Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
File: d8bdec55-5207-4e20-a65b-ee864a734245.roa (raw, json)
Hash identifier: ziVZq6+x+C1yk2iqhwaYhxTAKfc8/fXUPT6veUhHu44=
Subject key identifier: BD:9E:BF:45:47:81:30:78:2E:C4:8E:3A:43:D3:A3:7F:E8:83:92:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 715186CB3099C91EEBCD3E00416E8FE617B70AE6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
Signing time: Fri 06 Feb 2026 00:40:06 +0000
ROA not before: Fri 06 Feb 2026 00:40:06 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:51:86:cb:30:99:c9:1e:eb:cd:3e:00:41:6e:8f:e6:17:b7:0a:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:40:06 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=0a1ee06349e389e9bb597226cdec3ec0505c10b3fecff95406e167060723a512, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fd:00:28:1f:99:c2:6e:0b:20:3d:99:ec:14:
92:3a:9f:b8:e7:79:91:7f:43:a8:0a:b5:50:5c:92:
65:3e:eb:c6:2a:f5:19:f4:bf:00:77:49:89:2c:dd:
e2:d6:c9:06:e4:79:ad:41:e8:e8:57:49:0a:44:e4:
95:22:1a:f1:7e:85:c4:c7:77:ff:dc:26:7f:0b:9f:
7c:3d:1c:ba:ae:8d:95:0f:4f:7d:e0:e3:7b:fe:2f:
a1:1d:e8:2c:50:be:bc:4e:5d:ee:53:50:75:38:69:
4b:3e:df:da:4e:e7:a1:0e:29:f2:de:8c:69:18:2e:
41:eb:16:13:2b:ad:e9:0a:81:da:7b:c0:c7:71:a9:
4a:fc:1f:92:9e:c7:0a:29:71:8d:92:26:6b:f0:a5:
b7:fe:76:22:7a:3d:bb:76:c3:3d:97:f2:97:83:43:
f3:96:70:2f:34:40:5a:56:07:46:db:73:ca:23:fb:
16:87:48:85:64:e5:44:eb:c5:6c:46:de:35:ac:18:
6f:06:38:55:da:c2:7c:22:41:50:d3:b9:36:e1:2a:
07:40:ac:25:4f:da:4a:1e:6e:17:51:39:d8:d7:35:
aa:4f:d4:c0:bb:68:13:85:dd:0e:aa:dc:fb:a9:09:
fc:67:69:9e:d7:f0:64:a4:6d:1b:bd:94:c4:5c:45:
69:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:9E:BF:45:47:81:30:78:2E:C4:8E:3A:43:D3:A3:7F:E8:83:92:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8080::/46
Signature Algorithm: sha256WithRSAEncryption
67:67:01:61:d4:d5:ed:79:b2:20:ab:5d:d7:2d:4a:4e:fb:03:
30:38:0b:12:c4:fe:09:f3:2d:19:0d:b6:3d:f9:c3:2b:4d:e5:
06:a1:4f:80:a6:c1:af:03:df:e1:eb:a9:cc:39:2b:bd:58:28:
51:1e:ed:ab:66:8c:98:af:f2:0c:4b:c7:70:0c:1e:db:2e:88:
e7:fe:37:b8:95:e9:fb:64:8a:2f:84:fa:22:a1:3c:f1:33:ef:
6b:e2:a1:81:ad:88:16:20:67:3d:91:60:70:ea:c5:b7:dd:a7:
5a:5b:30:22:bf:6c:b4:c2:70:48:b8:c1:0b:47:55:62:1b:51:
47:b6:d8:90:9d:df:e6:c8:60:de:6c:ab:f5:f1:22:b4:3a:93:
c0:9e:f2:77:a1:7d:96:68:28:07:e3:07:3d:b0:18:80:cf:b7:
ae:af:05:a2:7b:5e:96:cd:b7:9b:44:59:15:44:49:e2:fe:8b:
37:87:7f:f8:d1:64:38:f8:dd:9e:b3:be:2c:4e:2c:80:96:58:
93:df:8e:8e:43:fe:bc:54:7c:ae:63:40:ac:6f:e8:b2:c0:56:
34:32:de:60:67:1f:7d:b7:a2:ca:3c:a3:a2:5c:0e:d5:d4:88:
5b:c5:3d:78:07:53:4d:39:25:ea:e2:8b:98:1c:0f:46:87:7a:
c3:ae:eb:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcVGGyzCZyR7rzT4AQW6P5he3CuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDQwMDZaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMWVlMDYzNDllMzg5ZTliYjU5NzIyNmNkZWMzZWMwNTA1YzEwYjNmZWNm
Zjk1NDA2ZTE2NzA2MDcyM2E1MTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKT9ACgfmcJuCyA9mewUkjqfuOd5kX9DqAq1UFySZT7rxir1GfS/AHdJiSzd
4tbJBuR5rUHo6FdJCkTklSIa8X6FxMd3/9wmfwuffD0cuq6NlQ9PfeDje/4voR3o
LFC+vE5d7lNQdThpSz7f2k7noQ4p8t6MaRguQesWEyut6QqB2nvAx3GpSvwfkp7H
CilxjZIma/Clt/52Ino9u3bDPZfyl4ND85ZwLzRAWlYHRttzyiP7FodIhWTlROvF
bEbeNawYbwY4VdrCfCJBUNO5NuEqB0CsJU/aSh5uF1E52Nc1qk/UwLtoE4XdDqrc
+6kJ/GdpntfwZKRtG72UxFxFaeUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS9nr9F
R4EweC7EjjpD06N/6IOSAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhiZGVjNTUtNTIwNy00ZTIwLWE2NWItZWU4NjRhNzM0MjQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DSA
gDANBgkqhkiG9w0BAQsFAAOCAQEAZ2cBYdTV7XmyIKtd1y1KTvsDMDgLEsT+CfMt
GQ22PfnDK03lBqFPgKbBrwPf4eupzDkrvVgoUR7tq2aMmK/yDEvHcAwe2y6I5/43
uJXp+2SKL4T6IqE88TPva+Khga2IFiBnPZFgcOrFt92nWlswIr9stMJwSLjBC0dV
YhtRR7bYkJ3f5shg3myr9fEitDqTwJ7yd6F9lmgoB+MHPbAYgM+3rq8Fontels23
m0RZFURJ4v6LN4d/+NFkOPjdnrO+LE4sgJZYk9+OjkP+vFR8rmNArG/ossBWNDLe
YGcffbeiyjyjolwO1dSIW8U9eAdTTTkl6uKLmBwPRod6w67raQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:18 2026 by rpki-client