Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
File: 6a2f7401-8559-4633-8579-cca77d6fa971.roa (raw, json)
Hash identifier: /K9lpCoKgLjW9NhzrdJXpn2HBmGLtH0Ssn0HEswOwQw=
Subject key identifier: 82:56:DE:2C:F0:DF:EE:E9:DB:BC:43:40:26:D5:7A:4A:C8:3B:47:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 460E33F0357B4CB0809B9A97A61766993B82EF77
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
Signing time: Sat 28 Feb 2026 05:20:07 +0000
ROA not before: Sat 28 Feb 2026 05:20:07 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:0e:33:f0:35:7b:4c:b0:80:9b:9a:97:a6:17:66:99:3b:82:ef:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:07 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=532fd558b60a2842d85d5c8bea3f96b707a18eafdd05c515f020aa9a07f81dcc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4e:62:31:2a:54:90:36:00:6a:b9:25:14:b2:
79:5e:0e:28:20:dd:9b:6f:25:27:02:50:25:3c:39:
db:fe:68:f3:42:d0:a6:2a:c3:db:90:a2:d4:ca:29:
11:1f:45:cc:ad:59:12:a0:70:4b:ca:8a:f1:a6:df:
14:27:f4:04:ed:60:67:d5:b4:b5:2f:0e:0d:06:78:
29:3b:76:1a:cf:c1:fa:99:18:0f:2d:f4:0e:25:3a:
3d:73:a8:5d:1f:f0:6a:b0:31:57:a0:b7:e8:74:ed:
e9:62:ad:c0:78:a9:e1:29:ea:f9:3a:f0:21:2f:82:
e1:4d:a3:5b:23:f3:11:05:1f:a7:2d:de:ca:77:9a:
57:1d:05:ed:ed:9c:af:32:8f:15:16:9b:5f:6f:a3:
8e:e8:1c:28:80:a6:ef:3a:11:f6:ec:ee:e5:b8:0f:
a6:9b:2e:99:b7:1e:67:86:1d:69:09:68:50:44:21:
d2:67:1e:e2:40:43:8f:5a:45:31:f8:89:38:27:4a:
0e:39:fd:79:0a:ac:24:ee:d7:90:52:af:64:06:0d:
63:2e:6f:9e:ac:c5:c7:4d:35:a2:69:d5:fe:0a:ae:
f4:a9:25:a2:53:36:ee:90:32:88:4e:b9:00:77:a5:
ea:ce:94:6b:44:1c:90:1d:d4:04:88:0e:42:20:d6:
ee:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:56:DE:2C:F0:DF:EE:E9:DB:BC:43:40:26:D5:7A:4A:C8:3B:47:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a::/36
Signature Algorithm: sha256WithRSAEncryption
7d:24:23:76:bc:86:da:61:de:19:be:38:a2:57:4d:97:b8:76:
15:dc:bf:72:6e:3b:42:e3:c6:01:25:4c:1d:4d:f6:3b:4f:5f:
10:68:83:30:56:7c:ec:35:a7:32:ed:64:e6:72:cf:4e:14:f4:
0b:fd:80:77:06:1a:7a:0b:c3:f0:9e:22:ee:ec:d5:b9:ed:9a:
ac:29:87:37:92:ca:2c:62:31:e8:7d:f0:f9:d7:ef:5a:94:2c:
0a:be:f2:7b:32:0a:fa:2a:0e:9f:8c:9a:7a:d1:c3:7c:95:a1:
96:8c:6f:a2:5b:1a:74:f2:6f:5d:e6:4a:ed:0c:38:26:05:f6:
64:a1:e6:9d:97:37:08:be:56:a3:d2:58:67:a1:4e:9c:f2:fe:
cf:9e:4d:c0:ec:f6:1a:c7:8f:44:0f:10:25:b5:e0:b0:e9:92:
e1:c8:94:bb:67:ef:5e:cd:05:f5:5b:fd:42:1d:38:3b:30:0e:
f1:8c:f8:bf:cf:fc:2c:11:13:4c:e9:fb:7e:cc:a2:ea:0f:56:
1c:08:66:df:1d:b1:dd:a0:d8:ac:21:c3:59:3e:2e:0e:26:6e:
e4:bf:17:9f:da:dc:80:22:d7:8b:2d:bd:cf:97:28:db:b9:db:
16:5e:ad:4e:c4:75:4f:de:4a:e5:23:5f:c6:4a:2c:7c:79:74:
17:72:7a:55
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURg4z8DV7TLCAm5qXphdmmTuC73cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMmZkNTU4YjYwYTI4NDJkODVkNWM4YmVhM2Y5NmI3MDdhMThlYWZkZDA1
YzUxNWYwMjBhYTlhMDdmODFkY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtOYjEqVJA2AGq5JRSyeV4OKCDdm28lJwJQJTw52/5o80LQpirD25Ci1Mop
ER9FzK1ZEqBwS8qK8abfFCf0BO1gZ9W0tS8ODQZ4KTt2Gs/B+pkYDy30DiU6PXOo
XR/warAxV6C36HTt6WKtwHip4Snq+TrwIS+C4U2jWyPzEQUfpy3eyneaVx0F7e2c
rzKPFRabX2+jjugcKICm7zoR9uzu5bgPppsumbceZ4YdaQloUEQh0mce4kBDj1pF
MfiJOCdKDjn9eQqsJO7XkFKvZAYNYy5vnqzFx001omnV/gqu9KklolM27pAyiE65
AHel6s6Ua0QckB3UBIgOQiDW7i0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSCVt4s
8N/u6du8Q0Am1XpKyDtHBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEyZjc0MDEtODU1OS00NjMzLTg1NzktY2NhNzdkNmZhOTcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BoA
MA0GCSqGSIb3DQEBCwUAA4IBAQB9JCN2vIbaYd4ZvjiiV02XuHYV3L9ybjtC48YB
JUwdTfY7T18QaIMwVnzsNacy7WTmcs9OFPQL/YB3Bhp6C8PwniLu7NW57ZqsKYc3
ksosYjHoffD51+9alCwKvvJ7Mgr6Kg6fjJp60cN8laGWjG+iWxp08m9d5krtDDgm
BfZkoeadlzcIvlaj0lhnoU6c8v7Pnk3A7PYax49EDxAlteCw6ZLhyJS7Z+9ezQX1
W/1CHTg7MA7xjPi/z/wsERNM6ft+zKLqD1YcCGbfHbHdoNisIcNZPi4OJm7kvxef
2tyAIteLLb3PlyjbudsWXq1OxHVP3krlI1/GSix8eXQXcnpV
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:32:19 2026 by rpki-client