Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
File: 6236cad2-ab49-4574-b740-7b70c27fae87.roa (raw, json)
Hash identifier: h9d0oxU59F9VAb8TyAZEJeVU7OFhvi402Ir/gJPWEmQ=
Subject key identifier: B4:0E:29:14:70:56:ED:42:1D:5F:10:CD:5B:B8:6D:1B:4C:27:43:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B6A49AF30EA323ECEBBFA82C0B6DBE98018341E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
Signing time: Sat 28 Feb 2026 05:50:39 +0000
ROA not before: Sat 28 Feb 2026 05:50:39 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:6a:49:af:30:ea:32:3e:ce:bb:fa:82:c0:b6:db:e9:80:18:34:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:39 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e916057159266189f9ecdb5d400978232761a8022a1dda07f83ddee1e64ebd9a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f5:c7:75:33:d3:f8:9c:53:a2:17:c0:16:90:
08:4f:31:43:81:36:ab:5b:de:0c:00:86:37:cf:d3:
3a:d1:5a:0b:e9:5a:8f:d6:ec:e8:8e:ce:01:ee:9f:
0b:95:14:97:e2:07:09:99:ac:18:ce:d4:c8:80:1e:
d6:1b:7c:2d:67:9f:36:81:49:11:db:f1:98:c2:5c:
4f:8a:f1:5a:68:f5:5e:26:76:77:e3:37:f4:9a:47:
85:b0:ea:5d:9e:89:09:03:84:f4:8d:da:85:d8:41:
b5:3f:5b:8f:ce:73:5a:4e:57:24:cb:75:c3:51:4f:
89:a6:b2:76:5b:eb:aa:23:7e:84:66:cb:59:9f:15:
ff:54:19:66:14:fa:b5:70:69:2b:db:59:e6:e1:e4:
d9:49:e2:21:93:aa:71:26:a1:61:15:e7:d4:2e:3b:
f4:6c:60:60:e5:f4:f6:d9:61:50:09:13:aa:04:d9:
a6:b5:02:b1:1c:e7:63:1f:2f:c4:ee:46:c4:d7:c9:
9c:9e:0a:c2:37:71:aa:53:c1:86:92:b0:eb:e6:8d:
31:cf:42:61:49:30:c8:e6:7f:b4:ca:d2:8d:88:c3:
c3:91:12:cf:ab:8d:51:f3:80:5d:16:70:27:64:36:
84:08:fc:ca:20:1a:75:97:7a:6e:8f:e6:2b:92:45:
37:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0E:29:14:70:56:ED:42:1D:5F:10:CD:5B:B8:6D:1B:4C:27:43:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8400::/38
Signature Algorithm: sha256WithRSAEncryption
9b:06:0b:58:42:1e:ea:ef:a8:33:31:eb:e7:a8:1d:e8:76:ae:
b6:8d:74:25:89:52:b1:e5:63:c9:49:9c:33:a6:16:a3:ff:dc:
8e:cf:62:5e:ad:34:31:1b:b4:69:d4:e3:47:8b:de:29:9a:8a:
3d:e5:93:85:54:49:f4:ff:a6:f8:bf:13:97:fb:86:e5:80:3d:
bb:4e:eb:d3:be:3a:23:8e:97:d6:60:0b:c4:b5:7a:b5:2a:55:
cf:6b:56:33:c5:44:23:79:e6:33:ee:90:ef:46:00:f4:2d:59:
06:e0:6f:6e:4c:9a:ae:ec:4d:d8:b6:77:9c:19:46:28:2f:9b:
24:48:76:92:5c:0f:7c:0a:55:26:56:79:a8:de:b3:2d:21:21:
74:48:ac:81:00:fe:79:fd:6c:68:07:07:f6:e4:23:0a:2c:40:
d6:de:5e:29:38:9b:f4:bd:77:7c:c9:70:fe:db:db:d1:44:2e:
14:f7:51:f6:1c:a2:b0:df:3e:93:2e:ab:51:2a:c0:10:88:71:
e9:80:e5:91:ec:e3:3e:04:38:1b:98:87:d8:2e:dc:f8:a3:95:
16:69:db:eb:3f:c6:5f:c4:ee:04:9b:eb:e1:12:db:fb:aa:5f:
1f:7b:a6:f3:a0:5a:f5:95:cd:a4:03:c7:2a:7d:8a:f4:58:9c:
8a:ea:9f:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK2pJrzDqMj7Ou/qCwLbb6YAYNB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwMzlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5MTYwNTcxNTkyNjYxODlmOWVjZGI1ZDQwMDk3ODIzMjc2MWE4MDIyYTFk
ZGEwN2Y4M2RkZWUxZTY0ZWJkOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKf1x3Uz0/icU6IXwBaQCE8xQ4E2q1veDACGN8/TOtFaC+laj9bs6I7OAe6f
C5UUl+IHCZmsGM7UyIAe1ht8LWefNoFJEdvxmMJcT4rxWmj1XiZ2d+M39JpHhbDq
XZ6JCQOE9I3ahdhBtT9bj85zWk5XJMt1w1FPiaaydlvrqiN+hGbLWZ8V/1QZZhT6
tXBpK9tZ5uHk2UniIZOqcSahYRXn1C479GxgYOX09tlhUAkTqgTZprUCsRznYx8v
xO5GxNfJnJ4KwjdxqlPBhpKw6+aNMc9CYUkwyOZ/tMrSjYjDw5ESz6uNUfOAXRZw
J2Q2hAj8yiAadZd6bo/mK5JFN7ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS0DikU
cFbtQh1fEM1buG0bTCdDKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjIzNmNhZDItYWI0OS00NTc0LWI3NDAtN2I3MGMyN2ZhZTg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCE
MA0GCSqGSIb3DQEBCwUAA4IBAQCbBgtYQh7q76gzMevnqB3odq62jXQliVKx5WPJ
SZwzphaj/9yOz2JerTQxG7Rp1ONHi94pmoo95ZOFVEn0/6b4vxOX+4blgD27TuvT
vjojjpfWYAvEtXq1KlXPa1YzxUQjeeYz7pDvRgD0LVkG4G9uTJqu7E3YtnecGUYo
L5skSHaSXA98ClUmVnmo3rMtISF0SKyBAP55/WxoBwf25CMKLEDW3l4pOJv0vXd8
yXD+29vRRC4U91H2HKKw3z6TLqtRKsAQiHHpgOWR7OM+BDgbmIfYLtz4o5UWadvr
P8ZfxO4Em+vhEtv7ql8fe6bzoFr1lc2kA8cqfYr0WJyK6p+U
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:55:37 2026 by rpki-client