfv3B7YwiD9QXGSP3pDUBdMxCS1JIen5kPp1wSkXZIzLu/yczv
/LFRBO+cN7u9Rb1RSWgEOJVKd/XTr1uSO4miZyjgChcTfvZ/oJSGKvEKkGD+ZrHB
yUrpIIYaOfs4gncZEQcsMuhuq0br0dwjdnj01wcZ+KO+9MXZ1QzTOp27FdVyHcc/
lmhi0yTJ514B3gA2Pb0aKGmIB9t5ON0thLzg+IYL1NRLFHXXhPZm6zvHNEw32snl
qEtmV2ZMTR8FWb9c0dDMMidVx9ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS0p7vn
amZtZywUuArbK2nBSHFqPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTJhZTAxZjEtYWQyMC00ZTkyLTliYzYtZjAzZWRlOTdlMTZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DSA
wDANBgkqhkiG9w0BAQsFAAOCAQEAGjRze0v8HI15A21I/PtldzM3hAAIoKh+8E8g
VBzBJIrY7G3LjbYLa2vV71/46XKq58bsdABc2TVXfj7vyQHVr1g6kT6XeXIy5YXr
yB8HNiQyK2jaDnn/xXKG2QbSM9P0Sze0TSFzPDJxqOkMQ9CfM5/r2RbTQNMFA5Hv
0oJEc3wRs+fH7bd/SbFpIXOM11eKFBLGnlRUZC6+c0icuP65LygzN4OvV9O+4aBs
ZMvmX5AywsFq5Z0/L8XFbRXwY026RDnBwE3LzIWmrYoYOeKzcz8RaD3GTQwi48Ts
0ng074dCbUbKWQWprZdRklZk4DZ0zq158iN3TkdadQibiPZbEg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:43 2026 by rpki-client