Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
File: 0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa (raw, json)
Hash identifier: fqW93BKPiAcTPI9erac4NDj6yXTAXTslGFoDHbXlcJo=
Subject key identifier: 12:93:55:EE:C8:28:DD:15:DD:56:ED:17:D0:87:00:F7:53:04:BD:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D8C81A682EC9A111B1A28E3035F74FF368EE328
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
Signing time: Sat 28 Feb 2026 05:51:31 +0000
ROA not before: Sat 28 Feb 2026 05:51:31 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:8c:81:a6:82:ec:9a:11:1b:1a:28:e3:03:5f:74:ff:36:8e:e3:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:31 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=a5136a807671ca9c755fd87d140925a6000a569eddcb8e512bc026cef75ea817, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:77:09:e4:b4:e6:a8:32:27:ff:9b:c7:13:d7:
27:27:5a:79:37:29:0e:ee:77:f9:b6:da:dd:5f:e9:
f9:6c:e8:3b:b3:22:3d:da:e1:5e:a5:f7:95:8f:72:
2d:4b:8b:ce:39:3b:16:71:b5:80:9d:20:2b:97:2a:
c7:a6:4e:c3:08:5b:ba:c4:8a:3b:02:69:9d:a0:2b:
6e:21:6a:45:ca:81:92:1c:87:ce:fd:65:93:eb:8e:
b2:70:4e:f4:1a:10:7c:f6:47:d9:ff:8c:ee:f5:a3:
08:3e:45:02:48:33:7f:ba:ba:e7:21:3a:85:d5:6f:
2f:bd:2e:71:bc:a9:37:20:98:a1:f2:20:40:56:cf:
d3:99:68:15:38:8f:10:7c:bc:2d:17:28:cb:57:d2:
db:d9:27:ce:d5:06:33:e1:b3:52:01:61:bf:a2:7d:
d4:d8:49:32:01:1e:f4:fd:a4:12:f5:42:d4:8b:7c:
4e:89:56:78:34:84:f1:dc:05:7d:95:0c:2d:38:ef:
0f:07:f2:3c:dd:9f:fe:33:8f:9e:c5:fb:a3:2c:8e:
0f:09:ab:79:20:c7:d7:9b:aa:e8:d8:4c:74:20:e9:
bf:6f:3f:09:38:c2:de:bd:9b:92:ee:8f:b0:7e:09:
5c:20:b8:1a:64:a3:b0:3c:59:11:80:22:f4:20:7d:
3f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:93:55:EE:C8:28:DD:15:DD:56:ED:17:D0:87:00:F7:53:04:BD:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:1000::/36
Signature Algorithm: sha256WithRSAEncryption
c0:01:82:cd:cf:1c:45:76:2b:f8:5c:f9:4f:0d:07:ec:d5:5d:
45:51:e5:fe:5d:d8:d3:0f:41:f9:63:8f:58:aa:93:cc:f3:66:
e2:e3:c2:40:25:6f:4b:c7:e1:02:3d:c2:b2:ed:77:77:b0:46:
33:a6:75:21:f4:57:d1:2b:c8:ae:55:e1:f8:d7:f2:8e:7f:c9:
42:8f:c3:f9:7d:d6:0e:13:ed:3e:34:27:3f:d1:4b:71:94:41:
ba:b4:b7:6c:45:1c:a5:3c:36:d3:2e:cd:18:50:b2:6e:70:1d:
b7:42:fe:f9:47:c2:c6:69:c3:96:cc:e5:35:14:f7:68:11:62:
14:bb:a8:61:b4:c2:b0:b8:89:00:12:35:11:ca:05:4c:11:5d:
a2:bf:64:eb:2c:6e:d4:e0:8b:10:5c:ed:c9:16:10:52:02:56:
20:19:fc:28:17:cf:80:7e:e8:b9:c2:19:c9:df:50:9d:c4:e1:
f5:ea:de:41:09:02:1f:11:2c:cf:6b:ef:b9:f9:65:5a:8a:68:
34:01:89:2b:92:63:82:f3:18:79:92:05:14:28:07:59:66:fa:
09:e0:62:23:96:14:3d:11:fc:13:16:f0:0d:49:da:4f:15:05:
6c:8d:79:ae:53:5e:a8:6b:4f:39:fe:6b:8c:2d:cc:ca:a8:b2:
52:16:44:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULYyBpoLsmhEbGijjA190/zaO4ygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMzFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1MTM2YTgwNzY3MWNhOWM3NTVmZDg3ZDE0MDkyNWE2MDAwYTU2OWVkZGNi
OGU1MTJiYzAyNmNlZjc1ZWE4MTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALN3CeS05qgyJ/+bxxPXJydaeTcpDu53+bba3V/p+WzoO7MiPdrhXqX3lY9y
LUuLzjk7FnG1gJ0gK5cqx6ZOwwhbusSKOwJpnaArbiFqRcqBkhyHzv1lk+uOsnBO
9BoQfPZH2f+M7vWjCD5FAkgzf7q65yE6hdVvL70ucbypNyCYofIgQFbP05loFTiP
EHy8LRcoy1fS29knztUGM+GzUgFhv6J91NhJMgEe9P2kEvVC1It8TolWeDSE8dwF
fZUMLTjvDwfyPN2f/jOPnsX7oyyODwmreSDH15uq6NhMdCDpv28/CTjC3r2bku6P
sH4JXCC4GmSjsDxZEYAi9CB9PwkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSk1Xu
yCjdFd1W7RfQhwD3UwS9GzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGJmNmNlZjgtOGM2MC00YTBlLTg5MzItY2ZkYTY0OGQyNzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDAAYLNzxxFdiv4XPlPDQfs1V1FUeX+XdjTD0H5
Y49YqpPM82bi48JAJW9Lx+ECPcKy7Xd3sEYzpnUh9FfRK8iuVeH41/KOf8lCj8P5
fdYOE+0+NCc/0UtxlEG6tLdsRRylPDbTLs0YULJucB23Qv75R8LGacOWzOU1FPdo
EWIUu6hhtMKwuIkAEjURygVMEV2iv2TrLG7U4IsQXO3JFhBSAlYgGfwoF8+Afui5
whnJ31CdxOH16t5BCQIfESzPa++5+WVaimg0AYkrkmOC8xh5kgUUKAdZZvoJ4GIj
lhQ9EfwTFvANSdpPFQVsjXmuU16oa085/muMLczKqLJSFkR1
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:03:09 2026 by rpki-client