Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
File: a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa (raw, json)
Hash identifier: +JDaJSXGg+zIumDLr3O6s/2w/Jp9dGxgiHXu3shQrcg=
Subject key identifier: A3:50:FB:C4:08:3F:9B:18:3A:99:88:3B:72:1B:78:A3:20:4D:29:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FB9BD5EC19CFD4E2735CA7B4D6DBF85B7C75D1C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
Signing time: Tue 17 Feb 2026 03:10:08 +0000
ROA not before: Tue 17 Feb 2026 03:10:08 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:b9:bd:5e:c1:9c:fd:4e:27:35:ca:7b:4d:6d:bf:85:b7:c7:5d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:08 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=becab6475adb8a5066f79e6ab762dfeb82d36dc73d31e7df1d8a8b89721ed51e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:75:3e:bb:d0:c5:c9:29:5d:2a:9a:b7:9d:
f7:d7:88:f7:5d:59:60:39:ea:20:ce:09:09:92:f8:
be:e4:35:ba:b2:9f:83:b1:b8:02:8a:d7:96:b9:17:
7f:21:ff:12:af:60:c2:e7:d8:9a:76:84:88:7e:54:
3f:1e:9a:3c:b7:4a:90:bc:ff:cc:f5:9b:b2:e2:33:
5a:e9:e8:13:00:ba:b1:d4:4f:a6:dc:2f:d4:15:85:
41:32:ab:b2:4e:9c:5f:d8:56:ed:3c:1b:b4:33:43:
19:cc:61:af:69:a6:de:c7:96:14:c4:15:7d:79:65:
0f:c6:83:85:34:ac:be:35:fb:51:74:7b:da:41:de:
7e:4d:d0:4d:86:0e:f1:ff:71:ef:d7:0c:7e:44:01:
ab:5d:6c:7a:9f:f2:1a:2b:16:28:4c:a2:b5:96:d6:
00:14:a4:be:64:43:6c:fd:9d:d0:38:6d:fc:5c:c9:
47:12:28:82:cd:4a:2e:91:b7:ca:c6:09:31:18:f6:
f8:fc:2f:40:12:ad:9d:e8:81:8d:5e:6a:46:f1:ad:
e9:92:24:69:1d:54:9b:db:15:c2:77:ea:d6:66:49:
90:1e:c2:45:0e:9a:61:08:c8:66:15:3a:38:da:a0:
c6:ec:ba:45:94:17:ee:19:a2:db:90:7c:59:79:ca:
0d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:50:FB:C4:08:3F:9B:18:3A:99:88:3B:72:1B:78:A3:20:4D:29:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:b000::/40
Signature Algorithm: sha256WithRSAEncryption
38:45:1f:53:f8:ab:25:43:2d:61:a9:ca:ac:6e:c7:23:c8:7c:
dd:72:96:29:4b:56:0f:30:3c:c4:8d:96:df:f7:7d:f4:8a:ac:
0b:e2:9b:b5:c8:6f:43:3b:fd:5b:21:8b:0a:09:65:3f:03:58:
9b:e7:6b:b5:d6:c1:e3:e3:90:09:94:6c:e7:33:e1:9b:95:fb:
33:e6:b7:98:56:08:0d:69:42:ed:75:ca:8f:38:2c:97:2f:16:
25:c7:d8:0d:ec:fe:6a:ef:8c:13:7a:d5:6a:6f:19:f7:fc:55:
2c:0d:bf:34:ea:a2:c8:68:e8:bc:af:f8:19:61:73:63:e7:52:
b2:9b:23:1b:44:53:8f:19:64:1c:26:c1:27:16:e5:ff:9f:13:
de:b5:5e:99:fd:41:44:e1:3c:e5:7c:c6:b2:1b:80:10:0d:6d:
69:75:50:37:7c:66:e4:bc:58:89:d6:9b:10:ab:09:10:41:dd:
b4:90:32:ab:71:01:a5:e3:7d:34:98:5a:92:e5:16:b6:43:1b:
13:2d:5b:f0:48:df:45:19:da:c8:93:7b:6f:24:01:18:eb:f5:
63:95:0c:8a:70:3e:42:45:64:a9:37:a0:6a:10:bc:f4:56:ad:
00:e1:2c:a4:c0:ce:c4:19:64:8d:d1:b6:27:2f:73:3e:fd:7b:
23:bc:bb:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf7m9XsGc/U4nNcp7TW2/hbfHXRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMDhaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlY2FiNjQ3NWFkYjhhNTA2NmY3OWU2YWI3NjJkZmViODJkMzZkYzczZDMx
ZTdkZjFkOGE4Yjg5NzIxZWQ1MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOvdT670MXJKV0qmred99eI911ZYDnqIM4JCZL4vuQ1urKfg7G4AorXlrkX
fyH/Eq9gwufYmnaEiH5UPx6aPLdKkLz/zPWbsuIzWunoEwC6sdRPptwv1BWFQTKr
sk6cX9hW7TwbtDNDGcxhr2mm3seWFMQVfXllD8aDhTSsvjX7UXR72kHefk3QTYYO
8f9x79cMfkQBq11sep/yGisWKEyitZbWABSkvmRDbP2d0Dht/FzJRxIogs1KLpG3
ysYJMRj2+PwvQBKtneiBjV5qRvGt6ZIkaR1Um9sVwnfq1mZJkB7CRQ6aYQjIZhU6
ONqgxuy6RZQX7hmi25B8WXnKDdMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSjUPvE
CD+bGDqZiDtyG3ijIE0pWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc4YWVmYjQtZDFlYi00YTExLTk4OTktYmY2NzI5ZTE4Y2NkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSw
MA0GCSqGSIb3DQEBCwUAA4IBAQA4RR9T+KslQy1hqcqsbscjyHzdcpYpS1YPMDzE
jZbf9330iqwL4pu1yG9DO/1bIYsKCWU/A1ib52u11sHj45AJlGznM+Gblfsz5reY
VggNaULtdcqPOCyXLxYlx9gN7P5q74wTetVqbxn3/FUsDb806qLIaOi8r/gZYXNj
51KymyMbRFOPGWQcJsEnFuX/nxPetV6Z/UFE4TzlfMayG4AQDW1pdVA3fGbkvFiJ
1psQqwkQQd20kDKrcQGl4300mFqS5Ra2QxsTLVvwSN9FGdrIk3tvJAEY6/VjlQyK
cD5CRWSpN6BqELz0Vq0A4SykwM7EGWSN0bYnL3M+/XsjvLuU
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:16 2026 by rpki-client