Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
File: ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa (raw, json)
Hash identifier: HAhN/xYWGeTz52WZJAIcqntb9QwJ/jBtHtc+pD73UPU=
Subject key identifier: F2:1C:D0:61:CE:7E:BC:5A:EE:55:BB:8A:12:89:50:85:8A:20:9F:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49C83B5D9C3B4D24235A28145B558B671DC34D25
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
Signing time: Fri 13 Feb 2026 15:20:12 +0000
ROA not before: Fri 13 Feb 2026 15:20:12 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:c8:3b:5d:9c:3b:4d:24:23:5a:28:14:5b:55:8b:67:1d:c3:4d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:12 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=283b5454be11647ee9d0fcfe67dcfe3b15a0ec6e345fd7dba2fc46203bfbd9e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:36:50:e2:00:69:8c:67:cc:a7:c9:8b:38:61:
87:ae:df:0d:d2:fb:27:a2:d9:c2:80:db:e1:7c:86:
cd:81:ff:58:41:19:ca:e0:4d:a8:6b:1f:36:d2:25:
2d:19:6d:be:95:31:1e:2b:2c:2e:50:0e:bc:08:8b:
11:56:e4:c6:92:9d:32:bc:e6:1a:9b:52:1d:ce:80:
ee:78:29:3f:13:06:2e:2c:67:34:7a:72:79:ea:54:
cf:f7:f2:8b:3d:4d:05:f7:d7:85:25:36:c6:ac:e2:
8b:84:87:a3:4d:c9:ff:c8:a3:4a:1f:14:9d:8d:08:
4c:f7:05:05:33:82:0c:94:b6:98:94:b0:da:10:ec:
96:09:7f:a1:03:6e:22:52:b7:41:1a:1b:cb:c5:ef:
1d:09:53:5d:da:42:15:1c:f4:0b:69:b3:21:28:41:
b4:96:29:51:81:d5:ed:30:d9:d9:f9:f7:6a:73:9e:
70:69:09:c8:79:b4:c7:7a:b4:13:45:b1:63:85:25:
95:16:3f:f4:64:5a:6a:51:be:09:71:0f:7f:b2:3f:
0c:62:69:bf:c1:95:91:fc:a6:2a:28:86:f9:7b:cd:
97:e3:4e:ae:f5:f7:ce:3f:8d:9b:8f:c3:68:fb:b5:
de:14:d0:cf:d9:05:72:27:8d:71:4a:ee:19:ba:70:
d2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1C:D0:61:CE:7E:BC:5A:EE:55:BB:8A:12:89:50:85:8A:20:9F:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:4000::/40
Signature Algorithm: sha256WithRSAEncryption
05:39:fc:42:95:95:d4:a9:86:17:f1:dc:29:c2:24:54:5a:50:
4d:90:77:fe:fd:2a:84:25:4d:7f:22:16:d4:85:bc:0d:57:4a:
43:01:0a:d0:5b:64:0a:6c:a0:69:0b:fd:57:85:ef:02:1e:04:
e5:70:13:93:47:39:e3:3d:5a:a6:b6:0b:f7:54:fa:19:18:dd:
9b:d7:06:57:de:c7:b5:93:11:93:8e:42:f9:a0:99:8d:33:f6:
69:52:be:85:f6:29:92:d4:82:cb:24:10:e7:17:78:c7:ac:e7:
f1:21:d9:20:e0:8a:4a:e2:b1:bf:fa:d5:10:9c:1e:54:b1:67:
69:8a:00:e5:be:80:37:05:c4:cb:a1:28:8d:88:31:75:98:5a:
66:e7:25:cf:da:4b:a0:e7:fa:eb:12:e8:79:16:fe:d3:9f:ff:
bc:61:28:6d:32:09:04:4c:25:07:62:eb:ee:13:91:fc:ef:46:
ad:ca:fa:c8:a5:ae:33:ef:99:f6:86:5e:78:6f:67:90:90:71:
2f:d3:e2:65:46:67:7f:f4:89:f2:a1:87:54:73:2e:72:9f:d7:
a3:b7:d8:53:c2:ed:40:43:b1:23:01:e9:a4:5b:5f:75:b9:8c:
3f:19:08:27:7d:48:18:83:79:b4:55:cd:25:03:00:f8:71:ae:
00:ea:36:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUScg7XZw7TSQjWigUW1WLZx3DTSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMTJaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4M2I1NDU0YmUxMTY0N2VlOWQwZmNmZTY3ZGNmZTNiMTVhMGVjNmUzNDVm
ZDdkYmEyZmM0NjIwM2JmYmQ5ZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALg2UOIAaYxnzKfJizhhh67fDdL7J6LZwoDb4XyGzYH/WEEZyuBNqGsfNtIl
LRltvpUxHissLlAOvAiLEVbkxpKdMrzmGptSHc6A7ngpPxMGLixnNHpyeepUz/fy
iz1NBffXhSU2xqzii4SHo03J/8ijSh8UnY0ITPcFBTOCDJS2mJSw2hDslgl/oQNu
IlK3QRoby8XvHQlTXdpCFRz0C2mzIShBtJYpUYHV7TDZ2fn3anOecGkJyHm0x3q0
E0WxY4UllRY/9GRaalG+CXEPf7I/DGJpv8GVkfymKiiG+XvNl+NOrvX3zj+Nm4/D
aPu13hTQz9kFcieNcUruGbpw0g8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyHNBh
zn68Wu5Vu4oSiVCFiiCfITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRlNTIwMGUtNTVjOC00YTg5LTljY2YtY2Y0NjVjNmRkYjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJA
MA0GCSqGSIb3DQEBCwUAA4IBAQAFOfxClZXUqYYX8dwpwiRUWlBNkHf+/SqEJU1/
IhbUhbwNV0pDAQrQW2QKbKBpC/1Xhe8CHgTlcBOTRznjPVqmtgv3VPoZGN2b1wZX
3se1kxGTjkL5oJmNM/ZpUr6F9imS1ILLJBDnF3jHrOfxIdkg4IpK4rG/+tUQnB5U
sWdpigDlvoA3BcTLoSiNiDF1mFpm5yXP2kug5/rrEuh5Fv7Tn/+8YShtMgkETCUH
YuvuE5H870atyvrIpa4z75n2hl54b2eQkHEv0+JlRmd/9InyoYdUcy5yn9ejt9hT
wu1AQ7EjAemkW191uYw/GQgnfUgYg3m0Vc0lAwD4ca4A6jbL
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:18 2026 by rpki-client