Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
File: ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa (raw, json)
Hash identifier: tdEpVlOrrwaY0+RlG11+3qryZLLUOpJfrVNRsu6qwqU=
Subject key identifier: E7:0E:FE:3A:20:A7:26:F0:71:31:18:5A:1F:87:8C:40:17:0D:06:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A41454EF0A2C950E3CDD25458E6F7AF8E7B9B54
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
Signing time: Fri 20 Feb 2026 01:40:09 +0000
ROA not before: Fri 20 Feb 2026 01:40:09 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:41:45:4e:f0:a2:c9:50:e3:cd:d2:54:58:e6:f7:af:8e:7b:9b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:40:09 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=a7b1d3d653afaa34092227720f52b22e60bebc44abd58b30fe351f3c19fb9c38, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:4d:45:35:27:1b:38:ed:73:83:c8:f8:e6:d4:
86:2a:32:05:31:31:21:23:62:6e:29:3e:a9:b6:d5:
3e:d1:4b:a8:2e:c3:c7:e2:7f:3d:34:e4:e8:40:5c:
4e:cb:d7:88:0c:63:da:ba:5a:fc:8c:d9:2f:65:60:
7a:5e:6d:ba:2d:d9:39:8a:72:9f:69:ea:14:35:b3:
30:42:00:4f:6b:17:df:49:05:fd:fd:65:f6:fd:39:
41:15:f5:f7:57:e2:f6:99:a1:7f:b5:31:a8:c1:d9:
a8:b5:2f:b9:9a:e2:b0:5b:fa:84:9a:67:63:53:70:
0b:fb:e5:e6:b9:e6:e0:d8:04:54:55:2d:ed:cb:dd:
e1:60:96:51:fe:b4:cb:50:f4:55:4e:f5:53:db:49:
a4:22:2d:2b:18:2c:26:7f:81:7d:19:6e:eb:22:69:
4d:b3:83:48:7c:57:15:2e:28:ff:1c:58:c0:76:b2:
3a:e2:7c:94:a3:fe:87:d7:7a:bf:d5:c1:7a:63:78:
6a:ed:65:df:0a:2d:a8:cc:02:fb:2a:86:e7:6f:10:
11:5d:25:c8:c3:1a:8b:a3:9d:a0:0a:97:f0:a6:c4:
f1:7f:2c:d4:0f:cd:f5:d1:61:a3:78:f5:e3:c8:89:
89:11:6a:87:80:d3:a9:65:0d:94:81:2d:8c:e7:28:
95:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:0E:FE:3A:20:A7:26:F0:71:31:18:5A:1F:87:8C:40:17:0D:06:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
21:1e:09:88:17:8d:78:62:af:e2:aa:06:44:c3:2a:d2:e8:59:
4b:a1:7b:ce:73:91:e8:49:9d:23:fc:ac:4a:ae:8a:71:13:51:
ae:45:e6:1d:aa:bd:0a:1d:c9:81:16:6f:d9:17:e6:13:a3:65:
07:13:ce:45:8f:d1:80:cf:11:24:71:73:cc:9a:6e:64:24:ff:
36:3a:ef:35:15:62:da:2a:eb:54:78:d5:65:ae:8e:47:b3:d3:
e2:e7:78:d9:43:f4:55:41:d1:56:07:24:5d:67:f9:a8:f4:df:
14:6e:d8:c0:c1:78:a7:e6:22:dc:b8:d9:ca:3d:ae:1e:e8:6c:
c1:5d:66:7b:83:84:25:42:55:53:e1:2c:f2:68:50:90:22:76:
e3:33:3e:7b:05:a6:a6:01:04:41:9a:05:49:ea:66:9f:d9:24:
16:f7:1f:6e:b9:79:30:d7:dc:1b:65:85:fe:be:98:b1:b5:75:
95:7f:04:a0:51:eb:eb:d7:e1:01:ec:49:97:1c:bd:a1:97:99:
ef:3b:2f:25:5a:11:3b:a7:7a:cd:5e:85:a8:a2:35:98:bb:7e:
87:a4:4d:e7:bc:64:74:c0:f5:5f:89:bb:cc:0f:13:6b:84:99:
ca:6d:b8:dc:18:94:fc:a3:db:34:48:0b:90:c3:3d:62:21:91:
54:aa:5f:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUakFFTvCiyVDjzdJUWOb3r457m1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTQwMDlaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3YjFkM2Q2NTNhZmFhMzQwOTIyMjc3MjBmNTJiMjJlNjBiZWJjNDRhYmQ1
OGIzMGZlMzUxZjNjMTlmYjljMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhNRTUnGzjtc4PI+ObUhioyBTExISNibik+qbbVPtFLqC7Dx+J/PTTk6EBc
TsvXiAxj2rpa/IzZL2Vgel5tui3ZOYpyn2nqFDWzMEIAT2sX30kF/f1l9v05QRX1
91fi9pmhf7UxqMHZqLUvuZrisFv6hJpnY1NwC/vl5rnm4NgEVFUt7cvd4WCWUf60
y1D0VU71U9tJpCItKxgsJn+BfRlu6yJpTbODSHxXFS4o/xxYwHayOuJ8lKP+h9d6
v9XBemN4au1l3wotqMwC+yqG528QEV0lyMMai6OdoAqX8KbE8X8s1A/N9dFho3j1
48iJiRFqh4DTqWUNlIEtjOcolUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTnDv46
IKcm8HExGFofh4xAFw0GKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWM3ZDE2NTMtMmZhMy00ODE3LThlMDAtODdlNmMzZjJhOWMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQAhHgmIF414Yq/iqgZEwyrS6FlLoXvOc5HoSZ0j
/KxKropxE1GuReYdqr0KHcmBFm/ZF+YTo2UHE85Fj9GAzxEkcXPMmm5kJP82Ou81
FWLaKutUeNVlro5Hs9Pi53jZQ/RVQdFWByRdZ/mo9N8UbtjAwXin5iLcuNnKPa4e
6GzBXWZ7g4QlQlVT4SzyaFCQInbjMz57BaamAQRBmgVJ6maf2SQW9x9uuXkw19wb
ZYX+vpixtXWVfwSgUevr1+EB7EmXHL2hl5nvOy8lWhE7p3rNXoWoojWYu36HpE3n
vGR0wPVfibvMDxNrhJnKbbjcGJT8o9s0SAuQwz1iIZFUql8G
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:35 2026 by rpki-client