Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
File: c65e11fa-ec6d-4214-88c5-464a024d8957.roa (raw, json)
Hash identifier: pkJvkvFySYOWb9JJRu63fzjT0Y+t/SogB2j9GlSMKvw=
Subject key identifier: 7A:06:75:01:1B:CC:AF:D9:71:BB:5D:2F:5B:B8:07:F3:71:90:09:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79548EF5CA042EF90EB5AD39D96D27C91EB7416E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
Signing time: Fri 13 Feb 2026 15:21:03 +0000
ROA not before: Fri 13 Feb 2026 15:21:03 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:54:8e:f5:ca:04:2e:f9:0e:b5:ad:39:d9:6d:27:c9:1e:b7:41:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:21:03 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=d4f19a67b354730e8de1258729ba65f1b4db1b1cdb912eb68dbf184a131118bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b2:33:1d:e8:d1:dd:7d:12:b8:c5:1b:ea:6b:
75:81:df:63:76:a5:9c:85:09:75:b4:fd:f3:2b:f6:
25:31:9f:ba:82:83:7f:fd:19:bd:9e:33:50:75:c4:
48:ce:27:a9:5d:4c:f5:a1:3f:b1:6a:f0:ad:6c:c8:
c7:a7:3e:ee:d3:d8:f6:9e:5f:c1:e7:ac:9a:3e:2f:
23:6b:b3:a3:78:fe:d0:fb:23:52:82:ee:90:4a:6b:
d6:dd:6b:48:8c:4d:eb:af:63:c9:5d:d7:6f:4e:ec:
89:1b:4c:ea:d2:7f:85:e5:10:70:ea:0d:ae:5b:fb:
0a:74:47:05:ae:50:52:6d:ed:04:24:ad:bd:dd:47:
60:1a:35:35:41:71:85:bc:0c:36:b2:fe:04:a3:35:
c9:63:84:7e:52:ca:6e:75:2d:b1:a6:59:ba:7d:61:
9d:94:05:37:b5:97:46:51:2f:ce:5f:bf:f0:a1:fc:
cb:26:ab:dc:f4:fe:52:dd:d0:d6:64:81:f1:93:bc:
31:aa:be:4a:7e:82:7e:b5:06:19:65:ec:9e:73:0e:
e4:9e:5a:8f:8b:6c:b7:bb:31:fa:f9:ca:93:e6:0f:
35:db:a8:b6:a9:c7:0b:76:53:46:5d:d2:82:0f:e1:
49:4a:38:c2:41:11:1a:9a:79:2c:ed:d1:79:41:f5:
e7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:06:75:01:1B:CC:AF:D9:71:BB:5D:2F:5B:B8:07:F3:71:90:09:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4000::/40
Signature Algorithm: sha256WithRSAEncryption
00:f2:76:1d:02:49:4f:7d:37:c4:a3:03:97:28:38:c3:46:6c:
88:ab:80:2c:4d:35:40:a4:c1:77:f6:26:b7:c6:7b:8a:38:19:
75:9d:5e:fc:1d:7e:cd:23:dd:ca:d4:15:a5:b3:17:85:88:62:
3c:82:ba:46:47:ef:b0:d5:08:8a:6c:b1:30:f8:88:9d:6c:8b:
c5:fa:40:29:21:7f:4f:63:91:ab:01:16:ac:22:60:16:67:4b:
8e:22:00:d3:2f:c7:54:2e:96:f0:30:0a:aa:fd:82:bd:23:6d:
f0:5e:56:e5:90:db:ee:37:7f:1e:81:37:5f:fe:b0:3f:ae:25:
df:8a:0f:c6:80:0e:d0:eb:70:42:6b:7b:ea:e5:35:7c:66:99:
52:0f:27:e6:99:0f:9c:15:21:45:ec:18:73:42:2e:d3:40:93:
e7:fe:eb:1e:b4:90:6a:81:4a:6d:04:36:10:21:29:e6:d6:07:
bc:2e:7f:87:6b:a3:c0:68:ff:df:b2:e5:f8:e4:43:c4:4c:54:
af:53:a1:f6:d1:d4:82:dd:37:ee:e8:6c:f5:01:e2:e9:6c:00:
5e:76:ab:cf:17:81:41:ff:3a:fd:b7:6b:87:f7:df:0a:5f:71:
41:34:93:26:61:96:ed:55:ec:dd:da:96:fe:ce:4d:2d:86:a9:
83:fc:a8:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeVSO9coELvkOta052W0nyR63QW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIxMDNaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ZjE5YTY3YjM1NDczMGU4ZGUxMjU4NzI5YmE2NWYxYjRkYjFiMWNkYjkx
MmViNjhkYmYxODRhMTMxMTE4YmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeyMx3o0d19ErjFG+prdYHfY3alnIUJdbT98yv2JTGfuoKDf/0ZvZ4zUHXE
SM4nqV1M9aE/sWrwrWzIx6c+7tPY9p5fweesmj4vI2uzo3j+0PsjUoLukEpr1t1r
SIxN669jyV3Xb07siRtM6tJ/heUQcOoNrlv7CnRHBa5QUm3tBCStvd1HYBo1NUFx
hbwMNrL+BKM1yWOEflLKbnUtsaZZun1hnZQFN7WXRlEvzl+/8KH8yyar3PT+Ut3Q
1mSB8ZO8Maq+Sn6CfrUGGWXsnnMO5J5aj4tst7sx+vnKk+YPNduotqnHC3ZTRl3S
gg/hSUo4wkERGpp5LO3ReUH1500CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6BnUB
G8yv2XG7XS9buAfzcZAJcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzY1ZTExZmEtZWM2ZC00MjE0LTg4YzUtNDY0YTAyNGQ4OTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFA
MA0GCSqGSIb3DQEBCwUAA4IBAQAA8nYdAklPfTfEowOXKDjDRmyIq4AsTTVApMF3
9ia3xnuKOBl1nV78HX7NI93K1BWlsxeFiGI8grpGR++w1QiKbLEw+IidbIvF+kAp
IX9PY5GrARasImAWZ0uOIgDTL8dULpbwMAqq/YK9I23wXlblkNvuN38egTdf/rA/
riXfig/GgA7Q63BCa3vq5TV8ZplSDyfmmQ+cFSFF7BhzQi7TQJPn/usetJBqgUpt
BDYQISnm1ge8Ln+Ha6PAaP/fsuX45EPETFSvU6H20dSC3Tfu6Gz1AeLpbABedqvP
F4FB/zr9t2uH998KX3FBNJMmYZbtVezd2pb+zk0thqmD/KjQ
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:02:53 2026 by rpki-client