Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6be02d-a1d0-4623-9c4b-9cec8272e2d7.roa
File: 2c6be02d-a1d0-4623-9c4b-9cec8272e2d7.roa (raw, json)
Hash identifier: G4DmZTHMJ+HWlWJvlkqc3svkDYvD7SLPpeBS1bJ3SZo=
Subject key identifier: 11:EB:58:0C:A8:87:A5:4C:2C:F4:2A:D6:55:37:72:A9:F8:7C:22:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CC6C2892C1A3F6A70D2CFA9175BDD97CB3244DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6be02d-a1d0-4623-9c4b-9cec8272e2d7.roa
Signing time: Wed 11 Feb 2026 01:30:50 +0000
ROA not before: Wed 11 Feb 2026 01:30:50 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:c6:c2:89:2c:1a:3f:6a:70:d2:cf:a9:17:5b:dd:97:cb:32:44:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:50 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=f408a5c60aecef56b3cfd43d5ed71db43f1cc9f31635b7421c094255d11bd4a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ff:bf:96:77:c5:2d:ef:01:b7:b8:c2:bd:c8:
62:59:fd:70:45:dd:86:25:5e:1d:91:08:da:d8:57:
1d:0c:9f:7c:4f:bb:66:cd:07:67:60:6a:9c:3c:f3:
ba:45:b1:59:d2:3b:db:98:98:50:9e:99:6b:ae:cd:
e2:51:f3:e6:64:b4:30:d8:d9:0a:a8:1a:3a:11:41:
49:26:f8:54:bb:78:01:23:5b:e9:39:e5:5d:f1:f4:
f6:99:29:07:d5:db:4d:c7:b1:dc:05:15:91:6b:dc:
38:b4:7a:3d:ec:50:a0:31:f0:6f:ef:66:d9:91:54:
da:af:e4:8a:a6:a2:b9:7b:bf:c8:b6:7f:fc:a1:b1:
a3:24:39:18:a2:06:53:49:53:ff:9b:f1:74:a8:cf:
27:c4:7e:9b:cc:53:06:10:2e:a7:1f:5f:34:14:ae:
68:9b:5b:b1:13:0a:0a:43:c6:c3:c0:3b:7e:49:0c:
78:9c:d2:b6:ef:b1:22:e3:7d:dc:92:cc:3c:cc:e0:
48:8a:7a:d6:16:9b:46:59:7e:41:10:b9:c1:b4:fd:
b5:67:f9:b3:25:9f:3b:3f:2a:ed:cb:9e:7e:2b:4f:
f3:41:8f:2c:c2:77:1c:10:7a:07:4a:5d:54:e7:27:
3d:4a:86:3a:72:66:14:c7:cd:9c:3c:27:c2:2d:03:
30:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:EB:58:0C:A8:87:A5:4C:2C:F4:2A:D6:55:37:72:A9:F8:7C:22:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6be02d-a1d0-4623-9c4b-9cec8272e2d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:8080::/48
Signature Algorithm: sha256WithRSAEncryption
63:de:ab:89:be:db:0d:05:66:5b:a4:86:f9:77:fa:4c:8e:b3:
b0:9f:e9:2e:86:e3:ac:0e:f2:31:4c:f9:3c:f8:77:b2:f6:7b:
60:07:2f:39:41:ee:eb:59:61:cf:7c:5c:18:0d:76:ba:31:5f:
53:d3:1f:7c:20:45:bb:f9:17:fb:98:36:23:11:10:42:12:7c:
50:dc:ae:7e:c2:a3:f9:9b:31:57:24:02:e7:ed:cc:1d:9e:8b:
4c:14:9c:63:14:3d:1d:f5:31:e4:20:bb:07:c6:c4:de:fc:2f:
37:da:6a:67:7a:56:51:61:97:4e:23:f8:98:62:a1:52:f1:69:
70:cb:91:bd:79:8c:a6:1c:fb:c0:5a:c9:63:78:cc:d3:b8:c1:
f0:54:8f:0e:84:8c:ad:17:a7:7f:db:cf:6b:2b:50:cb:d8:c8:
80:0b:2e:1f:61:0e:0f:3a:85:64:6c:de:87:35:c0:6b:de:71:
23:3e:7f:9d:af:ff:4a:c3:68:74:7b:cc:7c:86:1f:18:da:56:
16:24:e4:cc:7f:6d:62:ec:bd:69:bc:f4:5e:b6:a2:5f:f7:80:
c0:fa:cd:f8:b5:c2:c1:26:5e:10:c4:6c:17:b6:d5:8c:60:77:
ca:06:b6:4b:64:22:e5:4f:c6:92:25:d6:19:57:b0:7c:34:dc:
2a:ed:43:53
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPMbCiSwaP2pw0s+pF1vdl8syRNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwNTBaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0MDhhNWM2MGFlY2VmNTZiM2NmZDQzZDVlZDcxZGI0M2YxY2M5ZjMxNjM1
Yjc0MjFjMDk0MjU1ZDExYmQ0YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJf/v5Z3xS3vAbe4wr3IYln9cEXdhiVeHZEI2thXHQyffE+7Zs0HZ2BqnDzz
ukWxWdI725iYUJ6Za67N4lHz5mS0MNjZCqgaOhFBSSb4VLt4ASNb6TnlXfH09pkp
B9XbTcex3AUVkWvcOLR6PexQoDHwb+9m2ZFU2q/kiqaiuXu/yLZ//KGxoyQ5GKIG
U0lT/5vxdKjPJ8R+m8xTBhAupx9fNBSuaJtbsRMKCkPGw8A7fkkMeJzStu+xIuN9
3JLMPMzgSIp61habRll+QRC5wbT9tWf5syWfOz8q7cuefitP80GPLMJ3HBB6B0pd
VOcnPUqGOnJmFMfNnDwnwi0DMPkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQR61gM
qIelTCz0KtZVN3Kp+HwimTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM2YmUwMmQtYTFkMC00NjIzLTljNGItOWNlYzgyNzJlMmQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GqA
gDANBgkqhkiG9w0BAQsFAAOCAQEAY96rib7bDQVmW6SG+Xf6TI6zsJ/pLobjrA7y
MUz5PPh3svZ7YAcvOUHu61lhz3xcGA12ujFfU9MffCBFu/kX+5g2IxEQQhJ8UNyu
fsKj+ZsxVyQC5+3MHZ6LTBScYxQ9HfUx5CC7B8bE3vwvN9pqZ3pWUWGXTiP4mGKh
UvFpcMuRvXmMphz7wFrJY3jM07jB8FSPDoSMrRenf9vPaytQy9jIgAsuH2EODzqF
ZGzehzXAa95xIz5/na//SsNodHvMfIYfGNpWFiTkzH9tYuy9abz0XraiX/eAwPrN
+LXCwSZeEMRsF7bVjGB3yga2S2Qi5U/GkiXWGVewfDTcKu1DUw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:32 2026 by rpki-client