Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
File: bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa (raw, json)
Hash identifier: MZtwRNaB689iAQwIheFeFAlUi4ZsmisOkxUSB2AnEI4=
Subject key identifier: 79:F0:9F:31:DD:D4:A4:3C:C4:57:DE:CF:72:FF:6D:88:07:45:B7:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2717C02D7BC4D1F5A0A7FD87B58CC8EAF8F08B62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
Signing time: Fri 20 Feb 2026 01:50:10 +0000
ROA not before: Fri 20 Feb 2026 01:50:10 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:17:c0:2d:7b:c4:d1:f5:a0:a7:fd:87:b5:8c:c8:ea:f8:f0:8b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:10 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=03aa1426bc20e5cefb458ca7a2870909053ade1495d7bdfc1700cc3807839aba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:21:2a:8b:6c:36:1b:6e:d4:e9:8b:8c:12:4d:
c3:5f:6e:57:e3:f0:f8:90:b2:2e:86:42:9f:12:75:
47:4a:fb:09:2b:2e:d1:53:ed:0b:3b:86:6c:ba:97:
54:38:0f:02:d4:a3:40:4e:97:fb:16:0f:35:75:bd:
8d:c9:5a:2c:f2:aa:52:68:2d:aa:93:0b:32:f5:7c:
e2:bb:06:59:03:70:7e:0a:e5:a4:10:dc:10:d4:1f:
fe:c2:dc:dc:49:bb:17:db:55:a3:8b:bd:f6:c7:3a:
5f:b8:71:f0:56:a7:eb:71:c1:6f:60:6d:a7:df:74:
19:54:fc:f9:25:37:27:74:c6:5f:36:e2:72:8c:25:
b5:e0:87:2a:99:64:67:95:10:29:aa:17:25:e2:24:
b3:b7:4f:18:e1:62:ec:af:8c:13:91:da:d1:2c:a3:
3e:16:99:57:f6:11:51:fa:e0:88:7d:4f:cd:3a:70:
79:1e:2c:fb:0f:ac:6a:7a:da:56:1a:b7:e8:da:23:
1f:6e:f2:1a:2b:8f:0c:43:2a:18:e5:f4:39:72:5b:
fa:49:a3:cd:ae:24:10:ff:a2:63:6b:8f:10:6c:c6:
3b:a0:a5:4a:d0:6e:ed:33:72:f2:ab:dd:34:7d:9c:
28:12:d4:a5:71:22:3b:f8:ab:14:b5:d7:e0:ad:07:
1d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F0:9F:31:DD:D4:A4:3C:C4:57:DE:CF:72:FF:6D:88:07:45:B7:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
78:b2:39:ce:ed:9c:48:b9:ea:3c:cb:89:de:0f:e8:c3:e2:38:
77:24:84:61:b4:2c:2b:50:72:5d:10:7c:9b:cf:12:43:35:09:
56:e1:3f:09:f6:45:8f:08:d1:68:f9:aa:f1:84:41:f5:35:5f:
4a:98:ea:aa:1b:a8:ec:f7:a5:83:41:07:ae:dc:3f:91:91:df:
db:3a:7b:f0:1c:f6:62:04:21:4c:0b:5d:3b:e3:4b:89:b9:ed:
90:25:2a:17:73:6d:74:97:aa:3c:9c:9a:13:c4:7e:1a:c3:dd:
b4:41:7d:ae:a9:88:38:db:9d:fe:68:13:e9:04:e6:47:e4:10:
8b:1a:32:30:5e:4b:a7:2c:25:cd:97:81:13:66:3e:7b:16:de:
44:73:ec:2f:ce:d4:a5:d3:bf:12:07:e5:84:fb:40:00:7c:5d:
69:92:91:67:f2:5b:a9:b7:f4:f9:f9:1f:8f:5b:2a:08:ec:cf:
53:6c:2e:bd:55:c7:0d:66:12:6f:63:c5:60:b4:a6:50:a1:87:
dd:b4:fa:ac:a8:8d:ee:e0:39:98:95:9c:37:18:6e:7b:5a:3f:
8a:63:42:b1:a8:94:12:fe:69:9c:32:51:84:ca:64:50:28:ff:
72:71:9b:12:ee:78:71:02:b5:4c:fa:f3:46:91:2f:95:80:28:
aa:b6:b4:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJxfALXvE0fWgp/2HtYzI6vjwi2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMTBaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzYWExNDI2YmMyMGU1Y2VmYjQ1OGNhN2EyODcwOTA5MDUzYWRlMTQ5NWQ3
YmRmYzE3MDBjYzM4MDc4MzlhYmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKohKotsNhtu1OmLjBJNw19uV+Pw+JCyLoZCnxJ1R0r7CSsu0VPtCzuGbLqX
VDgPAtSjQE6X+xYPNXW9jclaLPKqUmgtqpMLMvV84rsGWQNwfgrlpBDcENQf/sLc
3Em7F9tVo4u99sc6X7hx8Fan63HBb2Btp990GVT8+SU3J3TGXzbicowlteCHKplk
Z5UQKaoXJeIks7dPGOFi7K+ME5Ha0SyjPhaZV/YRUfrgiH1PzTpweR4s+w+sanra
Vhq36NojH27yGiuPDEMqGOX0OXJb+kmjza4kEP+iY2uPEGzGO6ClStBu7TNy8qvd
NH2cKBLUpXEiO/irFLXX4K0HHc0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR58J8x
3dSkPMRX3s9y/22IB0W34jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM1OWU0MjEtYmExZC00ZjZhLWFlYmEtOWQ1YzY3M2E3MDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQB4sjnO7ZxIueo8y4neD+jD4jh3JIRhtCwrUHJd
EHybzxJDNQlW4T8J9kWPCNFo+arxhEH1NV9KmOqqG6js96WDQQeu3D+Rkd/bOnvw
HPZiBCFMC10740uJue2QJSoXc210l6o8nJoTxH4aw920QX2uqYg4253+aBPpBOZH
5BCLGjIwXkunLCXNl4ETZj57Ft5Ec+wvztSl078SB+WE+0AAfF1pkpFn8lupt/T5
+R+PWyoI7M9TbC69VccNZhJvY8VgtKZQoYfdtPqsqI3u4DmYlZw3GG57Wj+KY0Kx
qJQS/mmcMlGEymRQKP9ycZsS7nhxArVM+vNGkS+VgCiqtrTo
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:08 2026 by rpki-client