Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
File: 1a961f3a-fb71-4357-a4fc-28c4024b0441.roa (raw, json)
Hash identifier: X6CXfWNfIQvGqarNhxEjZkH+zXQFCnFn+34xGzmgEmY=
Subject key identifier: 37:A1:DF:8D:54:09:33:B2:E0:AB:E5:C2:95:4F:E4:A5:55:74:88:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FBD1605F9F9B107CAA8937EBBCEA4DDA072F0AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
Signing time: Fri 20 Feb 2026 01:50:54 +0000
ROA not before: Fri 20 Feb 2026 01:50:54 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:bd:16:05:f9:f9:b1:07:ca:a8:93:7e:bb:ce:a4:dd:a0:72:f0:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:54 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=2f3ca4105fbbdc05149af3b147b9f54c288964937dced5c284f7003368cb5002, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:52:e5:f2:cb:0c:bc:1d:f8:e0:d9:44:be:bb:
ea:dc:c1:ab:27:54:36:7c:c4:cd:65:02:80:00:c7:
3a:a6:d1:2e:6e:1f:ff:39:3b:a2:70:c6:7d:62:e2:
9a:47:40:0d:ce:94:0c:38:ba:9b:04:73:46:c6:92:
c9:c7:0b:9a:f1:9f:42:d1:94:bf:78:bc:ef:a5:0a:
87:7c:28:16:10:c3:0e:09:50:fd:c5:a2:28:f2:e1:
bb:b4:46:bf:11:0b:c8:f0:5e:6d:48:55:9c:53:01:
8c:08:0d:5a:00:47:56:e2:c4:fe:fb:c6:c9:c7:f0:
1d:2f:87:28:23:ed:73:8e:bb:76:5f:07:c5:0f:13:
26:c8:53:0a:44:de:85:4f:21:1c:2e:5d:3d:10:df:
11:b9:fe:bf:80:22:b7:e0:c1:d3:0b:04:a6:3a:2a:
8c:84:95:15:69:6a:d7:59:eb:b4:ab:e3:93:61:e5:
9c:c7:d3:2b:21:9d:5c:ea:d7:3d:b1:ae:b1:ad:b5:
a2:a0:88:95:38:9a:26:06:5a:f2:f6:1d:54:05:9d:
6b:53:d5:fa:4a:d0:92:51:7a:b8:32:0d:1e:37:63:
ff:39:14:5c:7f:df:b1:19:04:26:69:17:b6:2a:a1:
a8:a3:18:30:01:04:09:15:a9:f6:2b:79:78:ac:20:
5e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A1:DF:8D:54:09:33:B2:E0:AB:E5:C2:95:4F:E4:A5:55:74:88:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
16:c3:56:92:34:d8:9e:ad:88:c7:94:b6:7e:de:a5:d1:f5:c7:
8a:83:9e:68:c6:85:bb:c2:37:49:9b:0a:33:4b:b8:78:53:7a:
28:1f:16:c1:59:92:e5:50:fa:ce:53:e2:c9:e3:43:df:e1:83:
1d:63:64:21:24:d6:7d:08:27:45:95:29:65:93:85:30:78:9c:
0a:fd:ee:de:a1:79:f7:72:04:a5:aa:80:51:dc:9f:c7:a5:7b:
88:6a:3b:7f:13:02:ca:49:9c:56:fb:a3:2a:bb:3a:e5:58:b4:
6d:c9:09:e9:b8:82:d4:a7:8d:a4:4d:cf:c2:6f:41:a4:dd:ad:
8a:7d:89:64:73:8d:63:f6:a9:e1:fc:d5:de:e9:ca:ef:30:36:
1a:97:7f:c2:f7:7a:38:d5:f2:ad:43:b7:22:5e:88:4e:49:ed:
f8:07:0e:95:e4:cf:aa:71:28:77:29:51:aa:64:25:f3:bd:9f:
72:85:f9:bc:34:af:dd:ee:d7:a2:75:c3:d3:23:c6:8b:ed:b4:
94:6a:67:15:aa:cf:e7:78:9b:b6:62:fb:48:b3:b4:f5:16:a6:
b5:48:85:cb:56:92:d2:65:f6:60:ba:70:40:a6:a4:cc:d8:00:
40:5b:fd:9d:19:b1:dd:76:73:74:bf:3d:c1:6f:63:21:5d:c2:
fd:76:61:4f
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUb70WBfn5sQfKqJN+u86k3aBy8K4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwNTRaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmM2NhNDEwNWZiYmRjMDUxNDlhZjNiMTQ3YjlmNTRjMjg4OTY0OTM3ZGNl
ZDVjMjg0ZjcwMDMzNjhjYjUwMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1S5fLLDLwd+ODZRL676tzBqydUNnzEzWUCgADHOqbRLm4f/zk7onDGfWLi
mkdADc6UDDi6mwRzRsaSyccLmvGfQtGUv3i876UKh3woFhDDDglQ/cWiKPLhu7RG
vxELyPBebUhVnFMBjAgNWgBHVuLE/vvGycfwHS+HKCPtc467dl8HxQ8TJshTCkTe
hU8hHC5dPRDfEbn+v4Ait+DB0wsEpjoqjISVFWlq11nrtKvjk2HlnMfTKyGdXOrX
PbGusa21oqCIlTiaJgZa8vYdVAWda1PV+krQklF6uDINHjdj/zkUXH/fsRkEJmkX
tiqhqKMYMAEECRWp9it5eKwgXgkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ3od+N
VAkzsuCr5cKVT+SlVXSI/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE5NjFmM2EtZmI3MS00MzU3LWE0ZmMtMjhjNDAyNGIwNDQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBABbDVpI02J6tiMeUtn7epdH1x4qDnmjGhbvCN0mb
CjNLuHhTeigfFsFZkuVQ+s5T4snjQ9/hgx1jZCEk1n0IJ0WVKWWThTB4nAr97t6h
efdyBKWqgFHcn8ele4hqO38TAspJnFb7oyq7OuVYtG3JCem4gtSnjaRNz8JvQaTd
rYp9iWRzjWP2qeH81d7pyu8wNhqXf8L3ejjV8q1DtyJeiE5J7fgHDpXkz6pxKHcp
UapkJfO9n3KF+bw0r93u16J1w9MjxovttJRqZxWqz+d4m7Zi+0iztPUWprVIhctW
ktJl9mC6cECmpMzYAEBb/Z0Zsd12c3S/PcFvYyFdwv12YU8=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:09 2026 by rpki-client