Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
File: 3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa (raw, json)
Hash identifier: XqAkjyo2affpHwHF1iO3AS1ngIZvVwgiMgsoo6G5zBo=
Subject key identifier: 11:6B:83:93:A6:8F:06:19:A5:25:4B:C8:CF:18:D1:88:FC:3E:3B:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BA60C7A3CCB87F873D0871BD95AFDD77EFE6976
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
Signing time: Sat 28 Feb 2026 06:20:06 +0000
ROA not before: Sat 28 Feb 2026 06:20:06 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:a6:0c:7a:3c:cb:87:f8:73:d0:87:1b:d9:5a:fd:d7:7e:fe:69:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:06 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4f974b14273fb51d3361decd59666a0ce5840ef81dba49c28f01af8b2e22b99a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b0:3f:5c:34:70:fe:2a:79:d0:4f:b1:8f:8f:
bb:ef:02:9e:e6:63:f2:65:c2:f4:a6:35:cf:68:65:
84:73:ad:1a:57:85:1b:c0:bd:66:c5:39:23:6f:46:
94:83:62:6f:63:eb:36:62:fb:d6:80:2f:b6:dc:b6:
9b:da:d9:dd:4f:93:22:94:6e:52:90:50:7a:91:4e:
7f:f8:fa:20:53:b2:14:2e:30:59:43:1e:26:b9:50:
7d:26:fe:3c:d5:9d:00:ca:b6:0b:e8:af:15:f1:d9:
de:ef:02:4f:43:96:3e:7c:b0:0f:1a:ec:b8:06:bb:
ad:dd:b1:64:37:83:57:50:22:a0:bc:7d:05:15:a7:
c6:97:f7:18:b4:cc:f5:aa:c6:d8:98:23:cf:2f:59:
1d:41:5f:08:2a:c2:c2:5c:a1:fd:75:37:b9:84:6e:
15:eb:bd:d0:04:0f:2d:dd:41:a5:0a:ea:02:cf:9b:
e4:c1:59:bf:a0:ba:19:2f:a7:6b:bc:1b:3c:64:8d:
01:27:53:ea:87:da:c1:9b:d1:95:ca:49:92:83:75:
21:2a:83:67:2f:67:64:be:2f:d4:ab:aa:ef:4c:2d:
ec:98:03:be:68:82:d8:74:ff:fd:07:06:b0:ab:6d:
b8:34:a8:8d:de:62:06:42:4a:bc:cb:d8:27:17:e8:
7d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:6B:83:93:A6:8F:06:19:A5:25:4B:C8:CF:18:D1:88:FC:3E:3B:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/38
Signature Algorithm: sha256WithRSAEncryption
7b:67:85:dd:37:6e:32:e0:51:56:ab:78:3c:7e:12:f2:c0:af:
69:d5:1b:71:4d:d9:6a:d6:5b:10:b4:b1:5b:60:67:56:85:13:
df:28:38:20:eb:ad:43:7c:ef:f6:6b:09:08:95:e7:0d:ed:89:
cc:77:1d:48:e9:63:a8:ac:f7:98:a3:1e:5a:65:b7:68:59:7d:
2e:1a:2b:40:c3:19:8f:40:a9:cf:78:aa:56:57:c3:9b:9c:d6:
2f:e4:e9:66:b0:4b:57:85:39:bc:e4:37:29:93:63:aa:6b:80:
7a:ab:13:dd:db:e0:69:62:60:07:83:e5:ef:6a:fe:df:4a:53:
b9:89:17:83:81:0a:4f:61:ef:64:b4:2b:a7:59:6e:88:42:4c:
e5:77:bb:81:92:92:6d:a6:75:23:c9:cc:c9:4b:d4:2b:10:da:
f0:17:e3:97:6b:0b:da:89:56:7d:71:fa:94:a4:ba:f8:d2:59:
d0:a5:80:84:17:8c:0c:66:cc:b1:1b:8d:03:8b:45:9c:98:9c:
d0:2b:e9:25:f1:26:5b:90:1f:2d:be:c4:4a:be:6c:d9:28:02:
3b:45:6c:a8:02:5f:7c:16:ec:05:30:31:72:c4:71:20:17:72:
f4:4b:af:a2:76:87:eb:b6:20:e9:df:d7:be:c6:63:26:c3:ec:
0e:9c:e4:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG6YMejzLh/hz0Icb2Vr9137+aXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwMDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmOTc0YjE0MjczZmI1MWQzMzYxZGVjZDU5NjY2YTBjZTU4NDBlZjgxZGJh
NDljMjhmMDFhZjhiMmUyMmI5OWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGwP1w0cP4qedBPsY+Pu+8CnuZj8mXC9KY1z2hlhHOtGleFG8C9ZsU5I29G
lINib2PrNmL71oAvtty2m9rZ3U+TIpRuUpBQepFOf/j6IFOyFC4wWUMeJrlQfSb+
PNWdAMq2C+ivFfHZ3u8CT0OWPnywDxrsuAa7rd2xZDeDV1AioLx9BRWnxpf3GLTM
9arG2Jgjzy9ZHUFfCCrCwlyh/XU3uYRuFeu90AQPLd1BpQrqAs+b5MFZv6C6GS+n
a7wbPGSNASdT6ofawZvRlcpJkoN1ISqDZy9nZL4v1Kuq70wt7JgDvmiC2HT//QcG
sKttuDSojd5iBkJKvMvYJxfofUkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQRa4OT
po8GGaUlS8jPGNGI/D47kzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NmN2FlOWQtZDg2My00ZGIyLTk2MzUtZmI4NjQ3OWNmMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQB7Z4XdN24y4FFWq3g8fhLywK9p1RtxTdlq1lsQ
tLFbYGdWhRPfKDgg661DfO/2awkIlecN7YnMdx1I6WOorPeYox5aZbdoWX0uGitA
wxmPQKnPeKpWV8ObnNYv5OlmsEtXhTm85Dcpk2Oqa4B6qxPd2+BpYmAHg+Xvav7f
SlO5iReDgQpPYe9ktCunWW6IQkzld7uBkpJtpnUjyczJS9QrENrwF+OXawvaiVZ9
cfqUpLr40lnQpYCEF4wMZsyxG40Di0WcmJzQK+kl8SZbkB8tvsRKvmzZKAI7RWyo
Al98FuwFMDFyxHEgF3L0S6+idofrtiDp39e+xmMmw+wOnORy
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:34 2026 by rpki-client