Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa
File: e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa (raw, json)
Hash identifier: b1R8RrTyZvdAc6zpjV//Q507xq8ngnYqXPDgWhjzptw=
Subject key identifier: 75:23:E7:12:61:B2:2E:4F:5D:B2:E3:A0:75:CD:5C:4E:D2:E8:17:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C51936EE780F8E21B2A8AC1AA18D108E527353B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa
Signing time: Tue 17 Feb 2026 03:00:33 +0000
ROA not before: Tue 17 Feb 2026 03:00:33 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:51:93:6e:e7:80:f8:e2:1b:2a:8a:c1:aa:18:d1:08:e5:27:35:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:33 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=5a44ed20b4f512c1b53f489561113ffbc49be1bca97280c596c0d8a08a52fbe6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9d:46:ee:40:a6:59:47:63:7e:fc:62:72:e8:
cf:9c:e1:2d:e2:90:ad:ee:4c:62:69:a8:c9:13:9f:
f1:d0:69:9a:81:af:bf:6e:48:e4:f2:03:7a:a8:b9:
79:54:48:95:b4:cc:35:a9:35:74:bf:40:ef:c1:34:
12:e0:b9:14:ec:14:8d:fe:d8:db:1b:2d:28:2f:32:
60:e0:ee:c4:f9:c8:11:ec:c7:18:c4:1c:15:02:8a:
7b:67:67:4e:34:12:61:cc:7b:43:b1:97:6c:13:48:
f2:04:e5:fb:bb:ac:3c:07:79:af:93:06:86:08:2a:
a3:38:b4:63:78:4c:6a:6c:cd:50:b0:d3:f7:83:dc:
d3:9f:e2:7b:e9:2c:02:f3:08:f6:93:9b:b6:34:a6:
26:e4:94:de:d8:45:5c:fb:fd:23:83:60:53:b7:bf:
73:d1:80:ab:da:46:17:3f:01:b6:f3:2b:9e:25:a2:
27:8f:c8:4d:6a:0b:59:a0:b4:8e:24:f2:88:77:4c:
ee:bc:01:5a:1d:da:59:79:9a:5f:9c:df:5e:e5:58:
98:ed:65:aa:d9:22:31:1d:ad:88:50:1a:8a:fa:33:
c4:0b:8b:aa:1e:d1:95:cd:f7:41:39:d4:58:4b:5b:
df:06:b9:9c:c4:b1:8d:ed:98:f0:86:9e:08:5e:0f:
44:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:23:E7:12:61:B2:2E:4F:5D:B2:E3:A0:75:CD:5C:4E:D2:E8:17:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e000::/40
Signature Algorithm: sha256WithRSAEncryption
19:46:2f:dc:28:30:b4:b3:49:6a:1b:60:b6:36:00:af:44:fd:
65:30:d4:82:dc:c5:1c:fb:9b:cd:97:37:7f:66:e2:2b:e6:fd:
b8:41:c1:ac:ab:6a:fc:ec:5a:16:b4:50:e5:a6:44:c7:00:8e:
56:41:6f:74:7d:51:d8:65:03:20:8c:0e:d6:c6:ba:7c:b0:e5:
b8:78:b7:b8:70:09:7d:df:d9:39:df:79:b3:b5:de:81:26:82:
fc:85:6c:eb:79:f7:5c:24:97:3d:2b:d6:3f:02:80:8b:e6:0a:
03:d6:c8:42:5a:d9:ee:9e:97:0a:35:be:8a:f7:d5:8e:40:81:
46:67:42:5e:70:b2:12:a4:05:e3:38:6e:c6:a3:f0:d7:ab:8e:
0b:00:f2:d8:6d:6a:cf:98:9e:49:4c:03:34:6f:8b:4c:1f:17:
d2:57:81:b3:e0:db:2e:aa:55:28:34:36:c6:c7:c0:1b:f9:35:
e5:90:91:9a:09:9a:50:64:21:80:b6:41:c4:10:24:c5:ba:15:
41:a6:56:8c:13:9d:e5:03:f6:55:e6:15:62:bf:6b:57:4e:b4:
61:00:96:c4:02:0b:be:7b:97:c6:fa:fd:7c:06:f5:77:eb:96:
a3:83:e1:a3:05:11:3b:a1:0b:46:b9:0b:1e:82:62:a5:b0:e0:
4e:ef:d3:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDFGTbueA+OIbKorBqhjRCOUnNTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMzNaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhNDRlZDIwYjRmNTEyYzFiNTNmNDg5NTYxMTEzZmZiYzQ5YmUxYmNhOTcy
ODBjNTk2YzBkOGEwOGE1MmZiZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALydRu5ApllHY378YnLoz5zhLeKQre5MYmmoyROf8dBpmoGvv25I5PIDeqi5
eVRIlbTMNak1dL9A78E0EuC5FOwUjf7Y2xstKC8yYODuxPnIEezHGMQcFQKKe2dn
TjQSYcx7Q7GXbBNI8gTl+7usPAd5r5MGhggqozi0Y3hMamzNULDT94Pc05/ie+ks
AvMI9pObtjSmJuSU3thFXPv9I4NgU7e/c9GAq9pGFz8BtvMrniWiJ4/ITWoLWaC0
jiTyiHdM7rwBWh3aWXmaX5zfXuVYmO1lqtkiMR2tiFAaivozxAuLqh7Rlc33QTnU
WEtb3wa5nMSxje2Y8IaeCF4PRD8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1I+cS
YbIuT12y46B1zVxO0ugXEjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZThmZWVmMWUtOTA1OC00YjM0LWE3ZjItMjRlNWUwNDRmZWEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTg
MA0GCSqGSIb3DQEBCwUAA4IBAQAZRi/cKDC0s0lqG2C2NgCvRP1lMNSC3MUc+5vN
lzd/ZuIr5v24QcGsq2r87FoWtFDlpkTHAI5WQW90fVHYZQMgjA7Wxrp8sOW4eLe4
cAl939k533mztd6BJoL8hWzrefdcJJc9K9Y/AoCL5goD1shCWtnunpcKNb6K99WO
QIFGZ0JecLISpAXjOG7Go/DXq44LAPLYbWrPmJ5JTAM0b4tMHxfSV4Gz4NsuqlUo
NDbGx8Ab+TXlkJGaCZpQZCGAtkHEECTFuhVBplaME53lA/ZV5hViv2tXTrRhAJbE
Agu+e5fG+v18BvV365ajg+GjBRE7oQtGuQsegmKlsOBO79N8
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:42:20 2026 by rpki-client