Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
File: f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa (raw, json)
Hash identifier: 1oLx/ILFdyAU2wmEMpasgJmr5UZ4mEnddJBDIcjePxs=
Subject key identifier: 33:9E:44:85:7C:11:73:89:B6:66:40:73:AF:99:D4:DB:8F:83:52:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DC3A1EE0D4F626C58AFFB79A596B471385C3282
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
Signing time: Fri 13 Feb 2026 15:20:28 +0000
ROA not before: Fri 13 Feb 2026 15:20:28 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:c3:a1:ee:0d:4f:62:6c:58:af:fb:79:a5:96:b4:71:38:5c:32:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:28 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=9a436ebfea634f7e5f383699434e821e465728b2edef16a0f66d4e76cd665062, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:10:7b:77:e1:42:28:51:01:ad:23:84:ca:78:
cd:0d:ec:91:1f:78:fd:b0:e6:ad:a0:a0:d7:14:06:
c9:3c:7c:b5:da:fd:d4:8d:61:12:06:50:98:22:ee:
5d:c9:da:0d:01:a7:87:6e:93:ec:59:f8:ea:e5:0e:
b1:92:83:58:c6:34:75:07:e6:b2:1f:fa:98:8d:e9:
08:07:9b:15:1e:35:f9:00:81:6f:44:86:a7:3d:a3:
59:b2:06:c3:21:ff:46:ea:7a:fe:06:5d:d9:83:24:
fc:53:d9:80:e7:91:17:13:01:cf:2d:cc:0f:42:e5:
5f:c3:c4:80:2e:1d:7c:dc:fc:11:d9:71:b0:23:64:
8b:41:81:50:8b:73:b1:13:f4:ed:3b:42:d1:08:f1:
98:cc:a2:d8:fa:32:93:fc:5a:3d:d5:80:9d:b4:ca:
67:b4:df:19:1a:b7:7b:c4:a5:45:61:01:82:2f:5b:
20:4f:d4:5d:2a:bf:0c:4e:c4:ec:ba:6d:48:5a:0f:
87:1f:fd:9f:2f:53:32:51:e8:5b:f5:31:67:63:5c:
6d:48:d7:5b:81:d8:5a:75:10:6f:26:30:08:ba:0c:
15:37:c9:c6:d3:24:ef:f9:0a:ee:62:85:97:e9:1a:
d1:99:a0:c6:49:84:7c:1c:00:72:7b:73:69:e1:16:
9b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9E:44:85:7C:11:73:89:B6:66:40:73:AF:99:D4:DB:8F:83:52:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
7e:b0:22:6c:f9:10:91:c7:48:09:b4:56:14:67:4c:13:7d:72:
99:f4:b0:8c:51:06:ec:a0:c0:17:c8:eb:73:4f:74:89:c7:84:
f8:78:a1:06:a9:86:c7:ec:26:d4:0b:b8:c4:9d:8c:82:2c:f4:
60:06:49:3a:62:bb:66:9e:47:68:04:53:57:8e:94:8f:8d:22:
0b:ed:d2:5b:43:eb:5c:8e:a2:2f:33:bf:0d:c2:45:9e:cc:3f:
1e:6f:5c:ca:b4:71:54:03:47:f5:37:95:d8:f5:cf:79:86:0b:
60:fc:3f:f7:22:dd:aa:8f:58:12:07:4c:30:46:42:df:c9:6d:
55:41:5d:0b:d0:c4:bf:f3:4a:00:4d:a9:a9:f1:c4:1f:a2:b1:
b5:f5:8f:ef:db:62:87:ac:3f:ea:9e:80:79:47:7a:cc:99:5d:
c5:8a:1c:e6:70:ea:34:c0:9e:99:34:c9:f7:e5:f0:b7:50:a8:
98:e4:26:d3:94:a8:5b:a3:bd:09:fa:9f:f2:c0:06:5a:c5:4b:
86:0e:f7:bc:43:22:7f:e8:20:dc:18:05:05:16:df:9d:5a:78:
d3:a5:69:4a:a3:b0:78:24:78:96:14:b0:9e:25:6d:ff:fd:1d:
95:62:53:15:1b:b4:4b:56:a0:b9:ba:98:8a:01:bd:29:79:e8:
5d:74:54:65
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUHcOh7g1PYmxYr/t5pZa0cThcMoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMjhaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhNDM2ZWJmZWE2MzRmN2U1ZjM4MzY5OTQzNGU4MjFlNDY1NzI4YjJlZGVm
MTZhMGY2NmQ0ZTc2Y2Q2NjUwNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcQe3fhQihRAa0jhMp4zQ3skR94/bDmraCg1xQGyTx8tdr91I1hEgZQmCLu
XcnaDQGnh26T7Fn46uUOsZKDWMY0dQfmsh/6mI3pCAebFR41+QCBb0SGpz2jWbIG
wyH/Rup6/gZd2YMk/FPZgOeRFxMBzy3MD0LlX8PEgC4dfNz8EdlxsCNki0GBUItz
sRP07TtC0QjxmMyi2Poyk/xaPdWAnbTKZ7TfGRq3e8SlRWEBgi9bIE/UXSq/DE7E
7LptSFoPhx/9ny9TMlHoW/UxZ2NcbUjXW4HYWnUQbyYwCLoMFTfJxtMk7/kK7mKF
l+ka0ZmgxkmEfBwAcntzaeEWm7UCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQznkSF
fBFzibZmQHOvmdTbj4NS3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEzZjU0NDQtMzc3YS00ZTUxLWExYzctMTBjMmEzYTNkNmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBAH6wImz5EJHHSAm0VhRnTBN9cpn0sIxRBuygwBfI
63NPdInHhPh4oQaphsfsJtQLuMSdjIIs9GAGSTpiu2aeR2gEU1eOlI+NIgvt0ltD
61yOoi8zvw3CRZ7MPx5vXMq0cVQDR/U3ldj1z3mGC2D8P/ci3aqPWBIHTDBGQt/J
bVVBXQvQxL/zSgBNqanxxB+isbX1j+/bYoesP+qegHlHesyZXcWKHOZw6jTAnpk0
yffl8LdQqJjkJtOUqFujvQn6n/LABlrFS4YO97xDIn/oINwYBQUW351aeNOlaUqj
sHgkeJYUsJ4lbf/9HZViUxUbtEtWoLm6mIoBvSl56F10VGU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:54 2026 by rpki-client