Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
File: d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa (raw, json)
Hash identifier: EqKTucrZjQQSVBqCkLD/0np72QCoyXfZteyIUaBLWNE=
Subject key identifier: E8:1B:2F:01:A0:8D:44:C5:2C:8A:38:E1:21:E7:8A:31:7E:71:23:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E49917038EA73CF9A1A908EC3C6E4F9C62B2A08
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
Signing time: Fri 13 Feb 2026 15:30:12 +0000
ROA not before: Fri 13 Feb 2026 15:30:12 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:49:91:70:38:ea:73:cf:9a:1a:90:8e:c3:c6:e4:f9:c6:2b:2a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:30:12 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=62ad3bb16916de9c749e76a9c418f149b744c473f7a4dae5332ba5500f66aad2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:47:6d:23:34:05:0c:10:b4:a4:ce:7a:a9:94:
a8:86:91:29:2a:35:68:72:13:15:da:28:bc:3d:36:
96:a0:54:bb:6e:20:68:f2:d0:23:44:74:c3:1e:7a:
2e:e7:9e:71:05:42:6c:5e:03:ab:76:d5:62:75:69:
16:0c:c8:98:d3:d2:4d:b5:c7:f6:3e:61:a1:44:7b:
b8:9c:90:ce:73:78:48:14:e0:ea:fb:9c:49:92:b1:
aa:20:06:dc:87:4f:9b:c0:1a:6d:82:b8:ec:6a:54:
f0:87:0f:5f:21:7a:bf:48:bb:00:09:c1:ec:05:35:
48:92:f2:49:cd:38:6d:d0:83:af:2b:53:5b:39:d9:
80:8f:38:60:f2:b1:f5:fd:5b:19:40:f8:60:03:19:
28:a8:bf:13:09:82:a5:8d:42:d8:e9:be:1d:b4:38:
79:0d:fd:1b:fa:68:37:7f:5f:21:be:33:21:77:e7:
02:30:dc:92:04:ae:ef:6e:77:ce:7a:0f:74:64:bf:
71:05:7e:0b:6d:eb:78:f9:c5:bc:b9:0a:e6:67:40:
58:26:33:e1:9e:17:13:94:ef:b6:9d:99:63:94:d6:
fe:91:fa:55:1c:26:22:48:93:7f:58:40:67:da:49:
2b:c7:de:71:24:a5:4a:b6:c1:41:ce:76:63:e6:21:
f1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:1B:2F:01:A0:8D:44:C5:2C:8A:38:E1:21:E7:8A:31:7E:71:23:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c040::/46
Signature Algorithm: sha256WithRSAEncryption
30:a3:d2:fd:b5:b9:8e:ca:6c:55:46:53:d5:0b:06:cb:72:d5:
77:db:f1:59:88:de:4c:b0:5c:dd:b2:8e:97:7e:a4:77:d2:ee:
78:45:54:e4:92:9c:8f:f8:be:39:4f:8a:db:db:55:da:4f:e1:
09:3f:58:cc:a9:0b:2b:c1:b1:7e:01:5d:cb:06:27:19:71:0d:
cb:f2:68:3e:89:89:57:d8:e5:a0:1d:13:fc:14:58:fe:34:85:
99:20:cf:b9:2f:c2:5b:52:25:6a:f7:44:79:90:f0:78:89:ba:
f7:82:a0:97:ea:fd:f9:c6:01:3b:e6:43:d5:50:e2:d2:d4:ec:
3f:ce:a3:38:85:61:8d:4c:93:01:87:08:36:7c:21:96:af:2f:
26:d5:9a:16:a1:06:79:11:d5:16:a8:6f:fb:7c:94:21:59:02:
b0:60:fb:c6:8b:7e:46:88:ef:fc:99:ce:e6:f2:db:af:31:46:
d3:61:35:48:39:64:5c:62:93:44:0b:00:d4:63:5b:15:27:52:
b2:0a:c3:25:a4:e2:97:f4:b6:3e:50:b6:0c:0b:0b:4a:06:f7:
58:b3:91:7d:e6:2b:0e:a4:f3:92:59:fc:32:77:ac:6c:9f:d6:
2a:ef:f9:0e:1a:5a:ca:7e:c9:9c:25:49:35:cc:e3:d7:73:f4:
c2:c0:57:eb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHkmRcDjqc8+aGpCOw8bk+cYrKggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTMwMTJaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyYWQzYmIxNjkxNmRlOWM3NDllNzZhOWM0MThmMTQ5Yjc0NGM0NzNmN2E0
ZGFlNTMzMmJhNTUwMGY2NmFhZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNHbSM0BQwQtKTOeqmUqIaRKSo1aHITFdoovD02lqBUu24gaPLQI0R0wx56
LueecQVCbF4Dq3bVYnVpFgzImNPSTbXH9j5hoUR7uJyQznN4SBTg6vucSZKxqiAG
3IdPm8AabYK47GpU8IcPXyF6v0i7AAnB7AU1SJLySc04bdCDrytTWznZgI84YPKx
9f1bGUD4YAMZKKi/EwmCpY1C2Om+HbQ4eQ39G/poN39fIb4zIXfnAjDckgSu7253
znoPdGS/cQV+C23rePnFvLkK5mdAWCYz4Z4XE5Tvtp2ZY5TW/pH6VRwmIkiTf1hA
Z9pJK8fecSSlSrbBQc52Y+Yh8akCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBToGy8B
oI1ExSyKOOEh54oxfnEjPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFjMDFjOTItNGEyZS00MGM4LTliNzItZTY1M2FjOTg5NmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
QDANBgkqhkiG9w0BAQsFAAOCAQEAMKPS/bW5jspsVUZT1QsGy3LVd9vxWYjeTLBc
3bKOl36kd9LueEVU5JKcj/i+OU+K29tV2k/hCT9YzKkLK8GxfgFdywYnGXENy/Jo
PomJV9jloB0T/BRY/jSFmSDPuS/CW1IlavdEeZDweIm694Kgl+r9+cYBO+ZD1VDi
0tTsP86jOIVhjUyTAYcINnwhlq8vJtWaFqEGeRHVFqhv+3yUIVkCsGD7xot+Rojv
/JnO5vLbrzFG02E1SDlkXGKTRAsA1GNbFSdSsgrDJaTil/S2PlC2DAsLSgb3WLOR
feYrDqTzkln8MnesbJ/WKu/5Dhpayn7JnCVJNczj13P0wsBX6w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:00:43 2026 by rpki-client