Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
File: e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa (raw, json)
Hash identifier: 1IdcqxqdeesSAM95BYjIuu9SLsB7PPmJYAFW5Q/TCds=
Subject key identifier: 3C:6C:65:B4:EB:D8:85:A9:48:E5:8E:4D:4E:DD:72:76:1E:7B:12:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29766AD074D0A252D76BB322FF2D88BCFC4CE225
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
Signing time: Fri 13 Feb 2026 15:20:11 +0000
ROA not before: Fri 13 Feb 2026 15:20:11 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:50c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:76:6a:d0:74:d0:a2:52:d7:6b:b3:22:ff:2d:88:bc:fc:4c:e2:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:11 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=2005fdebc1ac76947b1e953b088a029a0423d88683700d07a120233af52ed723, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:01:02:cf:48:49:13:16:33:ad:bf:1d:94:c0:
5f:5d:8b:61:7d:9b:51:33:c8:3b:de:94:49:19:a6:
31:57:0a:80:d3:9f:03:8e:27:56:9e:e5:51:93:2e:
90:aa:76:3c:66:15:6f:c0:00:03:68:cd:ad:fd:db:
83:e2:0b:42:e2:49:c5:1e:6c:bb:33:6f:49:5a:99:
d4:c7:9d:2a:f2:df:bf:c7:21:8f:9a:09:82:52:f8:
ee:cb:c0:d3:9d:a3:30:d3:ac:04:2b:a7:f8:2e:35:
32:cc:93:bc:45:de:bc:e7:06:73:23:a0:fa:6c:f5:
75:9c:3a:15:0d:c5:7f:37:19:bf:8b:e0:f2:44:fd:
9d:70:41:2f:a2:a3:4e:6c:72:14:40:68:b7:a2:4d:
34:35:5b:23:17:1a:c6:95:6b:c3:d6:10:02:ac:64:
37:1b:2b:58:ef:3a:e2:be:75:d8:d0:e5:45:6c:a1:
9a:7e:5f:34:e3:41:5a:4a:c6:ae:ae:b3:4e:4f:80:
10:be:ac:fb:ae:e9:d8:32:e7:d0:38:2b:7d:58:fa:
83:27:76:23:fd:bb:ca:37:06:79:10:b9:55:7e:41:
cc:a2:53:af:16:f9:59:9b:89:8e:8d:ae:06:26:82:
5b:90:00:80:7c:ef:d5:9d:c9:e7:51:69:35:a5:b5:
b6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:6C:65:B4:EB:D8:85:A9:48:E5:8E:4D:4E:DD:72:76:1E:7B:12:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
67:44:2a:f3:c6:52:f1:d0:96:24:b8:93:5f:4d:e4:f3:c8:59:
f9:a9:a8:32:ea:8d:76:e4:a1:b1:ec:e9:fb:5c:82:2f:ef:a4:
2c:34:c5:23:96:5e:76:d0:3e:bd:6b:43:11:51:5f:e5:01:48:
69:d5:f6:cd:76:5d:b3:73:67:62:2d:73:0a:1a:ee:2e:3e:23:
7f:3e:df:ed:9b:e5:25:ec:c4:2f:d8:b5:cf:24:be:b6:cc:3b:
1f:dd:04:61:5f:5d:86:eb:e7:6e:6a:c1:a3:ca:93:81:c8:51:
e0:8f:ad:44:86:66:d0:90:ff:39:93:86:bc:d1:c5:9f:1f:ab:
00:e5:10:e4:01:2d:0f:de:70:d9:10:b6:ee:a5:6c:b2:87:c4:
50:6d:cc:01:bd:f2:50:a2:2b:b7:12:0c:c1:f3:40:21:63:da:
2b:1b:16:ca:1f:69:2a:fc:0a:d7:92:86:81:2a:2a:57:ba:7b:
69:15:6e:50:76:1a:cb:85:63:17:19:ec:ff:d6:90:ea:95:c3:
fb:d2:13:3a:f5:8f:a8:76:ef:63:94:92:6b:04:ba:70:bf:6c:
b4:d1:98:d3:cc:96:01:34:e5:09:eb:b7:6d:5f:4c:d5:36:02:
d3:00:f9:d2:8f:a2:37:82:ff:a8:4d:65:08:ef:f9:a5:8a:d2:
5e:94:24:57
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKXZq0HTQolLXa7Mi/y2IvPxM4iUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMTFaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwMDVmZGViYzFhYzc2OTQ3YjFlOTUzYjA4OGEwMjlhMDQyM2Q4ODY4Mzcw
MGQwN2ExMjAyMzNhZjUyZWQ3MjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwBAs9ISRMWM62/HZTAX12LYX2bUTPIO96USRmmMVcKgNOfA44nVp7lUZMu
kKp2PGYVb8AAA2jNrf3bg+ILQuJJxR5suzNvSVqZ1MedKvLfv8chj5oJglL47svA
052jMNOsBCun+C41MsyTvEXevOcGcyOg+mz1dZw6FQ3FfzcZv4vg8kT9nXBBL6Kj
TmxyFEBot6JNNDVbIxcaxpVrw9YQAqxkNxsrWO864r512NDlRWyhmn5fNONBWkrG
rq6zTk+AEL6s+67p2DLn0DgrfVj6gyd2I/27yjcGeRC5VX5BzKJTrxb5WZuJjo2u
BiaCW5AAgHzv1Z3J51FpNaW1trMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ8bGW0
69iFqUjljk1O3XJ2HnsSEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTBmMmUwYzctNmQ5Yy00MjhiLTg1ZTUtNmE5MjRlNzQxNGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAZ0Qq88ZS8dCWJLiTX03k88hZ+amoMuqNduSh
sezp+1yCL++kLDTFI5ZedtA+vWtDEVFf5QFIadX2zXZds3NnYi1zChruLj4jfz7f
7ZvlJezEL9i1zyS+tsw7H90EYV9dhuvnbmrBo8qTgchR4I+tRIZm0JD/OZOGvNHF
nx+rAOUQ5AEtD95w2RC27qVssofEUG3MAb3yUKIrtxIMwfNAIWPaKxsWyh9pKvwK
15KGgSoqV7p7aRVuUHYay4VjFxns/9aQ6pXD+9ITOvWPqHbvY5SSawS6cL9stNGY
08yWATTlCeu3bV9M1TYC0wD50o+iN4L/qE1lCO/5pYrSXpQkVw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:04 2026 by rpki-client