Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
File: 366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa (raw, json)
Hash identifier: Yz5SR2oJleXo4t6NqqMvcXdH/JT49R9w4IyUJAhWdHs=
Subject key identifier: 14:AD:07:A7:D5:6A:2B:94:0D:D7:00:98:93:A0:F0:0C:BF:82:1B:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16727E7FBFAC6C5A0642ECFEFF9B60F4C08E0450
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
Signing time: Sat 28 Feb 2026 05:31:32 +0000
ROA not before: Sat 28 Feb 2026 05:31:32 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:72:7e:7f:bf:ac:6c:5a:06:42:ec:fe:ff:9b:60:f4:c0:8e:04:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:32 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b9967fff6260e44bc57b3220451d890b658239d31fbe8e9d1e25a912c9c3dc6d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a5:cc:6d:b8:58:70:5a:67:a7:a6:58:e1:29:
d5:6c:74:d9:6d:16:70:65:dc:e1:3c:7b:c4:96:b0:
a3:50:db:71:65:fd:6b:4b:56:38:db:c8:6e:f8:ad:
de:9e:41:a2:8a:3f:eb:8c:6b:59:96:76:e6:c5:d1:
f8:84:a8:1b:33:68:b1:36:ee:9b:f9:37:42:92:5e:
90:75:64:22:9f:14:4c:8e:44:8a:cd:40:f0:b5:a1:
f2:69:4c:38:50:02:2b:5a:3d:8c:e0:ab:e7:d7:2f:
42:61:2c:e1:c8:97:bf:6e:70:4b:d6:7e:5f:88:fa:
55:e4:03:45:f1:a4:86:f2:8b:b9:01:43:ed:b1:89:
b5:86:59:c7:68:a0:de:b3:c9:a2:39:17:ee:da:f3:
ba:3e:ef:44:87:6b:17:23:55:f3:3d:f8:1c:2f:02:
bc:5f:fa:03:5f:0d:c2:1c:c6:73:61:c8:42:7c:21:
2d:1d:d3:70:3a:f7:d3:46:49:ee:0f:7f:7e:71:f6:
ac:71:48:dd:b1:52:4b:e7:19:d4:3a:85:25:c5:c6:
e0:24:ec:a1:6c:a4:b7:8a:3c:cd:2d:54:3f:d0:09:
64:c6:77:ce:06:e6:6e:96:ba:59:cb:dc:37:a1:01:
66:92:f5:aa:83:84:6e:f3:32:7d:ed:96:0b:f6:b7:
e9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:AD:07:A7:D5:6A:2B:94:0D:D7:00:98:93:A0:F0:0C:BF:82:1B:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4040::/48
Signature Algorithm: sha256WithRSAEncryption
6c:32:83:6b:c9:5c:75:2b:79:59:7c:67:e0:50:c0:cf:3d:28:
f0:65:02:36:9d:33:8f:16:1f:fe:94:1d:19:fb:d0:c4:f1:14:
2d:e5:9a:64:19:88:40:60:48:46:c1:bf:ae:90:5f:84:6f:35:
90:e5:ba:04:cf:99:ec:21:9c:25:79:43:b2:7a:4d:ea:6a:57:
bd:a4:4e:0b:55:51:5e:9b:8b:ec:7f:fb:b7:56:cb:a0:34:dc:
d4:f7:0c:d0:e0:b5:91:86:69:5e:29:78:62:c4:0a:fc:4f:64:
7f:32:22:7a:aa:7d:b6:07:54:63:bb:1a:3e:75:a8:22:2e:1a:
6e:f2:d4:34:ae:4d:6a:11:70:2b:7c:e2:92:ff:1e:d0:96:12:
39:51:37:22:b6:fa:2a:f7:8d:c5:2d:e0:b7:a7:48:a0:60:ca:
2b:24:ca:64:e5:d8:e6:16:7d:b5:1f:fe:92:ad:24:95:f5:60:
70:82:0f:46:2c:6f:55:49:c2:b4:0e:08:36:28:dc:1c:da:a0:
07:cb:82:6c:a1:da:97:f1:30:1c:14:b5:3c:ca:a0:bc:38:83:
12:fd:46:52:fa:e0:9d:be:ee:60:50:40:58:b3:69:51:68:9d:
e0:48:6b:2e:e3:0d:f0:ab:4a:a2:9b:94:06:9c:7f:e3:1a:77:
e3:cf:70:9a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFnJ+f7+sbFoGQuz+/5tg9MCOBFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMzJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5OTY3ZmZmNjI2MGU0NGJjNTdiMzIyMDQ1MWQ4OTBiNjU4MjM5ZDMxZmJl
OGU5ZDFlMjVhOTEyYzljM2RjNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKlzG24WHBaZ6emWOEp1Wx02W0WcGXc4Tx7xJawo1DbcWX9a0tWONvIbvit
3p5Booo/64xrWZZ25sXR+ISoGzNosTbum/k3QpJekHVkIp8UTI5Eis1A8LWh8mlM
OFACK1o9jOCr59cvQmEs4ciXv25wS9Z+X4j6VeQDRfGkhvKLuQFD7bGJtYZZx2ig
3rPJojkX7trzuj7vRIdrFyNV8z34HC8CvF/6A18NwhzGc2HIQnwhLR3TcDr300ZJ
7g9/fnH2rHFI3bFSS+cZ1DqFJcXG4CTsoWykt4o8zS1UP9AJZMZ3zgbmbpa6Wcvc
N6EBZpL1qoOEbvMyfe2WC/a36fMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQUrQen
1WorlA3XAJiToPAMv4IbzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzY2YzM4MGYtN2YzYy00OTFmLWE3Y2ItYmZmYzYyYWVkMWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
QDANBgkqhkiG9w0BAQsFAAOCAQEAbDKDa8lcdSt5WXxn4FDAzz0o8GUCNp0zjxYf
/pQdGfvQxPEULeWaZBmIQGBIRsG/rpBfhG81kOW6BM+Z7CGcJXlDsnpN6mpXvaRO
C1VRXpuL7H/7t1bLoDTc1PcM0OC1kYZpXil4YsQK/E9kfzIieqp9tgdUY7saPnWo
Ii4abvLUNK5NahFwK3zikv8e0JYSOVE3Irb6KveNxS3gt6dIoGDKKyTKZOXY5hZ9
tR/+kq0klfVgcIIPRixvVUnCtA4INijcHNqgB8uCbKHal/EwHBS1PMqgvDiDEv1G
Uvrgnb7uYFBAWLNpUWid4EhrLuMN8KtKopuUBpx/4xp3489wmg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:38 2026 by rpki-client