Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
File: a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa (raw, json)
Hash identifier: ORchSq5U24uv2fRLZmgV+eBtd9anV+AITRHFrsHLgYU=
Subject key identifier: 08:AE:47:A4:6C:5F:29:F4:8E:19:CA:49:B9:5F:EF:4C:9F:B0:00:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1188CF1FFB380C6216585178CB83C74B38C9996A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
Signing time: Tue 17 Feb 2026 03:00:50 +0000
ROA not before: Tue 17 Feb 2026 03:00:50 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:88:cf:1f:fb:38:0c:62:16:58:51:78:cb:83:c7:4b:38:c9:99:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:50 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=60a7e05b73a0316abde1626ae2209ac014fee8092f680fcf282acddb1975193a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:28:22:69:05:c5:d5:09:1b:06:b8:2c:c2:45:
42:4d:cc:a4:11:d0:76:5b:c9:c8:28:22:3c:17:67:
74:62:a4:26:38:1e:d7:48:8a:48:fc:5a:9d:88:49:
1a:da:92:e4:f8:03:22:6e:13:5f:7d:bc:8a:28:52:
08:f9:0f:e7:d2:ac:88:cd:6f:ac:7f:5d:59:00:e1:
40:4c:33:03:4a:7b:b9:49:5b:c4:a8:d3:7b:91:e3:
80:27:7d:9e:7b:69:c4:d3:6f:c2:cb:a3:97:af:98:
88:b4:32:9b:3c:b8:87:12:17:fa:15:2e:b3:88:a7:
5a:3b:c6:b0:34:56:64:eb:e3:70:90:0b:ec:73:24:
24:cc:82:9f:e4:d8:c3:32:9f:fc:bc:ed:87:3a:57:
4a:23:59:bf:2d:e7:da:7a:41:22:1a:41:3a:3e:ff:
b7:b2:f0:5a:38:51:03:e5:8b:bf:ec:5a:83:79:80:
cc:c7:0d:4d:15:76:0e:2b:81:84:b1:7c:d9:da:fd:
c3:9d:23:73:e9:7a:09:3b:bf:64:da:fa:e4:e2:16:
1e:75:dd:a8:06:00:f9:17:1f:a3:b9:6b:c4:d0:7b:
09:37:9c:10:bf:af:8d:34:79:7f:44:9f:af:e3:e5:
9c:b2:fc:d5:cc:51:7f:02:db:8d:a0:e2:5b:25:37:
dc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:AE:47:A4:6C:5F:29:F4:8E:19:CA:49:B9:5F:EF:4C:9F:B0:00:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:800::/40
Signature Algorithm: sha256WithRSAEncryption
29:7a:f9:50:f4:a3:83:f7:19:12:fd:9c:88:9f:f9:72:56:7c:
2f:52:44:5d:11:6f:a9:b1:17:89:77:18:f5:26:e9:c7:fe:f9:
16:07:c1:3f:0a:59:58:da:cd:13:7f:8f:f0:69:f9:bc:55:e3:
15:f6:be:04:1e:44:76:c8:da:55:cd:f5:ad:65:ac:02:24:01:
8b:86:f9:67:78:64:c8:a2:9c:40:c4:aa:6e:5f:a4:d4:7f:0b:
ec:96:a2:b6:47:65:44:6c:83:7e:08:c6:e1:df:69:42:ce:83:
d3:00:7f:2a:82:b2:bc:f8:84:72:b9:07:94:fe:1c:be:de:f0:
3e:9f:cb:9d:71:e5:8d:20:12:08:e2:a8:ea:cf:a6:e6:b2:8f:
fd:c7:bf:e6:ea:2a:85:1f:94:33:fb:9a:15:94:68:e5:e2:18:
81:0f:c7:fd:fc:69:2a:65:2b:c5:3a:19:cf:c7:5a:86:bf:9b:
ad:9f:72:e3:b8:45:43:85:79:c0:4c:62:c7:c8:4f:7e:5f:d2:
f7:be:62:8d:01:ef:aa:56:42:ac:5c:04:6c:a5:a5:82:77:6c:
6c:18:86:54:6c:dd:5c:49:a8:5c:40:7c:16:2c:9a:bf:4f:77:
5e:5b:60:cc:ce:36:ee:8d:04:87:ce:59:54:54:c3:b0:1c:c1:
a6:04:84:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEYjPH/s4DGIWWFF4y4PHSzjJmWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwNTBaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwYTdlMDViNzNhMDMxNmFiZGUxNjI2YWUyMjA5YWMwMTRmZWU4MDkyZjY4
MGZjZjI4MmFjZGRiMTk3NTE5M2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJAoImkFxdUJGwa4LMJFQk3MpBHQdlvJyCgiPBdndGKkJjge10iKSPxanYhJ
GtqS5PgDIm4TX328iihSCPkP59KsiM1vrH9dWQDhQEwzA0p7uUlbxKjTe5HjgCd9
nntpxNNvwsujl6+YiLQymzy4hxIX+hUus4inWjvGsDRWZOvjcJAL7HMkJMyCn+TY
wzKf/LzthzpXSiNZvy3n2npBIhpBOj7/t7LwWjhRA+WLv+xag3mAzMcNTRV2DiuB
hLF82dr9w50jc+l6CTu/ZNr65OIWHnXdqAYA+Rcfo7lrxNB7CTecEL+vjTR5f0Sf
r+PlnLL81cxRfwLbjaDiWyU33AkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQIrkek
bF8p9I4Zykm5X+9Mn7AACjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ5ZTIzZGUtNmZjOS00MTJiLTlkMjMtNGYwODMwZDlmYTdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQI
MA0GCSqGSIb3DQEBCwUAA4IBAQApevlQ9KOD9xkS/ZyIn/lyVnwvUkRdEW+psReJ
dxj1JunH/vkWB8E/CllY2s0Tf4/wafm8VeMV9r4EHkR2yNpVzfWtZawCJAGLhvln
eGTIopxAxKpuX6TUfwvslqK2R2VEbIN+CMbh32lCzoPTAH8qgrK8+IRyuQeU/hy+
3vA+n8udceWNIBII4qjqz6bmso/9x7/m6iqFH5Qz+5oVlGjl4hiBD8f9/GkqZSvF
OhnPx1qGv5utn3LjuEVDhXnATGLHyE9+X9L3vmKNAe+qVkKsXARspaWCd2xsGIZU
bN1cSahcQHwWLJq/T3deW2DMzjbujQSHzllUVMOwHMGmBITx
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:31 2026 by rpki-client