Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
File: cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa (raw, json)
Hash identifier: dK7fIRW+fi4Qdq+sbetsppBX4ccXKQp6XfaUSpO/Yxw=
Subject key identifier: 18:EE:8B:F2:92:4F:89:6A:09:BE:9B:93:61:2B:AC:4A:0A:2E:28:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32485C28401A7F9F723B585721CC2D7F060A1FCB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
Signing time: Tue 17 Feb 2026 03:00:52 +0000
ROA not before: Tue 17 Feb 2026 03:00:52 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:48:5c:28:40:1a:7f:9f:72:3b:58:57:21:cc:2d:7f:06:0a:1f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:52 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=73460436e30253d446a82064ea4c8b70cfbb6eeaf7fc56ad4d57e457257aca93, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:97:c2:0d:2f:37:6f:2a:d3:e1:b9:49:fc:20:
93:f2:94:42:3a:45:08:dd:e3:3f:4c:09:53:ca:93:
85:43:0d:e6:3f:9e:63:22:ab:98:c3:11:f7:e7:53:
c2:88:93:4a:8c:9b:07:19:9c:51:9b:8f:8d:e2:3c:
71:9a:81:66:c3:37:bf:9e:39:50:2a:b4:85:b7:d5:
51:3d:e0:8e:df:73:30:c1:c6:05:c7:99:00:41:73:
7f:cb:c1:ef:f9:df:fa:88:86:ca:a7:b7:be:36:8a:
a3:47:79:6e:6a:3a:6b:ec:a3:44:6e:7d:f6:48:e5:
3e:42:9c:84:60:8e:30:d4:80:57:e9:02:d0:94:6d:
c5:94:c2:04:7a:d6:54:d4:72:f6:ea:0e:ba:9c:5d:
f9:f6:d6:46:82:ee:e5:a5:b7:0f:93:d1:2e:a1:c0:
57:7c:f6:ad:95:02:34:b6:6d:f5:bf:02:c7:38:41:
d6:ce:57:4c:bb:70:ad:61:e3:c8:2d:6c:a2:f6:62:
7b:ed:e2:36:34:ed:e0:37:9c:99:eb:be:1c:48:83:
c3:66:af:75:b5:37:d6:14:80:ea:7e:d0:b9:b2:68:
3a:d8:e5:9f:f1:8b:08:26:b3:be:3d:60:99:b4:99:
61:1a:fc:d9:54:e5:38:a9:d7:17:eb:5f:e5:0a:b2:
83:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:EE:8B:F2:92:4F:89:6A:09:BE:9B:93:61:2B:AC:4A:0A:2E:28:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
6f:00:dd:22:e0:5e:d2:68:99:4f:0b:f8:c4:50:ea:39:97:70:
df:eb:b4:5f:45:3d:50:30:fb:2b:39:f5:5e:21:0d:36:06:5c:
e7:69:b1:66:ea:70:32:aa:9a:f8:5f:7b:63:bd:c2:8f:49:ae:
32:06:83:40:53:90:89:d7:cf:6d:42:a4:67:be:06:48:b0:bb:
dd:3e:22:30:a1:47:87:38:50:70:ae:23:24:3c:74:e6:dc:0c:
b9:a0:ee:fa:85:fa:7c:c5:0d:73:8e:91:28:ec:c5:95:a5:ff:
f7:19:3b:3b:3b:c7:f7:0e:a4:0d:be:a5:1f:4b:a0:f3:4c:a4:
c3:a7:e2:38:20:97:f2:14:01:a6:62:7e:87:7a:19:b0:f8:12:
05:3f:e2:4b:0b:80:9c:82:a7:47:b0:5e:10:ed:fd:29:84:fd:
16:33:9b:81:f4:e1:63:1c:21:15:8e:12:78:91:18:78:51:df:
07:7b:43:19:a5:95:a7:0a:b2:c2:e3:2b:57:0d:7d:a4:85:64:
f1:f0:8d:1a:8d:5c:28:72:23:21:26:d9:91:11:82:44:36:35:
80:92:6c:57:37:ff:d1:4a:7c:b8:44:9a:52:96:cb:be:5e:ac:
4d:7f:7d:b6:ef:ae:1c:35:0c:db:16:e8:d8:6a:58:c2:23:bc:
af:88:a7:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMkhcKEAaf59yO1hXIcwtfwYKH8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwNTJaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDczNDYwNDM2ZTMwMjUzZDQ0NmE4MjA2NGVhNGM4YjcwY2ZiYjZlZWFmN2Zj
NTZhZDRkNTdlNDU3MjU3YWNhOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2Xwg0vN28q0+G5Sfwgk/KUQjpFCN3jP0wJU8qThUMN5j+eYyKrmMMR9+dT
woiTSoybBxmcUZuPjeI8cZqBZsM3v545UCq0hbfVUT3gjt9zMMHGBceZAEFzf8vB
7/nf+oiGyqe3vjaKo0d5bmo6a+yjRG599kjlPkKchGCOMNSAV+kC0JRtxZTCBHrW
VNRy9uoOupxd+fbWRoLu5aW3D5PRLqHAV3z2rZUCNLZt9b8CxzhB1s5XTLtwrWHj
yC1sovZie+3iNjTt4Decmeu+HEiDw2avdbU31hSA6n7QubJoOtjln/GLCCazvj1g
mbSZYRr82VTlOKnXF+tf5Qqygw0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQY7ovy
kk+Jagm+m5NhK6xKCi4oBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2JkMjFiOWUtNzYyNy00ZWJjLWExZjgtNjM4OTBiNWQ0MTQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBvAN0i4F7SaJlPC/jEUOo5l3Df67RfRT1QMPsr
OfVeIQ02BlznabFm6nAyqpr4X3tjvcKPSa4yBoNAU5CJ189tQqRnvgZIsLvdPiIw
oUeHOFBwriMkPHTm3Ay5oO76hfp8xQ1zjpEo7MWVpf/3GTs7O8f3DqQNvqUfS6Dz
TKTDp+I4IJfyFAGmYn6Hehmw+BIFP+JLC4CcgqdHsF4Q7f0phP0WM5uB9OFjHCEV
jhJ4kRh4Ud8He0MZpZWnCrLC4ytXDX2khWTx8I0ajVwociMhJtmREYJENjWAkmxX
N//RSny4RJpSlsu+XqxNf322764cNQzbFujYaljCI7yviKer
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:12:42 2026 by rpki-client