Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
File: adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa (raw, json)
Hash identifier: zSgUypcnBsJnYkke4G0Ttn2tgaOB3L1j3horvKZaUjk=
Subject key identifier: F8:6D:FB:85:71:38:D7:CC:F6:CA:0C:FF:E9:D3:08:9B:9A:60:F1:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BA44E9D16768BFF41A9B19C349AD3DB5B78AB3F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
Signing time: Fri 13 Feb 2026 15:20:31 +0000
ROA not before: Fri 13 Feb 2026 15:20:31 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:a4:4e:9d:16:76:8b:ff:41:a9:b1:9c:34:9a:d3:db:5b:78:ab:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:31 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=ab7dff45f6a70b9b062730f653edafba4b55c82f86a2e3645cc7b0c05b6ad91e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7b:8d:06:96:d1:75:6d:38:aa:bf:09:e6:82:
62:0d:cd:46:eb:50:f7:d0:20:25:81:32:f2:db:fe:
1d:5b:d2:3e:93:19:2b:e6:7d:5b:ae:3a:a6:9d:ab:
4e:11:b5:48:53:16:16:ef:3e:34:49:a4:ce:f5:a7:
f6:ea:5f:ae:b2:ec:ce:8c:b5:cd:97:7b:a0:d9:7a:
31:f7:09:66:8e:0d:1b:e7:ed:a0:da:f9:b9:08:10:
5f:63:45:2b:d2:7d:c0:8a:e8:fb:21:16:54:f0:d8:
e2:c1:f0:4b:dc:ae:cd:da:02:d8:5b:fc:f1:f6:0a:
bb:2d:cf:c9:64:d4:aa:ca:41:36:9f:f0:a0:27:5e:
79:82:ef:33:c5:d5:1d:cb:c3:ea:67:d1:20:25:1b:
f5:8f:69:8c:b6:65:60:be:76:52:d3:ec:4d:60:cd:
a8:3b:67:6d:7a:f9:5f:70:cc:3d:7a:3b:aa:2d:d0:
dd:c5:6e:00:3f:db:58:5e:18:00:63:e9:45:e8:74:
8d:f3:c9:7b:e5:fa:78:5e:b2:09:2f:44:44:a4:0c:
23:3e:e1:36:f5:a8:19:30:cb:8b:ef:05:83:25:c5:
fd:5c:b7:69:fa:3b:b3:51:84:6e:5a:30:a1:0e:b3:
fb:90:e0:aa:01:d3:98:ce:a6:7f:af:33:66:da:41:
e0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:6D:FB:85:71:38:D7:CC:F6:CA:0C:FF:E9:D3:08:9B:9A:60:F1:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:1080::/46
Signature Algorithm: sha256WithRSAEncryption
4c:2e:14:1c:93:62:3d:1a:e3:78:62:b7:c7:42:b1:a3:8a:97:
12:f5:64:42:db:f8:ee:fa:d6:2a:44:a8:86:a2:20:c4:1c:19:
79:f5:0c:47:6d:40:15:d7:02:bd:9f:7a:37:e7:6a:90:66:a2:
21:b4:c5:4e:9d:80:12:c4:45:0b:60:63:c9:08:2b:0f:f2:53:
52:d4:d7:70:77:5c:fb:ce:a0:e2:d8:fc:93:15:db:7b:78:d2:
4f:d4:2d:26:f9:ea:87:46:92:74:1a:4f:24:a4:d1:dd:69:09:
30:57:45:5f:a5:46:6f:38:34:1b:fb:0c:53:95:40:c9:9d:c0:
11:d8:91:74:c6:41:2b:4d:49:31:92:4a:4d:d3:3f:12:d9:fa:
a4:76:ee:1e:df:16:ef:d6:38:29:2e:c9:c9:fa:14:28:f7:77:
61:ed:6f:08:b7:17:2b:16:7d:84:6b:fb:2d:01:b7:a4:38:04:
4b:9f:c3:9c:fd:cf:b5:00:7c:8c:20:48:1a:0f:3d:ce:ba:20:
13:f1:b1:1c:74:42:6f:b1:36:05:8f:39:8e:bb:a4:c5:2e:fd:
92:d3:38:ba:0d:a0:63:77:4f:b6:16:62:a7:17:af:c6:38:c1:
d4:bb:af:84:dc:85:70:ee:e1:c6:a5:a2:cc:ab:8e:44:b0:fc:
6f:e7:6a:f5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUW6ROnRZ2i/9BqbGcNJrT21t4qz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMzFaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiN2RmZjQ1ZjZhNzBiOWIwNjI3MzBmNjUzZWRhZmJhNGI1NWM4MmY4NmEy
ZTM2NDVjYzdiMGMwNWI2YWQ5MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOZ7jQaW0XVtOKq/CeaCYg3NRutQ99AgJYEy8tv+HVvSPpMZK+Z9W646pp2r
ThG1SFMWFu8+NEmkzvWn9upfrrLszoy1zZd7oNl6MfcJZo4NG+ftoNr5uQgQX2NF
K9J9wIro+yEWVPDY4sHwS9yuzdoC2Fv88fYKuy3PyWTUqspBNp/woCdeeYLvM8XV
HcvD6mfRICUb9Y9pjLZlYL52UtPsTWDNqDtnbXr5X3DMPXo7qi3Q3cVuAD/bWF4Y
AGPpReh0jfPJe+X6eF6yCS9ERKQMIz7hNvWoGTDLi+8FgyXF/Vy3afo7s1GEblow
oQ6z+5DgqgHTmM6mf68zZtpB4L8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT4bfuF
cTjXzPbKDP/p0wibmmDxTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWRiMTM1MWYtM2RkNS00ZTRmLTg5NTUtMTUxNGY0MmU0OGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMQ
gDANBgkqhkiG9w0BAQsFAAOCAQEATC4UHJNiPRrjeGK3x0Kxo4qXEvVkQtv47vrW
KkSohqIgxBwZefUMR21AFdcCvZ96N+dqkGaiIbTFTp2AEsRFC2BjyQgrD/JTUtTX
cHdc+86g4tj8kxXbe3jST9QtJvnqh0aSdBpPJKTR3WkJMFdFX6VGbzg0G/sMU5VA
yZ3AEdiRdMZBK01JMZJKTdM/Etn6pHbuHt8W79Y4KS7JyfoUKPd3Ye1vCLcXKxZ9
hGv7LQG3pDgES5/DnP3PtQB8jCBIGg89zrogE/GxHHRCb7E2BY85jrukxS79ktM4
ug2gY3dPthZipxevxjjB1LuvhNyFcO7hxqWizKuORLD8b+dq9Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:11:10 2026 by rpki-client