Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
File: bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa (raw, json)
Hash identifier: wlJaTTLY3s27a/ulqAv5wcI/jaVSzcwh7FlOck3iF7c=
Subject key identifier: B8:9D:6A:F5:B0:54:08:E4:F9:C8:01:0E:48:C4:F4:55:CC:8E:3B:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65F56B9FE3C9D77EC457C3320688F81820FD9322
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
Signing time: Fri 20 Feb 2026 01:50:33 +0000
ROA not before: Fri 20 Feb 2026 01:50:33 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:f5:6b:9f:e3:c9:d7:7e:c4:57:c3:32:06:88:f8:18:20:fd:93:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:33 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=2d6d7940e93e375c13d70f8d1ea1a9db52273b2d45228a5703ad8f3a8702f790, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:41:f0:e3:94:9b:a6:bd:30:b3:b2:ab:dc:bd:
1e:12:4c:4a:e7:bd:74:5f:af:dd:ea:9a:e4:b6:cb:
4f:de:a0:8a:38:66:8c:eb:7a:cb:18:09:58:93:d7:
a6:d7:b5:40:a0:5d:81:77:79:a7:52:59:1a:6e:9d:
16:44:4f:54:d2:fd:15:d7:1c:24:b3:94:8e:25:6d:
7b:03:3c:fa:bd:aa:ab:cd:8b:fb:9d:c8:94:c3:34:
48:df:d5:11:87:13:0e:ad:cd:b0:3b:21:af:34:4c:
3a:f9:40:d7:59:8b:38:fe:15:5a:33:a0:86:72:36:
18:57:69:ac:e0:e5:32:5c:0f:bc:c6:7c:a1:35:f2:
58:8b:cb:e0:e6:d5:ae:09:03:2d:c5:55:1b:d1:70:
74:ad:72:70:34:41:1f:ed:b6:f0:de:f0:9b:8c:49:
05:4c:dc:8b:b0:48:4e:9b:f3:e5:c3:4f:54:0a:cc:
12:1f:aa:63:dd:cc:78:52:85:31:99:b6:37:e9:08:
ec:4a:94:a7:c8:7f:5e:4e:a2:03:e0:c0:9c:a6:7c:
25:e4:4e:dd:d6:5f:bc:df:66:b0:3d:6c:8c:8a:d7:
47:4e:db:b3:69:12:08:26:13:f9:9b:0c:2a:a5:38:
57:ca:59:25:69:ce:c9:77:55:cc:8b:78:1e:38:8b:
b7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:9D:6A:F5:B0:54:08:E4:F9:C8:01:0E:48:C4:F4:55:CC:8E:3B:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:03:13:05:96:51:41:a6:4d:f2:28:8c:6a:62:a6:4f:63:72:
1d:4c:a8:0a:57:8f:fa:ed:34:42:79:64:24:31:18:df:ea:8c:
e3:e7:1b:8b:27:0a:03:4a:6a:bf:79:b9:53:ee:dc:1e:d7:27:
7a:55:dd:02:8f:07:2e:a5:a7:a1:49:65:81:f9:bd:70:b5:0b:
ac:8a:f0:1d:e7:6a:93:ef:e2:71:b5:8a:b4:f5:47:78:0e:f6:
e5:7c:ed:21:45:36:21:c4:0d:da:6c:85:73:61:3f:61:78:e2:
42:8e:da:ac:e3:bb:66:92:1c:12:66:8c:1d:9d:e5:e3:91:12:
fb:03:db:6f:a0:4b:69:11:c6:79:45:e8:73:76:e7:63:5b:e5:
99:13:ed:62:d1:a8:a4:af:a9:4f:5b:11:b5:72:fa:79:54:b8:
99:ca:2f:7b:e3:75:af:78:84:a8:b0:9d:0f:9c:49:2d:d6:4c:
2e:c6:51:0f:df:59:4b:29:43:53:eb:7b:71:6d:05:35:88:27:
ec:36:0c:da:6a:d9:9b:b0:b5:bb:ea:11:cb:7e:39:e2:92:e2:
cd:60:c3:5d:43:14:55:79:ec:e6:33:8f:92:6e:41:38:04:c9:
34:7d:47:f6:3f:1f:a4:34:a6:5e:1b:78:ac:72:9b:11:9a:d0:
47:a6:74:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZfVrn+PJ137EV8MyBoj4GCD9kyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMzNaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNmQ3OTQwZTkzZTM3NWMxM2Q3MGY4ZDFlYTFhOWRiNTIyNzNiMmQ0NTIy
OGE1NzAzYWQ4ZjNhODcwMmY3OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRB8OOUm6a9MLOyq9y9HhJMSue9dF+v3eqa5LbLT96gijhmjOt6yxgJWJPX
pte1QKBdgXd5p1JZGm6dFkRPVNL9FdccJLOUjiVtewM8+r2qq82L+53IlMM0SN/V
EYcTDq3NsDshrzRMOvlA11mLOP4VWjOghnI2GFdprODlMlwPvMZ8oTXyWIvL4ObV
rgkDLcVVG9FwdK1ycDRBH+228N7wm4xJBUzci7BITpvz5cNPVArMEh+qY93MeFKF
MZm2N+kI7EqUp8h/Xk6iA+DAnKZ8JeRO3dZfvN9msD1sjIrXR07bs2kSCCYT+ZsM
KqU4V8pZJWnOyXdVzIt4HjiLt1UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4nWr1
sFQI5PnIAQ5IxPRVzI47aDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRhYTZkZTYtMDBkMy00ZDE4LThhYTAtMGJmODI4ODhkMzZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQCkAxMFllFBpk3yKIxqYqZPY3IdTKgKV4/67TRC
eWQkMRjf6ozj5xuLJwoDSmq/eblT7twe1yd6Vd0CjwcupaehSWWB+b1wtQusivAd
52qT7+JxtYq09Ud4DvblfO0hRTYhxA3abIVzYT9heOJCjtqs47tmkhwSZowdneXj
kRL7A9tvoEtpEcZ5RehzdudjW+WZE+1i0aikr6lPWxG1cvp5VLiZyi9743WveISo
sJ0PnEkt1kwuxlEP31lLKUNT63txbQU1iCfsNgzaatmbsLW76hHLfjnikuLNYMNd
QxRVeezmM4+SbkE4BMk0fUf2Px+kNKZeG3iscpsRmtBHpnSm
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:25:44 2026 by rpki-client