Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
File: e2d9776f-9750-4d76-93f4-210836f1105b.roa (raw, json)
Hash identifier: V5NU+RFqqmgwNKRxO/t+YFUzZJv3gyq127ZPv+0t19o=
Subject key identifier: 17:69:18:88:3E:C1:69:A0:B9:55:94:3F:EF:BC:96:4C:8D:C8:5C:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FE7E8AA2B0A3F9AB41CC5B448476ACA1D6E4A9B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
Signing time: Fri 13 Feb 2026 15:21:01 +0000
ROA not before: Fri 13 Feb 2026 15:21:01 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:e7:e8:aa:2b:0a:3f:9a:b4:1c:c5:b4:48:47:6a:ca:1d:6e:4a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:21:01 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=0233c9da734818cf67b43ac4c747c6586793a159d4af79f5c2015ab75b7d5b5d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:16:3b:f2:e1:e2:aa:e7:b9:81:3c:cf:cc:b1:
2e:25:b4:2e:4b:35:15:60:f5:e1:15:87:56:c2:26:
7e:cf:f6:20:e2:07:0d:0d:f8:19:9d:7a:19:95:01:
82:8a:36:2a:de:8f:82:4e:0b:5c:c8:c6:35:2b:e6:
ba:bd:f5:65:05:31:28:0e:ea:55:de:89:f0:8d:99:
de:0a:c7:44:e7:1b:2f:a6:a4:0a:e6:81:0f:b7:7a:
a5:68:42:6a:c6:a0:48:ae:ea:0d:54:74:84:0a:9f:
5d:e1:bd:a7:ba:56:0e:9e:12:94:00:5d:41:ee:c6:
6e:ac:1f:1e:63:e4:f3:c6:53:aa:74:45:22:1f:8e:
3e:6c:01:64:61:9b:d7:ac:8a:65:43:21:8c:f0:19:
af:0f:0c:a0:cb:67:51:cd:5d:db:8e:bb:0b:1d:b6:
c1:50:0c:12:78:3f:d1:b1:03:58:8b:28:33:92:e4:
ac:59:45:18:49:d8:b7:a6:f3:c4:91:84:3f:d6:bb:
29:4b:3d:88:13:6f:d3:ee:41:03:fa:ae:df:97:a9:
ae:07:06:2f:7c:52:c4:4f:2e:2c:6d:3f:a7:72:c2:
be:6f:49:e3:32:c9:57:ad:59:d7:2a:68:37:18:96:
93:40:97:ad:77:2b:76:01:ea:18:54:b1:7a:b8:ad:
f1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:69:18:88:3E:C1:69:A0:B9:55:94:3F:EF:BC:96:4C:8D:C8:5C:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c020::/46
Signature Algorithm: sha256WithRSAEncryption
a7:4f:d1:39:64:91:53:3d:a2:65:c9:78:31:d3:6b:e9:cf:41:
3f:b3:5c:18:03:93:a9:ab:3a:41:93:c8:69:4e:51:9d:35:56:
39:c1:fa:8e:93:60:93:a2:d2:9b:d7:41:7e:a5:d8:8a:03:3f:
d1:b3:a8:71:d7:a3:c4:08:38:3b:7b:a7:a5:69:d8:5c:a8:76:
16:03:f4:6f:27:d6:02:a3:e8:c0:04:22:1d:cd:37:83:aa:62:
52:b0:9f:3f:af:eb:cf:bb:c7:f9:e9:9d:c5:0c:6a:85:1c:ca:
56:d3:29:95:4b:31:03:5d:0e:9b:ee:a0:cf:e7:1d:fc:55:de:
f3:6e:8c:86:cf:3e:3c:85:ae:af:e7:54:50:25:40:31:bb:89:
e2:d1:14:30:54:bb:25:81:31:b4:9c:26:aa:ed:82:40:66:c6:
95:4c:c9:5c:cc:ef:76:49:45:65:88:cc:c2:bb:7c:62:4e:5c:
5b:b8:00:84:23:04:35:63:97:ed:8b:b0:d9:d9:79:6b:92:41:
25:1b:db:39:e3:29:d0:cb:ad:80:54:a5:ff:5c:1f:b6:49:6b:
33:96:f9:80:4d:1f:18:77:6e:23:ca:32:f9:49:ad:81:f7:56:
e1:30:2b:31:d8:01:85:a8:0c:d9:be:00:16:54:28:e7:57:3a:
1e:76:a0:53
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf+foqisKP5q0HMW0SEdqyh1uSpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIxMDFaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyMzNjOWRhNzM0ODE4Y2Y2N2I0M2FjNGM3NDdjNjU4Njc5M2ExNTlkNGFm
NzlmNWMyMDE1YWI3NWI3ZDViNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0WO/Lh4qrnuYE8z8yxLiW0Lks1FWD14RWHVsImfs/2IOIHDQ34GZ16GZUB
goo2Kt6Pgk4LXMjGNSvmur31ZQUxKA7qVd6J8I2Z3grHROcbL6akCuaBD7d6pWhC
asagSK7qDVR0hAqfXeG9p7pWDp4SlABdQe7GbqwfHmPk88ZTqnRFIh+OPmwBZGGb
16yKZUMhjPAZrw8MoMtnUc1d2467Cx22wVAMEng/0bEDWIsoM5LkrFlFGEnYt6bz
xJGEP9a7KUs9iBNv0+5BA/qu35eprgcGL3xSxE8uLG0/p3LCvm9J4zLJV61Z1ypo
NxiWk0CXrXcrdgHqGFSxerit8ZcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQXaRiI
PsFpoLlVlD/vvJZMjchcVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTJkOTc3NmYtOTc1MC00ZDc2LTkzZjQtMjEwODM2ZjExMDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
IDANBgkqhkiG9w0BAQsFAAOCAQEAp0/ROWSRUz2iZcl4MdNr6c9BP7NcGAOTqas6
QZPIaU5RnTVWOcH6jpNgk6LSm9dBfqXYigM/0bOocdejxAg4O3unpWnYXKh2FgP0
byfWAqPowAQiHc03g6piUrCfP6/rz7vH+emdxQxqhRzKVtMplUsxA10Om+6gz+cd
/FXe826Mhs8+PIWur+dUUCVAMbuJ4tEUMFS7JYExtJwmqu2CQGbGlUzJXMzvdklF
ZYjMwrt8Yk5cW7gAhCMENWOX7Yuw2dl5a5JBJRvbOeMp0MutgFSl/1wftklrM5b5
gE0fGHduI8oy+UmtgfdW4TArMdgBhagM2b4AFlQo51c6HnagUw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:50 2026 by rpki-client