Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
File: 2cee858e-c572-427b-8123-23b2e05abc40.roa (raw, json)
Hash identifier: 0b5zR645oadrdCEeYKV3yZz67BMXMIhYxEhx0gtQTOw=
Subject key identifier: FD:9B:19:56:87:F2:EC:21:19:01:65:25:14:FB:90:43:46:76:FA:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A6A7ED055008EB267AC51204712891EA21DFF0F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
Signing time: Sat 28 Feb 2026 05:10:14 +0000
ROA not before: Sat 28 Feb 2026 05:10:14 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:6a:7e:d0:55:00:8e:b2:67:ac:51:20:47:12:89:1e:a2:1d:ff:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:14 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e0805bf132c43557cea57f4ff77b565eee555e5daa6a2804c6da936b5c4cd77f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e2:7e:bd:5a:f4:63:35:c8:12:ab:5d:79:8b:
ac:3a:08:ae:34:3b:1a:6a:a7:ca:d7:b3:2a:ed:77:
bd:0c:a7:61:1e:62:43:9c:90:5a:31:ab:f2:22:b4:
5c:13:03:dc:b2:be:5c:9e:9a:4e:4d:be:a2:cf:69:
63:43:86:b4:62:0d:11:d5:46:7c:0a:3a:44:b5:a2:
5d:55:86:9c:14:b8:b9:87:3c:dd:59:0a:c8:23:63:
5f:88:83:a8:2f:d9:ee:8d:3d:6d:c4:9a:71:17:c9:
38:05:e6:b9:91:c4:e9:6d:c4:cd:d7:74:5e:49:6d:
77:16:f6:23:f0:70:e2:46:0a:c5:0d:f6:8d:2d:53:
e4:c6:a3:99:6f:f7:03:56:11:e4:74:a9:dc:73:8e:
ca:13:e0:51:3e:d9:d3:35:b0:03:17:df:b8:fe:e0:
8f:02:bb:37:44:46:25:ea:97:37:03:7f:06:66:17:
06:d5:09:ae:e6:33:50:02:0f:6d:e5:0d:72:65:08:
49:49:2b:e8:56:70:09:ce:6f:23:aa:e9:79:1a:57:
79:d3:76:d9:4f:af:98:d4:c1:09:a0:c3:d7:ac:2e:
ce:10:0c:13:c2:77:aa:69:2f:44:c7:1d:87:9e:ad:
6b:9a:25:ef:37:c9:38:e2:b1:de:e9:c0:5c:2a:9f:
aa:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9B:19:56:87:F2:EC:21:19:01:65:25:14:FB:90:43:46:76:FA:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c080::/48
Signature Algorithm: sha256WithRSAEncryption
38:08:b2:77:3f:26:e2:f9:2a:61:18:25:7e:81:d5:d6:78:9a:
bd:eb:ea:e8:ad:6b:c1:27:dc:ce:1d:0e:b3:28:51:aa:ad:12:
95:0b:26:68:83:c2:87:16:58:93:64:22:5f:8e:ba:52:93:7b:
93:53:c2:d3:0e:7e:8e:9f:1c:e2:b2:1d:6f:37:09:86:5f:46:
5b:9d:ea:2a:6b:21:4a:75:6c:1b:c0:fa:02:6a:85:bd:16:2f:
99:79:6c:7a:7a:57:d1:30:d5:95:b3:b8:2a:81:18:a8:42:90:
36:15:c4:fe:54:27:79:ae:b8:6a:55:15:e7:09:78:ff:b2:6a:
d3:51:ff:d6:1d:ed:42:e3:8e:eb:22:e3:89:b6:69:f9:77:65:
54:df:87:3b:ae:89:50:bd:ee:ef:aa:22:f9:cc:b6:43:66:9f:
c7:c7:05:8c:98:66:23:de:f2:10:ae:82:5b:c9:cd:fc:1c:7d:
2f:f3:df:2a:c3:fa:6a:97:2f:24:d6:52:28:2c:9b:b9:15:18:
72:33:c8:0b:37:6b:d2:f8:3b:b9:ae:b8:85:8d:07:78:1c:5c:
b8:ca:b7:1f:35:e6:00:3f:1f:1a:2a:1d:4a:22:e0:2a:b7:77:
08:60:35:f9:5f:cd:cf:8d:b1:f4:eb:b8:22:ef:ed:65:17:9b:
52:37:ee:34
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUamp+0FUAjrJnrFEgRxKJHqId/w8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwODA1YmYxMzJjNDM1NTdjZWE1N2Y0ZmY3N2I1NjVlZWU1NTVlNWRhYTZh
MjgwNGM2ZGE5MzZiNWM0Y2Q3N2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPHifr1a9GM1yBKrXXmLrDoIrjQ7GmqnytezKu13vQynYR5iQ5yQWjGr8iK0
XBMD3LK+XJ6aTk2+os9pY0OGtGINEdVGfAo6RLWiXVWGnBS4uYc83VkKyCNjX4iD
qC/Z7o09bcSacRfJOAXmuZHE6W3Ezdd0Xkltdxb2I/Bw4kYKxQ32jS1T5MajmW/3
A1YR5HSp3HOOyhPgUT7Z0zWwAxffuP7gjwK7N0RGJeqXNwN/BmYXBtUJruYzUAIP
beUNcmUISUkr6FZwCc5vI6rpeRpXedN22U+vmNTBCaDD16wuzhAME8J3qmkvRMcd
h56ta5ol7zfJOOKx3unAXCqfqu0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT9mxlW
h/LsIRkBZSUU+5BDRnb6FTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmNlZTg1OGUtYzU3Mi00MjdiLTgxMjMtMjNiMmUwNWFiYzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
gDANBgkqhkiG9w0BAQsFAAOCAQEAOAiydz8m4vkqYRglfoHV1niavevq6K1rwSfc
zh0OsyhRqq0SlQsmaIPChxZYk2QiX466UpN7k1PC0w5+jp8c4rIdbzcJhl9GW53q
KmshSnVsG8D6AmqFvRYvmXlsenpX0TDVlbO4KoEYqEKQNhXE/lQnea64alUV5wl4
/7Jq01H/1h3tQuOO6yLjibZp+XdlVN+HO66JUL3u76oi+cy2Q2afx8cFjJhmI97y
EK6CW8nN/Bx9L/PfKsP6apcvJNZSKCybuRUYcjPICzdr0vg7ua64hY0HeBxcuMq3
HzXmAD8fGiodSiLgKrd3CGA1+V/Nz42x9Ou4Iu/tZRebUjfuNA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:00 2026 by rpki-client