Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
File: 62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa (raw, json)
Hash identifier: m6O/FCwAFxXN9qO+LV5u9zzBdC57/ErtYd2AYhbQN1U=
Subject key identifier: 4F:C0:64:0B:74:32:DE:7D:80:B8:32:29:81:95:45:F3:9F:0E:54:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 784858254CD618FD539F24943DF82DEE050F7DDC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
Signing time: Sat 28 Feb 2026 05:50:46 +0000
ROA not before: Sat 28 Feb 2026 05:50:46 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:48:58:25:4c:d6:18:fd:53:9f:24:94:3d:f8:2d:ee:05:0f:7d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:46 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4789a6f857e40fc5f8ef9bce9057b5eccbf43548321a6b671779701fce909fcc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:af:ed:b3:d0:0d:ce:c3:e6:06:40:00:4a:54:
dc:06:68:a8:97:2e:8e:c8:9d:d2:a8:95:44:3b:25:
c9:c8:40:f9:63:ef:c6:e4:ed:59:eb:5e:e6:9c:c4:
21:c4:c4:1b:ad:cb:07:41:96:0f:47:61:dc:72:25:
85:fd:f9:e5:a8:f5:6b:fa:fc:60:e4:f8:c5:03:bb:
31:9e:1e:5e:9e:82:8d:ed:e1:79:91:e3:f1:00:29:
03:cf:38:f4:0f:08:23:fb:4e:2f:6f:bd:56:f1:07:
89:32:d9:95:15:02:79:0c:df:3c:25:fa:fa:d2:7e:
16:be:3b:ce:8e:e1:e3:ec:75:bc:15:04:d8:7b:62:
66:a6:11:e1:b4:c2:c5:7e:4d:9a:c5:d6:5a:6a:d6:
63:e7:9a:3f:ab:8e:1d:0a:84:46:32:91:aa:ce:a4:
d7:37:7e:e8:25:b4:ef:78:d2:21:52:4c:67:43:21:
0c:c2:7a:23:6b:6e:67:1e:81:ee:3c:90:ec:e5:77:
24:02:58:49:bf:7e:07:58:3d:81:e8:79:5a:34:37:
de:1b:f3:bc:9f:e8:7d:45:f4:0b:bf:b1:f5:37:c2:
10:a8:dc:86:92:7a:b8:a8:aa:ef:35:a6:1e:b7:ee:
11:c4:ad:c4:89:39:2b:f1:1a:5e:53:2f:e7:22:a2:
90:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C0:64:0B:74:32:DE:7D:80:B8:32:29:81:95:45:F3:9F:0E:54:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1080::/48
Signature Algorithm: sha256WithRSAEncryption
09:03:bf:b1:9a:77:09:fd:e5:68:d7:aa:06:c3:2a:d0:97:0a:
88:36:11:db:d8:ef:77:39:e0:12:02:15:d5:8d:1a:82:ad:60:
ca:05:53:8d:bb:d2:41:ab:9b:a3:1b:97:0f:85:48:11:17:19:
dd:6d:bf:0d:aa:35:ed:ed:1a:fc:fa:d3:ae:d4:5a:11:a9:95:
ca:f5:21:99:ac:03:3f:1d:7a:4a:1c:9e:9c:2e:7d:d9:c1:1a:
11:d2:ef:f1:a1:8c:ce:62:9b:46:2c:5b:ca:7c:ec:18:d2:5c:
7a:10:12:06:ad:ab:de:7b:48:fd:f2:d5:95:e5:55:5e:ea:57:
0c:fb:35:9e:d9:1d:0e:a0:8e:3b:f2:42:7f:fe:2c:84:4c:91:
e3:01:f3:62:87:1e:8d:5f:43:e6:41:b3:d3:00:c6:fe:0f:7d:
68:1d:44:28:23:1f:ad:a2:eb:43:f9:ab:89:4f:8f:6b:fb:65:
43:2d:0a:08:cc:82:bf:4b:ac:54:f9:02:94:f8:2b:45:9a:9c:
cb:a0:cc:ad:ea:7c:ea:51:69:7a:31:69:3f:75:85:10:5c:5c:
0e:fc:0b:20:2b:02:fd:4d:82:56:bd:99:cf:92:53:39:d2:37:
63:52:4a:c0:c8:b1:10:7c:de:e7:59:cb:68:74:be:12:4e:47:
8f:76:84:52
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeEhYJUzWGP1TnySUPfgt7gUPfdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwNDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3ODlhNmY4NTdlNDBmYzVmOGVmOWJjZTkwNTdiNWVjY2JmNDM1NDgzMjFh
NmI2NzE3Nzk3MDFmY2U5MDlmY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuv7bPQDc7D5gZAAEpU3AZoqJcujsid0qiVRDslychA+WPvxuTtWete5pzE
IcTEG63LB0GWD0dh3HIlhf355aj1a/r8YOT4xQO7MZ4eXp6Cje3heZHj8QApA884
9A8II/tOL2+9VvEHiTLZlRUCeQzfPCX6+tJ+Fr47zo7h4+x1vBUE2HtiZqYR4bTC
xX5NmsXWWmrWY+eaP6uOHQqERjKRqs6k1zd+6CW073jSIVJMZ0MhDMJ6I2tuZx6B
7jyQ7OV3JAJYSb9+B1g9geh5WjQ33hvzvJ/ofUX0C7+x9TfCEKjchpJ6uKiq7zWm
HrfuEcStxIk5K/EaXlMv5yKikKMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRPwGQL
dDLefYC4MimBlUXznw5U2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJmZjRlNWUtOWU2NS00NGZjLWFmN2YtNGU0NDkzNWNlYjQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
gDANBgkqhkiG9w0BAQsFAAOCAQEACQO/sZp3Cf3laNeqBsMq0JcKiDYR29jvdzng
EgIV1Y0agq1gygVTjbvSQauboxuXD4VIERcZ3W2/Dao17e0a/PrTrtRaEamVyvUh
mawDPx16ShyenC592cEaEdLv8aGMzmKbRixbynzsGNJcehASBq2r3ntI/fLVleVV
XupXDPs1ntkdDqCOO/JCf/4shEyR4wHzYocejV9D5kGz0wDG/g99aB1EKCMfraLr
Q/mriU+Pa/tlQy0KCMyCv0usVPkClPgrRZqcy6DMrep86lFpejFpP3WFEFxcDvwL
ICsC/U2CVr2Zz5JTOdI3Y1JKwMixEHze51nLaHS+Ek5Hj3aEUg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:46:13 2026 by rpki-client