Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
File: 57cdb107-9a3c-4e41-87e2-149f989f7fae.roa (raw, json)
Hash identifier: RZbyD13A5eBkgt4cGW5dRcvjTo4lJ7f2oMUa4QVdyfk=
Subject key identifier: 34:41:78:51:0E:35:CE:7D:28:FD:70:8C:CD:9D:25:86:4B:D1:28:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6EF7E9C0D35F2E6AF3E1D83909D30747E7570FF3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
Signing time: Fri 06 Feb 2026 00:30:11 +0000
ROA not before: Fri 06 Feb 2026 00:30:11 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:f7:e9:c0:d3:5f:2e:6a:f3:e1:d8:39:09:d3:07:47:e7:57:0f:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:30:11 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=44663608a7efd67090669ad3b0265f23b9892d7a8bf2a9e043a9c31901ea791a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:72:e7:04:93:ac:b3:00:0a:83:65:0b:6e:32:
de:92:a2:ec:86:95:a9:aa:72:43:74:7e:17:09:c5:
00:94:8f:7b:09:b8:ba:ea:28:d7:37:11:19:ad:e2:
71:19:9a:a6:30:16:5a:af:91:97:3b:37:7f:c7:f5:
51:2a:8f:1a:17:7f:60:83:5b:ab:9d:79:ff:86:c8:
5f:bd:5d:60:04:de:f9:4e:1d:7a:21:bc:6a:f2:d7:
51:8c:d2:cb:76:07:f7:da:c5:08:70:f7:21:c5:22:
8b:47:06:11:21:55:3c:7e:f0:64:6d:93:92:2e:93:
d9:cb:33:36:3c:1f:c3:f9:7d:db:aa:8e:35:fe:f1:
50:e5:53:a9:e7:a8:3f:9c:a0:eb:cd:68:79:c8:dd:
e3:74:9d:c4:a6:a4:2a:de:e6:b7:cf:45:c6:fb:89:
71:fa:f1:97:b4:5d:b5:cc:2a:f0:f4:a6:c7:84:31:
db:a6:13:0a:eb:da:1e:3d:42:b6:f0:41:0b:7f:ed:
13:ca:73:a8:6e:31:11:f7:76:c2:04:9d:5e:02:8b:
8a:26:1a:2f:fb:5a:a7:8d:23:6a:43:6c:ca:d7:d9:
0e:fa:63:28:4b:79:2b:27:0f:06:5b:6f:17:17:6c:
b5:fa:d2:f4:2f:b3:29:6f:cf:91:6f:0d:35:a5:ff:
51:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:41:78:51:0E:35:CE:7D:28:FD:70:8C:CD:9D:25:86:4B:D1:28:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
5c:7b:85:b1:21:3c:f9:f1:f7:c8:ea:4c:c2:5b:cf:03:ca:5f:
d9:8c:8f:65:05:2f:4e:7a:2f:d3:80:4b:4c:33:5a:79:8f:65:
51:31:e0:51:5c:39:c3:1d:78:3e:16:fc:80:a4:1f:49:2d:16:
67:45:78:43:50:ce:7a:f9:8a:00:6f:6c:3b:d1:2c:eb:7a:a4:
13:ba:89:a0:81:1f:ce:9c:b7:fe:07:08:fe:4e:fe:65:31:16:
77:1b:42:15:2a:da:fa:9c:86:ec:c4:7e:7e:01:12:9c:66:33:
cf:76:f5:e4:63:12:f5:e6:80:e7:5b:97:7e:16:6b:7c:00:3b:
59:a1:fb:cd:8f:53:ad:24:17:bb:a4:b9:5c:90:ab:db:1a:b9:
17:13:8c:a4:8b:db:89:05:bb:f9:bc:ab:02:81:9d:25:1f:8c:
f0:9f:22:cb:50:6a:cf:96:da:ca:1f:43:9f:dd:fd:27:52:c4:
91:9f:ae:14:42:de:06:44:62:3c:41:31:81:4e:ba:22:d7:be:
f2:4c:2d:41:6a:4a:57:88:73:6c:16:b0:c7:2f:f7:dc:c1:2f:
55:b7:be:0a:b4:d4:75:76:20:9b:c7:54:fd:28:37:43:66:44:
6e:43:24:fd:8e:ff:75:b2:96:e7:30:a1:f2:06:52:d6:e0:b0:
e7:00:25:dc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbvfpwNNfLmrz4dg5CdMHR+dXD/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDMwMTFaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0NjYzNjA4YTdlZmQ2NzA5MDY2OWFkM2IwMjY1ZjIzYjk4OTJkN2E4YmYy
YTllMDQzYTljMzE5MDFlYTc5MWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9y5wSTrLMACoNlC24y3pKi7IaVqapyQ3R+FwnFAJSPewm4uuoo1zcRGa3i
cRmapjAWWq+Rlzs3f8f1USqPGhd/YINbq515/4bIX71dYATe+U4deiG8avLXUYzS
y3YH99rFCHD3IcUii0cGESFVPH7wZG2Tki6T2cszNjwfw/l926qONf7xUOVTqeeo
P5yg681oecjd43SdxKakKt7mt89FxvuJcfrxl7Rdtcwq8PSmx4Qx26YTCuvaHj1C
tvBBC3/tE8pzqG4xEfd2wgSdXgKLiiYaL/tap40jakNsytfZDvpjKEt5KycPBltv
FxdstfrS9C+zKW/PkW8NNaX/URsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ0QXhR
DjXOfSj9cIzNnSWGS9EoiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdjZGIxMDctOWEzYy00ZTQxLTg3ZTItMTQ5Zjk4OWY3ZmFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
wDANBgkqhkiG9w0BAQsFAAOCAQEAXHuFsSE8+fH3yOpMwlvPA8pf2YyPZQUvTnov
04BLTDNaeY9lUTHgUVw5wx14Phb8gKQfSS0WZ0V4Q1DOevmKAG9sO9Es63qkE7qJ
oIEfzpy3/gcI/k7+ZTEWdxtCFSra+pyG7MR+fgESnGYzz3b15GMS9eaA51uXfhZr
fAA7WaH7zY9TrSQXu6S5XJCr2xq5FxOMpIvbiQW7+byrAoGdJR+M8J8iy1Bqz5ba
yh9Dn939J1LEkZ+uFELeBkRiPEExgU66Ite+8kwtQWpKV4hzbBawxy/33MEvVbe+
CrTUdXYgm8dU/Sg3Q2ZEbkMk/Y7/dbKW5zCh8gZS1uCw5wAl3A==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:52 2026 by rpki-client