Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
File: d58dbbef-7392-498d-b094-189de828de57.roa (raw, json)
Hash identifier: 5Zq8LMLh2KE9m2//lzzMJBAHMMMnEHpeQyat0JeglBA=
Subject key identifier: A9:54:EB:AB:DA:B9:F7:A9:FF:29:62:4E:CE:0B:05:E3:0B:5F:2E:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51645D789C4E8588A8AEE75EE5B75520EB146E07
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
Signing time: Fri 13 Feb 2026 15:20:49 +0000
ROA not before: Fri 13 Feb 2026 15:20:49 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:64:5d:78:9c:4e:85:88:a8:ae:e7:5e:e5:b7:55:20:eb:14:6e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:49 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=35caeb3443898955f875de16c8b4c451168586661c136339bc6e1f3ad23e62eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:64:af:3d:b9:99:de:3f:c8:5f:82:ac:5d:
c0:db:12:18:f1:dd:95:be:65:4e:bd:78:52:fd:a7:
c8:7d:5e:ef:d7:0e:47:59:b0:95:d7:a8:1a:11:21:
3c:93:86:ad:f3:49:9b:8b:d2:1b:f1:c4:ba:3b:3f:
60:43:4c:0f:a0:01:00:1b:00:a7:13:2c:9c:63:33:
62:68:3b:d3:2b:58:0f:3c:46:16:a0:26:da:af:c0:
a4:57:6d:cf:3f:17:f8:b1:dc:ed:f7:ec:54:34:d0:
f5:03:ad:a5:cd:a9:03:96:6d:05:01:d9:cf:74:2a:
02:03:30:9b:53:b9:3c:ed:82:7e:bb:6a:4c:fe:94:
64:2d:d3:e7:15:f5:d4:27:63:c7:03:a4:41:ba:be:
52:de:bd:c5:fb:90:1d:95:f7:c8:b8:3f:dc:18:19:
5f:d9:4d:f0:bc:8b:c9:a7:97:9c:ad:f3:37:92:22:
a9:56:e6:71:03:21:8c:3b:b2:96:a6:3e:f5:70:5c:
3f:a1:c3:2e:be:e4:1e:40:78:75:63:cd:51:6b:ea:
9d:c9:12:ba:25:c5:91:05:a8:4b:08:d9:76:63:01:
38:b5:17:ff:46:ba:0e:3a:39:af:d9:73:e2:76:d0:
dd:5a:52:f5:2c:c6:b7:6a:db:d0:64:ff:7e:34:b7:
fc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:54:EB:AB:DA:B9:F7:A9:FF:29:62:4E:CE:0B:05:E3:0B:5F:2E:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c020::/48
Signature Algorithm: sha256WithRSAEncryption
b5:1d:e2:83:8e:da:47:6c:08:1e:37:fe:de:65:a6:64:c7:dd:
2e:d4:18:17:62:ba:b5:e0:96:75:64:ee:4d:8a:70:da:9f:7a:
d9:44:fe:73:ef:0b:cd:ec:60:ac:1e:f5:e6:1c:a2:e8:5f:65:
42:a8:09:71:ee:f0:30:af:b5:39:4c:92:d4:3d:03:13:c5:fe:
4f:02:12:27:00:dc:00:e0:11:4b:81:8b:74:d2:e9:2c:33:ef:
ce:ee:d7:d8:58:ce:f1:5a:31:9a:3b:57:85:34:83:53:c8:19:
2e:6d:14:df:4f:68:a0:ec:66:9d:d1:6e:69:87:d8:89:6b:08:
45:f3:bd:ea:5e:ac:88:cd:76:36:69:f0:42:4a:79:f8:81:a3:
7b:84:a8:76:96:79:a6:1b:c1:bb:e6:02:e9:b2:d3:e9:45:4e:
2c:49:53:54:5a:f8:10:c6:28:a1:eb:e6:be:23:21:0a:b9:54:
d6:5e:8d:1d:78:e0:ae:40:9e:18:8d:02:e7:02:ef:4c:d6:31:
b8:8f:9e:0b:7b:a0:52:2f:f8:85:dc:60:ca:37:ff:0d:38:6e:
3b:9c:21:56:5b:31:42:a1:c3:91:c6:16:b4:90:61:8c:d7:80:
1f:96:f3:54:7d:a0:f3:ca:fd:0f:d7:47:3f:78:6e:5b:e6:ff:
d5:71:87:75
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUWRdeJxOhYiorude5bdVIOsUbgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwNDlaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1Y2FlYjM0NDM4OTg5NTVmODc1ZGUxNmM4YjRjNDUxMTY4NTg2NjYxYzEz
NjMzOWJjNmUxZjNhZDIzZTYyZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMP4ZK89uZneP8hfgqxdwNsSGPHdlb5lTr14Uv2nyH1e79cOR1mwldeoGhEh
PJOGrfNJm4vSG/HEujs/YENMD6ABABsApxMsnGMzYmg70ytYDzxGFqAm2q/ApFdt
zz8X+LHc7ffsVDTQ9QOtpc2pA5ZtBQHZz3QqAgMwm1O5PO2CfrtqTP6UZC3T5xX1
1CdjxwOkQbq+Ut69xfuQHZX3yLg/3BgZX9lN8LyLyaeXnK3zN5IiqVbmcQMhjDuy
lqY+9XBcP6HDLr7kHkB4dWPNUWvqnckSuiXFkQWoSwjZdmMBOLUX/0a6Djo5r9lz
4nbQ3VpS9SzGt2rb0GT/fjS3/PUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSpVOur
2rn3qf8pYk7OCwXjC18u+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDU4ZGJiZWYtNzM5Mi00OThkLWIwOTQtMTg5ZGU4MjhkZTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
IDANBgkqhkiG9w0BAQsFAAOCAQEAtR3ig47aR2wIHjf+3mWmZMfdLtQYF2K6teCW
dWTuTYpw2p962UT+c+8LzexgrB715hyi6F9lQqgJce7wMK+1OUyS1D0DE8X+TwIS
JwDcAOARS4GLdNLpLDPvzu7X2FjO8VoxmjtXhTSDU8gZLm0U309ooOxmndFuaYfY
iWsIRfO96l6siM12NmnwQkp5+IGje4SodpZ5phvBu+YC6bLT6UVOLElTVFr4EMYo
oevmviMhCrlU1l6NHXjgrkCeGI0C5wLvTNYxuI+eC3ugUi/4hdxgyjf/DThuO5wh
VlsxQqHDkcYWtJBhjNeAH5bzVH2g88r9D9dHP3huW+b/1XGHdQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:28:13 2026 by rpki-client