Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/efb32bd0-8689-4ff1-8b63-f633c6cd1a19.roa
File: efb32bd0-8689-4ff1-8b63-f633c6cd1a19.roa (raw, json)
Hash identifier: ea1/m4+syi26pDMfcRaIB96oHVbBnORCPb1hlT02e40=
Subject key identifier: 7D:D4:A9:41:93:75:E9:C7:18:8A:98:58:81:B7:E5:8B:28:A7:BE:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25B8C16909B398A86BB2C6312AD8D52FEF67BD16
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/efb32bd0-8689-4ff1-8b63-f633c6cd1a19.roa
Signing time: Wed 11 Feb 2026 01:30:37 +0000
ROA not before: Wed 11 Feb 2026 01:30:37 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:b8:c1:69:09:b3:98:a8:6b:b2:c6:31:2a:d8:d5:2f:ef:67:bd:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:37 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=6819c3b62e1246d86507e77f9036c7709bb11d426da1e5a50e2441979ab24ae1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8c:77:fd:57:5e:31:d7:d1:f2:1b:6b:82:95:
ce:7a:82:e8:25:4d:c8:81:c1:97:15:41:91:0e:dc:
05:f9:c1:86:6a:9a:26:66:f3:53:a4:37:c2:5d:3e:
46:38:7e:4a:ee:50:b6:58:3a:fb:54:df:6f:f8:a0:
d1:db:ab:7b:1d:1a:66:30:08:ea:39:15:18:7a:ff:
79:03:b4:e4:61:96:59:35:c5:ef:28:f7:33:96:aa:
4d:aa:11:ad:fc:6f:d1:68:5f:6e:5c:31:a6:0c:15:
22:2d:09:02:f2:6d:50:c4:c6:2c:27:4e:87:8c:e2:
b7:d4:5d:8e:ec:34:ab:3a:44:29:e1:05:77:3c:3c:
33:1c:2c:fb:b1:d1:65:b5:16:4d:c5:45:53:4b:61:
8a:52:1f:85:98:83:45:b2:98:7c:2a:d1:14:66:97:
6d:f9:66:55:f9:9d:64:18:e3:8f:b3:96:98:64:bd:
d8:7a:72:9f:0a:11:97:3f:7c:c4:d3:8c:24:5b:4c:
52:7d:c5:37:50:e1:7f:ca:18:98:bf:52:c8:e2:ce:
28:6e:83:0d:f8:ff:fc:ce:22:80:c6:5d:21:fe:f5:
c0:ce:17:f8:9a:07:3d:fd:41:37:c5:d8:82:e8:6c:
bf:9e:86:9b:3c:f0:43:52:03:97:5d:b8:60:44:f0:
a0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D4:A9:41:93:75:E9:C7:18:8A:98:58:81:B7:E5:8B:28:A7:BE:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/efb32bd0-8689-4ff1-8b63-f633c6cd1a19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:b080::/48
Signature Algorithm: sha256WithRSAEncryption
6e:fb:be:91:c3:1d:97:0c:18:51:14:ce:22:1b:d8:57:7f:e9:
36:09:5e:f4:d4:52:22:10:fe:2e:f0:8d:a4:fd:8a:60:4c:c3:
e1:aa:4b:db:08:d5:4d:63:bc:db:05:76:cf:11:e3:56:84:c8:
a5:7c:97:e2:23:4f:3e:10:5a:10:7c:1b:54:76:6e:90:21:2a:
0a:cd:14:b8:8c:7d:2e:46:78:6c:73:78:0a:ee:e6:e6:f3:8f:
2c:10:38:ca:76:45:92:8c:dd:90:70:67:96:4b:18:fb:ca:c5:
dd:e0:cc:b0:8a:08:78:7b:b1:7c:5c:7a:b5:3a:1d:c8:cc:f7:
53:7a:de:97:1f:97:ec:46:5b:ed:a8:d3:b4:97:aa:d1:1c:07:
86:c2:8a:d4:54:43:9e:1e:7a:1e:d0:64:cb:13:23:22:89:b7:
b3:11:3e:2a:e7:fc:3e:84:4e:64:52:03:d3:b6:64:e9:13:6b:
1d:a3:2e:96:c3:a0:72:60:eb:89:af:08:d7:ec:fe:f3:95:dc:
e8:80:89:00:dc:d7:8b:64:0f:29:58:02:54:c1:c1:97:52:18:
c7:82:32:3f:da:63:d8:be:c8:78:2b:d4:27:56:09:c0:26:00:
fd:99:a1:ae:25:29:41:c9:fa:59:1f:25:9c:e9:ed:1a:55:c2:
1e:db:47:26
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJbjBaQmzmKhrssYxKtjVL+9nvRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwMzdaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MTljM2I2MmUxMjQ2ZDg2NTA3ZTc3ZjkwMzZjNzcwOWJiMTFkNDI2ZGEx
ZTVhNTBlMjQ0MTk3OWFiMjRhZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuMd/1XXjHX0fIba4KVznqC6CVNyIHBlxVBkQ7cBfnBhmqaJmbzU6Q3wl0+
Rjh+Su5Qtlg6+1Tfb/ig0durex0aZjAI6jkVGHr/eQO05GGWWTXF7yj3M5aqTaoR
rfxv0WhfblwxpgwVIi0JAvJtUMTGLCdOh4zit9Rdjuw0qzpEKeEFdzw8Mxws+7HR
ZbUWTcVFU0thilIfhZiDRbKYfCrRFGaXbflmVfmdZBjjj7OWmGS92HpynwoRlz98
xNOMJFtMUn3FN1Dhf8oYmL9SyOLOKG6DDfj//M4igMZdIf71wM4X+JoHPf1BN8XY
guhsv56GmzzwQ1IDl124YETwoJ8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR91KlB
k3XpxxiKmFiBt+WLKKe+ljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWZiMzJiZDAtODY4OS00ZmYxLThiNjMtZjYzM2M2Y2QxYTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gqw
gDANBgkqhkiG9w0BAQsFAAOCAQEAbvu+kcMdlwwYURTOIhvYV3/pNgle9NRSIhD+
LvCNpP2KYEzD4apL2wjVTWO82wV2zxHjVoTIpXyX4iNPPhBaEHwbVHZukCEqCs0U
uIx9LkZ4bHN4Cu7m5vOPLBA4ynZFkozdkHBnlksY+8rF3eDMsIoIeHuxfFx6tTod
yMz3U3relx+X7EZb7ajTtJeq0RwHhsKK1FRDnh56HtBkyxMjIom3sxE+Kuf8PoRO
ZFID07Zk6RNrHaMulsOgcmDria8I1+z+85Xc6ICJANzXi2QPKVgCVMHBl1IYx4Iy
P9pj2L7IeCvUJ1YJwCYA/ZmhriUpQcn6WR8lnOntGlXCHttHJg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:31:53 2026 by rpki-client