Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492df7df-ebf8-4fa1-9952-ea9391eed5cc.roa
File: 492df7df-ebf8-4fa1-9952-ea9391eed5cc.roa (raw, json)
Hash identifier: MZklnI4VKiA075TXtjwWGjPMXIm/HKX6wFyFmwL5HoA=
Subject key identifier: F4:6E:E2:EC:60:A5:37:C7:F1:E1:60:D6:FA:87:41:2B:88:2E:EC:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F0ECB8E1BC47926D5311DAB31CFE542D033D1F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492df7df-ebf8-4fa1-9952-ea9391eed5cc.roa
Signing time: Wed 11 Feb 2026 01:20:12 +0000
ROA not before: Wed 11 Feb 2026 01:20:12 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:0e:cb:8e:1b:c4:79:26:d5:31:1d:ab:31:cf:e5:42:d0:33:d1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:20:12 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=66b5822923b4091dc9ea76ef7d20d55c468d7054c92e61184e21a62918761a36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:78:3b:2e:0d:12:7a:2c:50:12:ae:e5:9f:fa:
b8:6e:7c:cf:b1:25:34:1a:fc:73:18:1c:80:b5:43:
7a:1d:3c:27:43:42:84:b4:ad:67:44:80:c9:59:a3:
08:43:d1:35:fa:98:99:85:7e:7c:90:4e:a8:ed:5f:
49:46:14:19:65:2c:0e:03:64:a6:ea:d4:39:95:64:
fe:b1:ca:d1:50:aa:a1:1a:2a:f8:70:3d:0b:99:4d:
41:eb:11:ce:75:68:b8:4f:c9:76:96:f8:c5:18:ae:
62:7d:40:be:d8:03:db:54:84:65:d0:76:8e:d3:8f:
d0:89:6e:f8:f5:dc:b5:dd:32:f6:8f:04:3c:a1:5d:
94:e3:a7:5d:75:ab:41:2f:d2:74:d4:80:29:8b:da:
b0:37:c1:da:59:e2:25:a4:37:b6:54:d1:90:f1:f0:
76:ff:df:01:80:f5:f8:fe:21:d0:c0:d5:55:1b:e7:
e5:8c:b8:5b:1e:d3:c7:a5:38:a9:db:75:52:19:c2:
ba:79:1b:bf:fd:f6:9b:d3:5d:76:8c:00:9e:e0:01:
3c:1c:7d:20:d2:d8:7d:40:9f:5c:8c:11:ee:e6:ad:
45:31:69:3f:2f:a9:69:6c:54:61:28:4e:0d:ee:af:
e3:45:ef:80:31:0b:67:45:21:00:56:ec:04:e6:de:
93:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6E:E2:EC:60:A5:37:C7:F1:E1:60:D6:FA:87:41:2B:88:2E:EC:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492df7df-ebf8-4fa1-9952-ea9391eed5cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:2080::/48
Signature Algorithm: sha256WithRSAEncryption
a0:52:d7:54:72:71:49:5e:32:69:db:07:17:56:65:a4:af:a1:
81:45:c7:5f:8c:fe:8d:1a:7d:9a:20:f1:42:17:26:1b:43:15:
27:d6:61:a2:c8:f7:dd:27:99:96:e9:08:20:27:f7:62:1c:ae:
c8:48:91:e8:37:0b:2b:a2:c5:a5:54:74:68:41:27:9c:23:fb:
cb:88:39:58:a9:35:88:8e:2d:2e:ea:e2:c1:0b:f3:c8:43:0a:
77:77:96:64:c5:f8:57:fc:38:82:a6:25:c3:2d:7d:07:82:d4:
ba:6b:c8:28:49:b7:be:db:a0:70:90:7e:3f:59:59:f6:16:0a:
6a:eb:20:4e:b4:8f:56:91:d2:7f:c3:de:04:a9:82:08:5a:9d:
fa:08:96:66:08:e5:50:28:a6:20:cb:18:e2:56:5b:d0:25:8a:
52:7a:8f:9c:1c:55:4a:b6:28:69:76:23:06:42:f8:00:49:98:
93:ee:50:cd:07:5f:99:20:a6:fc:30:4e:6e:30:ff:b1:79:54:
56:9f:b9:2d:89:68:01:8f:69:b8:0d:e5:cd:65:b7:fc:e1:4a:
8f:8a:1f:f4:cc:0d:38:18:10:4f:fe:e7:93:9c:2e:55:2d:ad:
d0:7d:e8:5e:f6:66:50:e7:60:0b:44:e2:8a:95:f1:17:1b:1a:
aa:1a:38:01
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbw7LjhvEeSbVMR2rMc/lQtAz0fUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTIwMTJaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2YjU4MjI5MjNiNDA5MWRjOWVhNzZlZjdkMjBkNTVjNDY4ZDcwNTRjOTJl
NjExODRlMjFhNjI5MTg3NjFhMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANt4Oy4NEnosUBKu5Z/6uG58z7ElNBr8cxgcgLVDeh08J0NChLStZ0SAyVmj
CEPRNfqYmYV+fJBOqO1fSUYUGWUsDgNkpurUOZVk/rHK0VCqoRoq+HA9C5lNQesR
znVouE/Jdpb4xRiuYn1AvtgD21SEZdB2jtOP0Ilu+PXctd0y9o8EPKFdlOOnXXWr
QS/SdNSAKYvasDfB2lniJaQ3tlTRkPHwdv/fAYD1+P4h0MDVVRvn5Yy4Wx7Tx6U4
qdt1UhnCunkbv/32m9NddowAnuABPBx9INLYfUCfXIwR7uatRTFpPy+paWxUYShO
De6v40XvgDELZ0UhAFbsBObek30CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT0buLs
YKU3x/HhYNb6h0EriC7sojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkyZGY3ZGYtZWJmOC00ZmExLTk5NTItZWE5MzkxZWVkNWNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gog
gDANBgkqhkiG9w0BAQsFAAOCAQEAoFLXVHJxSV4yadsHF1ZlpK+hgUXHX4z+jRp9
miDxQhcmG0MVJ9Zhosj33SeZlukIICf3YhyuyEiR6DcLK6LFpVR0aEEnnCP7y4g5
WKk1iI4tLuriwQvzyEMKd3eWZMX4V/w4gqYlwy19B4LUumvIKEm3vtugcJB+P1lZ
9hYKausgTrSPVpHSf8PeBKmCCFqd+giWZgjlUCimIMsY4lZb0CWKUnqPnBxVSrYo
aXYjBkL4AEmYk+5QzQdfmSCm/DBObjD/sXlUVp+5LYloAY9puA3lzWW3/OFKj4of
9MwNOBgQT/7nk5wuVS2t0H3oXvZmUOdgC0TiipXxFxsaqho4AQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:19:50 2026 by rpki-client