Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac808304-7110-40ab-b55b-b3af42a90484.roa
File: ac808304-7110-40ab-b55b-b3af42a90484.roa (raw, json)
Hash identifier: zomkH2C4XxMOUdarhLigxTuFS+YHLb1GThFUacCAeV4=
Subject key identifier: C0:5C:1F:FC:53:1E:67:33:E3:2C:AE:53:1D:E2:D9:00:59:CB:29:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E00A84AF0969F52AA0CDF39BCADCE6F7DA9424C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac808304-7110-40ab-b55b-b3af42a90484.roa
Signing time: Wed 11 Feb 2026 01:30:51 +0000
ROA not before: Wed 11 Feb 2026 01:30:51 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:00:a8:4a:f0:96:9f:52:aa:0c:df:39:bc:ad:ce:6f:7d:a9:42:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:51 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=e9befb20af80b59604b6c56a66b5350b641fa40e1e50f3c0bd1de4dc8a49367e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9a:7d:49:19:b0:f0:9b:06:4a:83:29:2d:9e:
30:75:25:37:e0:4a:c4:97:bc:98:77:15:3b:f6:08:
e7:dc:57:30:67:3f:f8:dc:14:61:76:dd:6b:77:56:
4f:2b:0f:8f:fa:90:c1:38:b5:01:7a:fd:9a:ed:1e:
b4:f6:57:49:e8:8d:1d:fb:3f:8f:5f:42:96:83:27:
1f:43:71:19:9a:8f:33:7b:59:06:ae:90:2c:ab:06:
c0:8d:4e:c3:0d:e1:31:a3:3d:36:55:51:08:e1:cd:
81:4c:69:bb:7c:6e:31:bb:92:e4:36:c4:5f:97:9a:
22:8d:71:66:fa:39:c9:5b:d5:22:c9:82:43:53:8c:
ec:e5:91:f6:27:92:dd:0d:f8:96:3e:5e:f8:27:64:
76:ce:5b:ae:c9:bc:e2:0b:de:2c:23:d7:b0:6d:60:
88:27:75:c1:a1:c2:a8:40:74:87:01:76:91:12:bb:
5d:db:8c:61:ac:b3:a7:41:de:5e:f2:33:20:7a:cb:
e5:52:6c:0b:01:94:78:62:93:39:20:f2:9c:4c:15:
c6:70:22:d1:13:36:f9:ce:f1:8d:6a:9f:b7:55:6d:
2a:f4:b4:39:c1:05:64:ab:30:c4:05:4c:7c:85:1f:
2a:7b:8f:80:3f:3b:09:94:e8:46:13:68:ba:f9:52:
20:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:5C:1F:FC:53:1E:67:33:E3:2C:AE:53:1D:E2:D9:00:59:CB:29:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac808304-7110-40ab-b55b-b3af42a90484.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
b8:a6:91:97:59:be:3d:60:bc:72:23:88:40:f3:8a:b2:76:d1:
ca:98:52:45:c4:75:60:af:58:bc:f3:5f:e1:4e:b9:c9:6e:8d:
50:13:73:16:68:e2:cb:94:06:59:f2:66:9b:7e:83:7d:01:74:
d9:f1:c6:35:b1:c9:89:8f:bf:bf:23:b6:aa:a7:e1:af:7b:29:
cf:63:21:96:10:bb:61:19:39:35:bb:cb:63:dc:14:ae:cc:6d:
1c:09:a3:c3:e6:2a:bc:7b:f3:62:55:27:f3:fd:37:5d:8c:f2:
80:3f:88:1e:4c:d4:35:63:b3:ad:46:0d:1f:a7:89:3e:06:ad:
1f:47:ad:9f:c0:76:ed:a2:57:49:ea:76:fb:98:45:c0:f2:f5:
da:d4:eb:c6:2a:a4:72:fa:c3:40:86:a2:eb:d7:9f:22:75:33:
7f:74:87:f8:e5:6c:c3:9f:42:61:89:5a:e4:74:cf:57:a6:8f:
c8:bc:ec:f7:04:42:09:98:ac:70:1f:e0:df:91:d2:31:d0:17:
68:c2:4d:75:a0:6f:3a:b6:ba:4d:0c:12:73:20:75:49:b0:91:
78:c2:29:bc:5c:e3:96:49:5a:20:8e:82:77:c4:2b:f1:8c:6f:
c9:ef:05:94:07:cf:48:a0:07:a8:44:f1:52:da:33:a8:6c:94:
3a:bd:0e:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTgCoSvCWn1KqDN85vK3Ob32pQkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwNTFaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YmVmYjIwYWY4MGI1OTYwNGI2YzU2YTY2YjUzNTBiNjQxZmE0MGUxZTUw
ZjNjMGJkMWRlNGRjOGE0OTM2N2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+afUkZsPCbBkqDKS2eMHUlN+BKxJe8mHcVO/YI59xXMGc/+NwUYXbda3dW
TysPj/qQwTi1AXr9mu0etPZXSeiNHfs/j19CloMnH0NxGZqPM3tZBq6QLKsGwI1O
ww3hMaM9NlVRCOHNgUxpu3xuMbuS5DbEX5eaIo1xZvo5yVvVIsmCQ1OM7OWR9ieS
3Q34lj5e+Cdkds5brsm84gveLCPXsG1giCd1waHCqEB0hwF2kRK7XduMYayzp0He
XvIzIHrL5VJsCwGUeGKTOSDynEwVxnAi0RM2+c7xjWqft1VtKvS0OcEFZKswxAVM
fIUfKnuPgD87CZToRhNouvlSIA0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTAXB/8
Ux5nM+MsrlMd4tkAWcspPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWM4MDgzMDQtNzExMC00MGFiLWI1NWItYjNhZjQyYTkwNDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GoI
wDANBgkqhkiG9w0BAQsFAAOCAQEAuKaRl1m+PWC8ciOIQPOKsnbRyphSRcR1YK9Y
vPNf4U65yW6NUBNzFmjiy5QGWfJmm36DfQF02fHGNbHJiY+/vyO2qqfhr3spz2Mh
lhC7YRk5NbvLY9wUrsxtHAmjw+YqvHvzYlUn8/03XYzygD+IHkzUNWOzrUYNH6eJ
PgatH0etn8B27aJXSep2+5hFwPL12tTrxiqkcvrDQIai69efInUzf3SH+OVsw59C
YYla5HTPV6aPyLzs9wRCCZiscB/g35HSMdAXaMJNdaBvOra6TQwScyB1SbCReMIp
vFzjlklaII6Cd8Qr8Yxvye8FlAfPSKAHqETxUtozqGyUOr0Ojw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:07:31 2026 by rpki-client