Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
File: fc452689-b0a6-4816-a48a-8c8854d225f8.roa (raw, json)
Hash identifier: Pa7yvbYiDVBmi7JohWzbHoujwGfsBV4XpO5Ap6xxSdk=
Subject key identifier: 32:74:B8:DD:E4:00:1A:F1:13:10:87:F5:B3:3D:28:DC:C2:27:D9:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 594E8BE28227EED22081EC142301EF19414EC3BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
Signing time: Tue 17 Feb 2026 03:00:12 +0000
ROA not before: Tue 17 Feb 2026 03:00:12 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:4e:8b:e2:82:27:ee:d2:20:81:ec:14:23:01:ef:19:41:4e:c3:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:12 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=9afd713edd01965a45eeead68b6e894aa145d1060de34b3782d2efdcfd682e33, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6c:4b:92:62:5a:f3:c1:96:7d:98:da:3a:b7:
e9:71:7e:45:70:b2:e1:7a:18:e6:c4:4a:c5:3e:db:
f9:d0:5b:52:65:01:09:7e:94:20:cc:d7:19:f8:6a:
86:bc:71:ea:96:86:7a:9e:26:54:a2:ee:0d:2d:81:
5b:34:a6:48:66:18:5d:85:e4:de:9e:82:a8:1c:1e:
9e:c6:c8:14:33:60:89:0e:33:5c:61:f7:68:da:01:
dc:d1:e6:d8:63:14:b9:4a:69:f8:07:f5:56:71:06:
a2:dc:b2:d0:08:63:3b:e1:ce:1e:f9:db:c0:5f:f5:
61:27:fb:e0:b2:ee:8c:b4:4a:d8:a7:61:95:df:a8:
02:1a:3b:26:57:aa:22:65:be:76:6b:8a:e5:fe:f9:
53:d5:12:b4:47:e8:6b:e5:0d:15:bb:a6:0a:d3:49:
c6:7f:0b:5e:b4:3f:6e:ca:dd:d4:00:a8:73:17:6a:
da:74:0d:44:ee:44:a6:d8:ad:9e:e6:e5:a4:9f:57:
0c:94:8c:fd:b4:a6:37:91:bc:0f:f3:7c:1d:2d:05:
26:0a:2c:ce:65:e0:1e:17:e5:c0:d1:70:58:09:ac:
ab:bf:ec:c5:43:98:a4:9c:f4:89:94:55:e0:e6:18:
d4:11:32:0c:19:3e:3b:b9:6d:27:6e:2c:45:ad:5b:
13:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:74:B8:DD:E4:00:1A:F1:13:10:87:F5:B3:3D:28:DC:C2:27:D9:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
39:71:68:4b:ec:94:21:55:53:3c:9d:08:d8:99:4e:67:94:6b:
d1:f7:fe:67:3f:70:67:1b:a5:9f:e4:1b:27:71:21:18:f0:57:
0d:82:07:a4:d0:1a:78:2d:b5:8b:51:d8:f2:45:26:10:f2:75:
61:78:66:cf:3b:6a:fa:03:0b:04:0f:fb:23:1f:a7:0a:ee:62:
8d:4b:7f:f8:01:34:15:f3:a2:64:c9:1e:c1:39:81:e8:bf:c3:
4a:ce:62:77:d1:48:bf:68:3a:ef:e9:16:79:e1:9f:d1:58:c2:
0d:03:0b:20:e5:46:8a:d7:02:6a:23:f9:7e:b6:0f:75:e1:99:
5e:9a:62:f2:8e:18:10:29:e4:ed:af:7a:e6:3c:34:ac:9d:7b:
54:59:e7:af:77:6a:ae:3f:f7:c3:7a:aa:1b:ae:58:82:a7:78:
a5:2f:97:e4:64:cc:f7:d4:0e:bf:89:a3:ac:3b:19:a1:69:f4:
93:15:f0:1a:4d:ff:99:a1:5c:dd:7d:c8:e5:39:04:77:5e:d4:
1c:c3:e7:56:cb:34:1e:49:a1:4e:5e:e8:c4:99:ee:4e:0d:53:
5e:80:43:34:7d:19:cf:a8:70:3c:7f:08:4d:e9:60:bc:63:a2:
99:44:c0:64:4c:71:d3:90:de:9b:ea:71:6c:ed:0a:90:f7:99:
21:75:6e:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWU6L4oIn7tIggewUIwHvGUFOw70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMTJaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhZmQ3MTNlZGQwMTk2NWE0NWVlZWFkNjhiNmU4OTRhYTE0NWQxMDYwZGUz
NGIzNzgyZDJlZmRjZmQ2ODJlMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI9sS5JiWvPBln2Y2jq36XF+RXCy4XoY5sRKxT7b+dBbUmUBCX6UIMzXGfhq
hrxx6paGep4mVKLuDS2BWzSmSGYYXYXk3p6CqBwensbIFDNgiQ4zXGH3aNoB3NHm
2GMUuUpp+Af1VnEGotyy0AhjO+HOHvnbwF/1YSf74LLujLRK2Kdhld+oAho7Jleq
ImW+dmuK5f75U9UStEfoa+UNFbumCtNJxn8LXrQ/bsrd1ACocxdq2nQNRO5Eptit
nublpJ9XDJSM/bSmN5G8D/N8HS0FJgoszmXgHhflwNFwWAmsq7/sxUOYpJz0iZRV
4OYY1BEyDBk+O7ltJ24sRa1bE4UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQydLjd
5AAa8RMQh/WzPSjcwifZZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0NTI2ODktYjBhNi00ODE2LWE0OGEtOGM4ODU0ZDIyNWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQA5cWhL7JQhVVM8nQjYmU5nlGvR9/5nP3BnG6Wf
5BsncSEY8FcNggek0Bp4LbWLUdjyRSYQ8nVheGbPO2r6AwsED/sjH6cK7mKNS3/4
ATQV86JkyR7BOYHov8NKzmJ30Ui/aDrv6RZ54Z/RWMINAwsg5UaK1wJqI/l+tg91
4ZlemmLyjhgQKeTtr3rmPDSsnXtUWeevd2quP/fDeqobrliCp3ilL5fkZMz31A6/
iaOsOxmhafSTFfAaTf+ZoVzdfcjlOQR3XtQcw+dWyzQeSaFOXujEme5ODVNegEM0
fRnPqHA8fwhN6WC8Y6KZRMBkTHHTkN6b6nFs7QqQ95khdW7L
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:02:08 2026 by rpki-client