Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbee85f-272a-4ae4-8329-48f63bc24277.roa
File: abbee85f-272a-4ae4-8329-48f63bc24277.roa (raw, json)
Hash identifier: e8tkUoxJSt4e5c5y4T8LowUPfibI3kcmHYntVbU6bv4=
Subject key identifier: A2:AB:BA:13:71:F6:C1:28:F1:97:56:1D:EF:31:8E:A4:85:AB:53:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43EC3FDAB4715853516F2E913FAE1E1055F6C0EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbee85f-272a-4ae4-8329-48f63bc24277.roa
Signing time: Wed 11 Feb 2026 01:30:34 +0000
ROA not before: Wed 11 Feb 2026 01:30:34 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:ec:3f:da:b4:71:58:53:51:6f:2e:91:3f:ae:1e:10:55:f6:c0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:34 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=5326c1043d05b4aaa43f8b61354f102f48c8ef3fa9663733c732b64a1ff03fe4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ea:2d:c6:02:ab:cc:72:09:88:56:84:99:ec:
83:8d:b3:3b:0a:67:68:85:f2:54:03:f3:5d:ca:4e:
4a:e6:76:ea:40:2a:93:78:7a:b8:ab:a3:82:72:83:
c8:48:a7:7d:ce:c0:c1:d7:fd:03:91:69:2f:41:a1:
89:46:03:37:1d:e3:9e:2f:4a:9e:7c:80:f9:2e:c2:
4c:d6:e9:80:95:42:a5:ea:10:3b:3e:fb:35:af:59:
ff:8e:d3:21:a4:92:e4:d4:ad:3c:7b:df:e3:ef:f9:
19:2d:42:88:0a:38:eb:4d:10:8b:4c:1e:60:9b:aa:
a9:1f:5f:77:45:b3:0a:38:42:f9:1a:00:ea:9b:0e:
f4:d1:6c:86:f1:34:0c:e1:7f:44:a5:c0:62:68:47:
5b:52:e7:71:f3:6f:80:89:6e:30:6e:a2:94:73:ab:
8a:37:2a:68:44:4f:be:5c:8e:2e:a0:bb:42:ef:7b:
b2:60:d6:cb:8d:88:1d:8d:9d:cc:1d:ce:42:bf:2f:
fd:c6:d1:27:47:27:af:b0:f2:d6:fc:4a:8b:0a:50:
6c:76:3b:82:51:6e:d5:2c:43:ca:7b:9f:9b:0b:e1:
0a:1f:33:3c:73:02:b4:01:bc:7d:00:48:9c:83:9e:
66:b6:11:31:d6:2e:2b:87:75:a5:c2:03:e7:b1:34:
08:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AB:BA:13:71:F6:C1:28:F1:97:56:1D:EF:31:8E:A4:85:AB:53:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbee85f-272a-4ae4-8329-48f63bc24277.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:a080::/48
Signature Algorithm: sha256WithRSAEncryption
1b:09:6a:8b:61:5b:10:e0:d8:70:35:f2:9f:60:6f:e1:76:04:
db:87:24:9f:29:dc:f8:48:db:32:66:b9:21:cc:3e:d3:79:e5:
69:84:3a:44:f5:42:ed:45:da:02:1a:bb:fe:fa:ff:f6:03:a9:
90:3a:24:19:f7:c9:15:2a:1c:bc:83:37:6a:76:bc:e3:23:e0:
63:33:88:fb:99:03:15:9a:b3:16:e7:9a:03:cb:ef:2a:81:9c:
ad:51:f4:dd:78:aa:36:0d:69:2f:f2:18:bf:b2:70:94:d3:c2:
53:d2:48:16:4e:d2:f0:0a:44:56:1a:78:0b:65:7f:4e:8d:0b:
35:bb:a8:ec:07:66:41:31:6c:3f:71:1e:97:9e:bb:14:a2:ea:
d5:65:1c:49:73:1b:20:6c:b0:02:28:3a:5c:d1:13:ee:de:54:
2e:a4:aa:98:71:08:64:4e:80:4e:d9:ad:c1:7c:b3:1c:84:77:
c9:42:31:52:17:1c:0f:2b:79:97:09:95:de:25:d4:29:04:f0:
89:51:34:5d:e6:47:29:3c:2e:87:8b:bc:24:2b:f6:f2:8f:60:
16:43:b5:fe:6d:0c:59:71:8b:89:51:71:d6:2f:f1:86:63:3d:
28:01:cf:05:b5:15:cb:a9:1b:ad:e5:eb:aa:5e:f6:b7:ee:d1:
29:12:2a:71
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ+w/2rRxWFNRby6RP64eEFX2wOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwMzRaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMjZjMTA0M2QwNWI0YWFhNDNmOGI2MTM1NGYxMDJmNDhjOGVmM2ZhOTY2
MzczM2M3MzJiNjRhMWZmMDNmZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPTqLcYCq8xyCYhWhJnsg42zOwpnaIXyVAPzXcpOSuZ26kAqk3h6uKujgnKD
yEinfc7Awdf9A5FpL0GhiUYDNx3jni9KnnyA+S7CTNbpgJVCpeoQOz77Na9Z/47T
IaSS5NStPHvf4+/5GS1CiAo4600Qi0weYJuqqR9fd0WzCjhC+RoA6psO9NFshvE0
DOF/RKXAYmhHW1LncfNvgIluMG6ilHOrijcqaERPvlyOLqC7Qu97smDWy42IHY2d
zB3OQr8v/cbRJ0cnr7Dy1vxKiwpQbHY7glFu1SxDynufmwvhCh8zPHMCtAG8fQBI
nIOeZrYRMdYuK4d1pcID57E0CBMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSiq7oT
cfbBKPGXVh3vMY6khatTcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJiZWU4NWYtMjcyYS00YWU0LTgzMjktNDhmNjNiYzI0Mjc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gqg
gDANBgkqhkiG9w0BAQsFAAOCAQEAGwlqi2FbEODYcDXyn2Bv4XYE24cknync+Ejb
Mma5Icw+03nlaYQ6RPVC7UXaAhq7/vr/9gOpkDokGffJFSocvIM3ana84yPgYzOI
+5kDFZqzFueaA8vvKoGcrVH03XiqNg1pL/IYv7JwlNPCU9JIFk7S8ApEVhp4C2V/
To0LNbuo7AdmQTFsP3Eel567FKLq1WUcSXMbIGywAig6XNET7t5ULqSqmHEIZE6A
TtmtwXyzHIR3yUIxUhccDyt5lwmV3iXUKQTwiVE0XeZHKTwuh4u8JCv28o9gFkO1
/m0MWXGLiVFx1i/xhmM9KAHPBbUVy6kbreXrql72t+7RKRIqcQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:48 2026 by rpki-client