Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa
File: d2b7a4eb-e2de-4458-a759-5125161eb686.roa (raw, json)
Hash identifier: yb5mP5IgMw1ZMrF6xntqQlwFlKOjdFBGg0pgp9bkUag=
Subject key identifier: C1:8F:8A:12:A3:F1:74:9C:FB:99:F7:26:7C:61:F1:FD:F7:F9:CC:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1863636B2A5291BFA71A2DCC69E9A3F1FE4936DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa
Signing time: Tue 17 Feb 2026 03:10:28 +0000
ROA not before: Tue 17 Feb 2026 03:10:28 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:63:63:6b:2a:52:91:bf:a7:1a:2d:cc:69:e9:a3:f1:fe:49:36:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:28 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=7740315be428c63026e178234e51a693524b59940e8639b51144226b2226d866, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:20:eb:54:a3:08:22:db:7f:a0:57:1c:2b:12:
42:83:64:af:30:69:a6:2f:f5:65:f8:f8:9e:83:c8:
fe:06:9c:9c:12:6c:90:24:2a:3c:71:94:a1:3d:15:
44:f2:81:ec:4b:56:32:95:ef:51:03:7f:df:6d:55:
75:2f:36:a3:8c:05:7f:a2:cf:27:29:09:5b:f3:e7:
14:1e:ee:af:73:ec:49:6b:10:99:14:94:d4:0f:b4:
d6:ab:0c:be:a3:aa:fc:c4:0b:bc:a8:0d:87:02:e6:
dd:e9:14:32:d9:c6:41:8c:c3:dc:f5:c3:28:5b:71:
16:c6:53:0a:67:cf:19:59:f3:5c:6b:a0:f6:6c:de:
b1:b6:49:70:ec:cf:d8:e5:d1:ae:05:2c:3f:e3:a0:
29:f3:45:ad:1f:68:83:b2:0b:ca:f8:45:50:81:e9:
16:56:50:0d:e5:fc:80:c4:67:01:38:e8:cd:c0:ac:
84:d6:70:23:c4:7a:9b:8e:fc:45:0d:e6:75:a3:0d:
d7:56:a2:c1:b0:f5:ee:53:28:15:6c:87:fa:db:3f:
b0:16:b3:b8:37:27:be:9b:f6:8c:82:a5:31:83:a0:
82:b1:01:f6:65:3c:88:3b:7a:13:94:56:26:06:7e:
24:0f:7c:fa:7d:b6:eb:3e:e3:2a:17:c1:1a:14:f1:
ca:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:8F:8A:12:A3:F1:74:9C:FB:99:F7:26:7C:61:F1:FD:F7:F9:CC:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:a000::/40
Signature Algorithm: sha256WithRSAEncryption
69:9d:8d:f6:12:e2:2b:10:31:67:0d:7d:ca:9f:c9:f9:19:3c:
de:40:4f:63:d4:c6:c0:60:a7:29:62:83:5f:35:5d:95:60:f8:
56:f8:d8:4b:cb:9e:c9:d5:80:9c:84:44:f8:d9:61:f4:7b:00:
4b:6d:83:9f:fc:5f:6b:4d:3e:9f:bc:25:a7:8d:64:15:95:4a:
4b:6c:6d:a4:02:a2:b6:e4:36:95:eb:30:b7:bd:51:27:40:69:
0f:98:cb:d5:cd:fc:c2:70:76:63:8d:16:88:bb:04:93:e0:82:
fe:91:fa:53:71:f6:7b:52:70:d0:52:87:33:43:92:24:22:05:
b7:06:9b:22:3b:cd:be:8c:c8:5c:26:f8:7a:ae:f3:ee:80:73:
1e:75:d9:c1:d7:d6:98:e9:fa:02:2c:33:a7:7c:3f:bf:4d:2b:
ab:cd:d0:20:cf:f7:c9:ee:09:3b:8f:e2:91:0b:e5:6e:20:78:
fe:f2:f2:7f:13:d2:25:81:5f:ff:bb:13:63:2f:a6:4c:c1:4d:
f6:79:bb:cb:12:7d:e8:d6:97:2a:9f:48:23:70:4d:cc:04:28:
e4:6c:54:72:b9:86:78:b6:89:f9:f6:35:fa:5e:32:8a:e3:c8:
69:7f:79:7b:bb:08:10:d0:e9:44:6c:73:ee:cd:db:86:fe:98:
d4:4e:d3:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGGNjaypSkb+nGi3Maemj8f5JNtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMjhaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3NDAzMTViZTQyOGM2MzAyNmUxNzgyMzRlNTFhNjkzNTI0YjU5OTQwZTg2
MzliNTExNDQyMjZiMjIyNmQ4NjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwg61SjCCLbf6BXHCsSQoNkrzBppi/1Zfj4noPI/gacnBJskCQqPHGUoT0V
RPKB7EtWMpXvUQN/321VdS82o4wFf6LPJykJW/PnFB7ur3PsSWsQmRSU1A+01qsM
vqOq/MQLvKgNhwLm3ekUMtnGQYzD3PXDKFtxFsZTCmfPGVnzXGug9mzesbZJcOzP
2OXRrgUsP+OgKfNFrR9og7ILyvhFUIHpFlZQDeX8gMRnATjozcCshNZwI8R6m478
RQ3mdaMN11aiwbD17lMoFWyH+ts/sBazuDcnvpv2jIKlMYOggrEB9mU8iDt6E5RW
JgZ+JA98+n226z7jKhfBGhTxyu0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTBj4oS
o/F0nPuZ9yZ8YfH99/nM3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJiN2E0ZWItZTJkZS00NDU4LWE3NTktNTEyNTE2MWViNjg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fmg
MA0GCSqGSIb3DQEBCwUAA4IBAQBpnY32EuIrEDFnDX3Kn8n5GTzeQE9j1MbAYKcp
YoNfNV2VYPhW+NhLy57J1YCchET42WH0ewBLbYOf/F9rTT6fvCWnjWQVlUpLbG2k
AqK25DaV6zC3vVEnQGkPmMvVzfzCcHZjjRaIuwST4IL+kfpTcfZ7UnDQUoczQ5Ik
IgW3BpsiO82+jMhcJvh6rvPugHMeddnB19aY6foCLDOnfD+/TSurzdAgz/fJ7gk7
j+KRC+VuIHj+8vJ/E9IlgV//uxNjL6ZMwU32ebvLEn3o1pcqn0gjcE3MBCjkbFRy
uYZ4ton59jX6XjKK48hpf3l7uwgQ0OlEbHPuzduG/pjUTtPr
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:42:38 2026 by rpki-client