Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
File: 6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa (raw, json)
Hash identifier: rydF79duoxU8iysQGF1/FifjoKmkV2Ab1ZBtpGkT0ts=
Subject key identifier: 87:C7:68:F8:CA:9E:9E:D4:C3:43:78:BC:52:CE:86:A3:A5:03:5A:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B0878B29C54DBA6D5863A0AE1E4BF3DBC7743A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
Signing time: Sat 28 Feb 2026 05:50:05 +0000
ROA not before: Sat 28 Feb 2026 05:50:05 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:08:78:b2:9c:54:db:a6:d5:86:3a:0a:e1:e4:bf:3d:bc:77:43:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:05 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=99770ea8f204befbcbd867c7aef57cce9819958ba2aead0eca29074613c3b9fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5c:5e:57:b6:59:17:97:dd:3b:d7:73:64:31:
db:1d:d2:fd:21:7d:2f:ce:63:2b:77:3b:66:9c:99:
72:da:b2:2e:cf:11:b0:c4:e0:f7:18:28:71:f5:bf:
8d:ea:09:72:e0:3a:42:3c:86:a5:3f:99:54:24:b6:
4a:21:e6:02:10:51:6b:ed:ce:c2:42:88:a6:20:de:
a8:d1:af:86:16:3a:31:4c:82:e9:8c:4b:f2:c0:55:
14:d9:d9:8e:d1:fc:ae:5b:69:07:6c:f3:22:11:60:
5f:0c:1f:52:c2:78:ab:a4:68:f2:5a:3c:22:4e:1a:
79:17:f3:eb:88:9b:f3:18:81:3e:f2:d0:9b:f0:35:
0b:7b:2b:ef:0c:3a:96:dd:12:ea:41:b6:23:92:8a:
a8:e3:d3:11:37:21:36:6f:ab:0d:d9:d2:37:e3:bc:
16:8f:81:f1:87:e1:18:93:5f:42:7b:7a:ef:7c:b6:
32:c5:7d:a9:94:56:57:43:52:61:0f:35:3b:14:15:
f7:d5:1a:85:df:2d:75:26:c8:25:48:91:d9:96:a2:
c5:d1:e4:e5:84:c4:be:c7:34:36:e9:11:26:39:3e:
a6:b8:6b:4f:26:87:cf:4c:07:ad:00:5f:c8:c9:17:
19:56:94:d5:a8:2d:63:75:91:54:59:70:af:e9:19:
d9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C7:68:F8:CA:9E:9E:D4:C3:43:78:BC:52:CE:86:A3:A5:03:5A:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2080::/48
Signature Algorithm: sha256WithRSAEncryption
8b:ec:4f:00:2c:90:89:9d:13:24:62:21:8a:16:30:cc:e9:57:
27:95:2f:1f:78:9f:68:c3:e7:d1:da:ef:d8:00:41:7b:f5:67:
42:6f:b7:24:9a:18:d5:a8:39:6e:a4:07:9d:50:65:f1:38:28:
c1:85:62:3b:95:f1:23:ba:2b:98:9d:c5:2b:24:dd:fe:e1:1a:
e9:86:94:40:ce:60:a3:3b:8b:fa:e1:e1:a2:b3:2b:2e:f7:0a:
dd:1f:a9:b8:3f:55:25:7d:d1:ab:f2:65:a1:36:35:6b:c0:e2:
d6:24:59:66:08:52:61:3f:d1:a9:8f:40:9c:b9:0e:74:a7:52:
cf:e5:4c:32:76:54:57:40:5e:a1:0f:61:55:70:53:ac:6c:8b:
bc:ba:a2:e0:e0:d6:ac:d5:d0:ea:3f:92:8f:fe:6b:43:ac:57:
9b:97:db:13:6b:3c:0c:36:37:ed:cb:f0:1d:86:e0:53:7c:4c:
39:ae:8e:b6:42:5a:f2:e1:c6:d5:80:85:0f:2e:3a:a4:9d:bf:
a5:98:75:65:9a:3e:9d:6e:4f:c2:db:45:25:59:82:9b:0b:9d:
fd:90:ac:be:3f:67:cb:af:c9:27:49:10:b2:25:49:f3:ca:15:
12:dc:5e:af:75:64:cb:ed:a9:8e:23:90:94:60:1b:74:b2:fa:
e6:a4:e5:f2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGwh4spxU26bVhjoK4eS/Pbx3Q6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwMDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NzcwZWE4ZjIwNGJlZmJjYmQ4NjdjN2FlZjU3Y2NlOTgxOTk1OGJhMmFl
YWQwZWNhMjkwNzQ2MTNjM2I5ZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNcXle2WReX3TvXc2Qx2x3S/SF9L85jK3c7ZpyZctqyLs8RsMTg9xgocfW/
jeoJcuA6QjyGpT+ZVCS2SiHmAhBRa+3OwkKIpiDeqNGvhhY6MUyC6YxL8sBVFNnZ
jtH8rltpB2zzIhFgXwwfUsJ4q6Ro8lo8Ik4aeRfz64ib8xiBPvLQm/A1C3sr7ww6
lt0S6kG2I5KKqOPTETchNm+rDdnSN+O8Fo+B8YfhGJNfQnt673y2MsV9qZRWV0NS
YQ81OxQV99Uahd8tdSbIJUiR2ZaixdHk5YTEvsc0NukRJjk+prhrTyaHz0wHrQBf
yMkXGVaU1agtY3WRVFlwr+kZ2S0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHx2j4
yp6e1MNDeLxSzoajpQNatzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmI0ZjViMDYtZWJkOS00NjczLThkYjEtOGU3MmRmOTljOTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
gDANBgkqhkiG9w0BAQsFAAOCAQEAi+xPACyQiZ0TJGIhihYwzOlXJ5UvH3ifaMPn
0drv2ABBe/VnQm+3JJoY1ag5bqQHnVBl8TgowYViO5XxI7ormJ3FKyTd/uEa6YaU
QM5gozuL+uHhorMrLvcK3R+puD9VJX3Rq/JloTY1a8Di1iRZZghSYT/RqY9AnLkO
dKdSz+VMMnZUV0BeoQ9hVXBTrGyLvLqi4ODWrNXQ6j+Sj/5rQ6xXm5fbE2s8DDY3
7cvwHYbgU3xMOa6OtkJa8uHG1YCFDy46pJ2/pZh1ZZo+nW5PwttFJVmCmwud/ZCs
vj9ny6/JJ0kQsiVJ88oVEtxer3Vky+2pjiOQlGAbdLL65qTl8g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:55:41 2026 by rpki-client