Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
File: f76388e2-5824-485d-aa99-c7ea5a481aa2.roa (raw, json)
Hash identifier: U9K0yWy0XHo07JC0yDXedzPOqrd8/Zu6WEmFipr5JSI=
Subject key identifier: 2B:EE:F5:59:FC:AA:7D:01:D8:47:26:A9:BE:96:EE:23:20:CB:2B:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26B978E2AD5546211B2C04141E810209D2ABAAE8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
Signing time: Sat 28 Feb 2026 06:00:33 +0000
ROA not before: Sat 28 Feb 2026 06:00:33 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:b9:78:e2:ad:55:46:21:1b:2c:04:14:1e:81:02:09:d2:ab:aa:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:33 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f090ba46eb8b2912cf0bc5d2cc2e892e991dc66816fd61839f58a586c4b1488f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:89:01:3b:4b:aa:da:fd:2d:47:c8:6a:4e:38:
21:58:15:51:9c:ac:48:1c:79:6d:24:23:ae:1c:60:
07:16:53:7f:79:e4:22:61:97:66:e6:81:6e:49:6e:
e7:50:1d:75:e9:6b:88:4f:62:28:ad:df:5c:df:51:
bf:f4:9a:06:66:fc:10:a8:9e:fb:91:65:75:29:9e:
da:8e:d2:35:57:00:65:f6:f4:7c:d4:84:ce:b6:99:
b0:a4:f2:b5:53:58:0d:0a:b5:77:e9:60:4d:7d:8d:
a1:fe:0c:85:3f:0c:b5:b6:42:9b:69:45:fc:40:9f:
4c:e5:48:45:ec:07:7d:49:ec:4e:77:9b:2a:cf:18:
62:14:2a:da:44:47:47:5a:71:ad:83:ce:f3:d1:51:
4a:f7:71:95:08:75:65:72:96:d2:52:60:e0:83:11:
e1:8a:4a:73:f5:a5:8a:78:37:95:30:46:ea:fe:27:
c5:04:85:eb:0a:62:e2:21:fd:c6:06:c8:fa:9b:a5:
b9:f9:21:b8:dd:9f:cf:3a:08:aa:77:0e:3e:07:90:
3c:fe:73:42:3d:14:18:79:05:9a:c1:54:f9:73:8a:
66:8a:4d:3f:fd:9b:34:c7:e7:25:29:f9:d4:c0:8c:
e0:57:1f:4c:15:1e:40:08:9a:41:fe:cd:de:e0:10:
de:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:EE:F5:59:FC:AA:7D:01:D8:47:26:A9:BE:96:EE:23:20:CB:2B:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
6c:b5:9f:f0:cf:28:13:69:b8:b7:d3:a3:fd:fe:a0:57:78:32:
c8:bc:38:5d:99:75:bf:c3:3b:bf:76:64:f0:05:51:69:bb:f5:
5c:b7:c4:a5:2f:48:b7:23:5f:a1:d5:22:54:ef:fb:a9:ae:5e:
b1:28:0e:0a:6d:b9:d7:2d:c6:83:99:45:7a:26:79:72:54:95:
74:ad:83:b7:90:d9:f2:d8:d9:6c:67:ed:c7:05:68:c2:89:d1:
28:8b:10:8e:33:f4:61:08:9d:65:ad:b7:bc:71:33:20:af:1b:
67:9d:b0:4e:65:37:46:14:53:54:ee:2a:3a:9c:d9:d3:6e:b9:
94:b8:cf:12:8e:b4:41:1d:d0:c5:56:09:11:f3:2d:46:8f:fc:
b9:08:a7:12:61:7a:87:dc:91:53:a3:82:ba:ec:11:73:2b:09:
d4:64:e1:26:24:61:3a:ff:4c:f0:d4:83:3d:02:d9:bb:45:e9:
91:60:81:96:b5:a0:a4:48:a4:d9:ca:a0:1c:d5:2a:a8:c8:07:
44:84:ad:78:04:5f:59:49:61:a9:61:c6:a0:fd:a5:5a:17:c0:
84:9c:ca:da:b6:fe:7f:f0:04:03:b6:85:b4:30:93:1f:0b:68:
83:1d:ba:e5:18:20:9d:98:1d:4d:e0:29:6f:ae:f6:27:45:a1:
d5:ce:60:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJrl44q1VRiEbLAQUHoECCdKrqugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwMzNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwOTBiYTQ2ZWI4YjI5MTJjZjBiYzVkMmNjMmU4OTJlOTkxZGM2NjgxNmZk
NjE4MzlmNThhNTg2YzRiMTQ4OGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyJATtLqtr9LUfIak44IVgVUZysSBx5bSQjrhxgBxZTf3nkImGXZuaBbklu
51AddelriE9iKK3fXN9Rv/SaBmb8EKie+5FldSme2o7SNVcAZfb0fNSEzraZsKTy
tVNYDQq1d+lgTX2Nof4MhT8MtbZCm2lF/ECfTOVIRewHfUnsTnebKs8YYhQq2kRH
R1pxrYPO89FRSvdxlQh1ZXKW0lJg4IMR4YpKc/Wling3lTBG6v4nxQSF6wpi4iH9
xgbI+pulufkhuN2fzzoIqncOPgeQPP5zQj0UGHkFmsFU+XOKZopNP/2bNMfnJSn5
1MCM4FcfTBUeQAiaQf7N3uAQ3nMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQr7vVZ
/Kp9AdhHJqm+lu4jIMsrODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjc2Mzg4ZTItNTgyNC00ODVkLWFhOTktYzdlYTVhNDgxYWEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/g
MA0GCSqGSIb3DQEBCwUAA4IBAQBstZ/wzygTabi306P9/qBXeDLIvDhdmXW/wzu/
dmTwBVFpu/Vct8SlL0i3I1+h1SJU7/uprl6xKA4KbbnXLcaDmUV6JnlyVJV0rYO3
kNny2NlsZ+3HBWjCidEoixCOM/RhCJ1lrbe8cTMgrxtnnbBOZTdGFFNU7io6nNnT
brmUuM8SjrRBHdDFVgkR8y1Gj/y5CKcSYXqH3JFTo4K67BFzKwnUZOEmJGE6/0zw
1IM9Atm7RemRYIGWtaCkSKTZyqAc1SqoyAdEhK14BF9ZSWGpYcag/aVaF8CEnMra
tv5/8AQDtoW0MJMfC2iDHbrlGCCdmB1N4ClvrvYnRaHVzmDA
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:22 2026 by rpki-client