Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
File: f6aec084-593c-47be-8e46-9024b5572011.roa (raw, json)
Hash identifier: YwGk8F1lEuW7RwRSFXoFf3LDJWS+R18YjawNajWWB+I=
Subject key identifier: E3:04:08:DF:30:F6:48:F1:98:52:DF:C4:A7:4E:36:87:34:98:F2:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E5AB2CCDE6AD5F349F8FDE6A77C40282A1421E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
Signing time: Fri 20 Feb 2026 01:50:55 +0000
ROA not before: Fri 20 Feb 2026 01:50:55 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:5a:b2:cc:de:6a:d5:f3:49:f8:fd:e6:a7:7c:40:28:2a:14:21:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:55 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=48d73f806b32d83568fb9237b0deab81495a21e4ce8137663bc5e10591dad8b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9f:5a:d3:94:40:1c:d1:97:72:18:f9:bc:54:
48:81:0a:b4:d6:92:8f:e9:d4:85:8e:ab:ce:7d:dd:
7d:51:53:48:4a:9c:40:53:a1:c0:e5:2f:bd:fd:5a:
a5:40:63:93:4f:c4:18:65:c7:f9:00:af:83:eb:bb:
0d:0a:25:c5:65:c1:b8:45:f3:fd:07:90:86:a2:ac:
6b:22:d7:9f:4b:e5:2b:de:76:c4:fa:8f:2d:b2:0a:
c5:32:ff:bf:8c:c7:49:4a:cb:44:83:f1:1e:79:4d:
03:65:ce:36:4d:4b:6d:e1:a3:89:54:7e:36:f1:2d:
2d:e5:dd:65:f9:42:f4:2a:db:eb:ca:b3:7b:89:0b:
3f:1a:e1:8b:42:81:a5:0f:38:19:64:f8:56:21:6e:
fc:11:db:29:8a:73:22:1b:67:66:80:40:87:f1:24:
37:31:e5:d2:44:79:2f:74:bd:d1:db:50:43:50:69:
a1:53:da:e1:d6:53:8b:0e:48:2b:5b:08:5c:ba:03:
b5:f3:18:17:a6:55:6d:90:29:6d:92:3f:25:3d:35:
c2:4e:4f:e1:23:5b:64:8c:0d:dc:85:e6:bf:01:f9:
ef:93:46:a2:32:85:3d:e1:d2:e9:e2:a1:b6:86:c6:
d8:b8:8a:7f:2b:c2:8d:3c:30:8e:fa:52:d9:86:d2:
c9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:04:08:DF:30:F6:48:F1:98:52:DF:C4:A7:4E:36:87:34:98:F2:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
98:4d:99:8c:7a:a7:73:21:bf:a0:a2:4e:04:a5:a1:71:9b:9b:
b3:36:a5:f8:bd:90:2c:b4:13:fa:6b:5e:aa:4c:51:84:35:6c:
f2:19:ef:78:1e:bf:51:fc:62:22:e7:fd:a6:36:97:42:83:4c:
40:44:4a:96:9d:f8:f4:db:75:2b:fd:25:1a:54:21:bc:d4:72:
7c:34:ee:5d:a6:1b:f7:33:21:b6:95:c0:dd:73:6b:ee:ff:02:
5a:2c:da:5e:4e:84:15:e0:b1:89:fe:19:9b:80:aa:77:49:ef:
85:20:64:30:48:74:1a:af:c2:aa:55:1b:f4:af:2a:b8:62:9d:
94:c0:02:22:d8:5f:3f:83:5c:3b:f4:f1:3b:14:f2:89:92:c6:
12:fd:17:1d:f2:cc:ee:0b:96:a2:72:b9:9c:a2:72:b9:01:35:
55:a2:9f:84:74:95:bc:35:95:54:02:c4:2d:ab:96:5b:72:11:
59:3d:ee:c2:b3:11:73:8f:a4:52:28:80:1c:f1:42:3c:7b:38:
92:9a:4c:29:35:87:b8:6c:8e:e3:c0:fd:bf:8e:b2:c9:c7:c9:
60:b8:15:57:1d:1a:ef:09:bc:a0:00:15:ce:62:7a:08:a1:d3:
a8:6d:b6:2e:c4:d4:4f:23:b9:0a:95:2b:31:e9:c0:2d:33:1f:
bf:0e:73:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHlqyzN5q1fNJ+P3mp3xAKCoUIeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwNTVaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4ZDczZjgwNmIzMmQ4MzU2OGZiOTIzN2IwZGVhYjgxNDk1YTIxZTRjZTgx
Mzc2NjNiYzVlMTA1OTFkYWQ4YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCfWtOUQBzRl3IY+bxUSIEKtNaSj+nUhY6rzn3dfVFTSEqcQFOhwOUvvf1a
pUBjk0/EGGXH+QCvg+u7DQolxWXBuEXz/QeQhqKsayLXn0vlK952xPqPLbIKxTL/
v4zHSUrLRIPxHnlNA2XONk1LbeGjiVR+NvEtLeXdZflC9Crb68qze4kLPxrhi0KB
pQ84GWT4ViFu/BHbKYpzIhtnZoBAh/EkNzHl0kR5L3S90dtQQ1BpoVPa4dZTiw5I
K1sIXLoDtfMYF6ZVbZApbZI/JT01wk5P4SNbZIwN3IXmvwH575NGojKFPeHS6eKh
tobG2LiKfyvCjTwwjvpS2YbSyTsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjBAjf
MPZI8ZhS38SnTjaHNJjyEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjZhZWMwODQtNTkzYy00N2JlLThlNDYtOTAyNGI1NTcyMDExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQCYTZmMeqdzIb+gok4EpaFxm5uzNqX4vZAstBP6
a16qTFGENWzyGe94Hr9R/GIi5/2mNpdCg0xAREqWnfj023Ur/SUaVCG81HJ8NO5d
phv3MyG2lcDdc2vu/wJaLNpeToQV4LGJ/hmbgKp3Se+FIGQwSHQar8KqVRv0ryq4
Yp2UwAIi2F8/g1w79PE7FPKJksYS/Rcd8szuC5aicrmconK5ATVVop+EdJW8NZVU
AsQtq5ZbchFZPe7CsxFzj6RSKIAc8UI8eziSmkwpNYe4bI7jwP2/jrLJx8lguBVX
HRrvCbygABXOYnoIodOobbYuxNRPI7kKlSsx6cAtMx+/DnPn
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:46:32 2026 by rpki-client