Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
File: d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa (raw, json)
Hash identifier: mPyEf/3fsnqhXf6H6ob55wgsW/Dqya7G9hsJODcmcY0=
Subject key identifier: 46:1F:FF:04:18:7D:98:02:6F:5D:6C:AC:FD:00:C6:59:E6:6B:3A:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34503F7EB707B9932C18B8F4425A77A4BF3A7324
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
Signing time: Fri 13 Feb 2026 15:20:31 +0000
ROA not before: Fri 13 Feb 2026 15:20:31 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:50:3f:7e:b7:07:b9:93:2c:18:b8:f4:42:5a:77:a4:bf:3a:73:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:31 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=6a38ec6d7df6e338be6945d593855518322bf62b53637cf47e54d84274af028d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:15:ba:d2:2b:00:fa:66:b4:d5:3b:f5:30:c4:
b1:c4:b9:df:bd:ff:fc:6a:94:15:3f:7e:b8:16:3c:
2e:75:fe:9f:4f:2e:70:81:29:b2:cb:f4:1b:75:d0:
53:4a:ed:ae:bf:c9:20:0b:c9:4e:55:bf:ac:ad:d5:
f9:99:11:07:d4:2f:e3:16:8d:ca:c7:5f:68:de:1e:
c4:17:f6:f2:01:cb:2c:f7:2f:16:af:c8:7a:c8:66:
7a:93:97:83:df:b8:75:24:ff:fc:b4:64:a3:db:3c:
08:62:67:61:a8:85:1f:98:fb:98:2d:9f:f0:da:af:
04:ad:84:11:ab:71:52:90:f5:96:98:0c:fc:17:3d:
3a:3f:e0:41:c3:b2:3d:da:02:56:7c:e3:da:3d:3a:
26:6f:27:f1:b2:4c:7b:c8:7f:af:8e:c9:ba:7b:b3:
31:a8:22:64:60:64:11:02:28:1d:37:31:04:83:73:
fd:43:2a:3e:3a:90:d8:c5:a6:e9:f4:05:ba:76:40:
d8:e9:a4:1c:b2:29:c2:2b:fb:44:6b:c5:6e:4d:72:
ba:3a:e2:49:54:90:78:5c:dc:aa:ae:ab:69:b9:f5:
80:ac:61:bd:b8:90:ab:6c:fa:94:51:00:3e:eb:5c:
ff:3e:11:33:fb:06:9f:c9:65:f9:05:47:ed:f2:59:
1e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:1F:FF:04:18:7D:98:02:6F:5D:6C:AC:FD:00:C6:59:E6:6B:3A:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:840::/46
Signature Algorithm: sha256WithRSAEncryption
00:4c:0a:2a:87:1e:b7:a3:77:c7:fd:0e:1c:77:f7:93:f6:75:
12:a5:3e:5f:22:e1:14:2e:6a:d8:a5:95:e6:48:9d:8e:e5:61:
57:45:70:28:d3:56:11:b4:6f:dc:08:48:09:59:ec:49:93:1d:
1c:e3:b2:b0:4e:f3:35:94:5e:39:62:00:d4:e1:30:68:6a:64:
7e:02:03:eb:40:b3:88:af:79:33:c7:70:af:e8:d1:e7:63:a5:
7b:3e:d5:c6:2c:b7:17:bf:2d:8e:91:7d:ac:14:1b:55:73:bf:
fe:e4:8f:e3:57:3d:d8:79:83:85:33:15:dd:04:5c:01:31:d4:
bb:75:50:41:88:e9:a5:4b:f0:1c:f9:80:99:1a:e0:f1:9c:65:
c5:8d:64:48:86:df:68:45:2b:6d:e1:ab:14:06:58:c5:0d:7b:
ee:78:2f:d9:d7:a4:91:e4:ab:ff:30:15:02:03:d5:6b:78:50:
4c:80:fa:c5:c8:ca:03:52:bc:66:05:87:7a:f1:3f:65:3e:59:
5a:1a:96:7d:79:f8:80:c0:41:7e:4e:3c:4e:05:4c:27:2f:23:
18:20:53:f7:92:dc:1e:3c:63:ee:4a:c5:af:ed:60:89:46:e2:
05:bc:a2:ed:f4:ca:b1:1e:42:48:78:6a:7c:3a:f1:11:a4:d3:
14:1f:4b:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNFA/frcHuZMsGLj0Qlp3pL86cyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMzFaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhMzhlYzZkN2RmNmUzMzhiZTY5NDVkNTkzODU1NTE4MzIyYmY2MmI1MzYz
N2NmNDdlNTRkODQyNzRhZjAyOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0VutIrAPpmtNU79TDEscS5373//GqUFT9+uBY8LnX+n08ucIEpssv0G3XQ
U0rtrr/JIAvJTlW/rK3V+ZkRB9Qv4xaNysdfaN4exBf28gHLLPcvFq/IeshmepOX
g9+4dST//LRko9s8CGJnYaiFH5j7mC2f8NqvBK2EEatxUpD1lpgM/Bc9Oj/gQcOy
PdoCVnzj2j06Jm8n8bJMe8h/r47JunuzMagiZGBkEQIoHTcxBINz/UMqPjqQ2MWm
6fQFunZA2OmkHLIpwiv7RGvFbk1yujriSVSQeFzcqq6rabn1gKxhvbiQq2z6lFEA
Putc/z4RM/sGn8ll+QVH7fJZHqUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRGH/8E
GH2YAm9dbKz9AMZZ5ms6hTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDMxZTRiMWItMGZhOS00NTQ5LWE2ZmEtM2E2ZWI5NGVlZjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
QDANBgkqhkiG9w0BAQsFAAOCAQEAAEwKKocet6N3x/0OHHf3k/Z1EqU+XyLhFC5q
2KWV5kidjuVhV0VwKNNWEbRv3AhICVnsSZMdHOOysE7zNZReOWIA1OEwaGpkfgID
60CziK95M8dwr+jR52Olez7Vxiy3F78tjpF9rBQbVXO//uSP41c92HmDhTMV3QRc
ATHUu3VQQYjppUvwHPmAmRrg8ZxlxY1kSIbfaEUrbeGrFAZYxQ177ngv2dekkeSr
/zAVAgPVa3hQTID6xcjKA1K8ZgWHevE/ZT5ZWhqWfXn4gMBBfk48TgVMJy8jGCBT
95LcHjxj7krFr+1giUbiBbyi7fTKsR5CSHhqfDrxEaTTFB9L1w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:37:52 2026 by rpki-client