Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
File: 6bd3f603-c189-489c-bdf5-631b47b2cd39.roa (raw, json)
Hash identifier: HMn2tcsrK5yeT22k4AETfkx3RkOhcfZgKcm4/SuYohI=
Subject key identifier: 13:CE:0D:28:1A:6E:53:82:CE:72:0D:BD:F6:9A:40:CB:BF:3C:20:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C1D2A95BB866A3E1F063D525C599B121CEA554A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
Signing time: Sat 28 Feb 2026 05:10:32 +0000
ROA not before: Sat 28 Feb 2026 05:10:32 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:1d:2a:95:bb:86:6a:3e:1f:06:3d:52:5c:59:9b:12:1c:ea:55:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:32 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=fd756ee57948435e88132129d6ba93a875b4c786d571b8a8446e8a7002fdb5ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:68:00:97:38:47:14:58:c6:ad:d2:e2:4b:96:
89:38:0e:c8:91:c8:83:fe:35:76:e8:5a:de:52:b1:
aa:5a:d0:69:00:de:fe:3c:e7:6e:78:a0:89:7c:9b:
3f:ca:9f:86:2c:7c:8a:19:9a:f9:3b:c2:ff:cc:61:
c8:c5:ae:07:4a:23:0f:13:8c:35:00:ea:d8:a6:52:
85:18:6d:9b:7d:49:11:b9:0f:47:91:36:e1:d4:eb:
20:b7:d3:e4:3c:4a:bb:3d:7a:16:e1:83:df:4c:9e:
58:e8:65:6a:9c:0c:2b:46:12:c2:b3:6a:c0:72:f8:
7f:5e:82:56:43:52:93:c5:80:6e:d6:27:da:f9:1a:
cc:d7:6c:9f:38:01:e0:99:bc:27:b3:95:90:c9:a8:
18:4b:59:91:f4:d1:3b:c7:05:b6:e5:40:29:d6:56:
ec:69:33:dc:fa:36:9b:78:94:b8:08:4a:fc:1e:1a:
08:73:53:eb:0e:1c:47:2d:2f:6b:80:70:4a:09:e9:
d1:6e:9b:6f:f9:cf:80:93:e5:1e:4a:d4:53:ca:f1:
9f:18:d2:e4:3e:03:f4:11:d8:97:f4:c4:56:34:c2:
1d:1a:32:8f:72:9e:69:60:6c:75:de:cf:20:28:7e:
6a:b4:7a:e1:8b:39:9a:aa:67:fb:f0:4a:10:9a:60:
c8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:CE:0D:28:1A:6E:53:82:CE:72:0D:BD:F6:9A:40:CB:BF:3C:20:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
6e:70:06:8e:9f:c8:0e:50:64:9e:a6:31:73:91:eb:5c:d0:93:
d9:38:c0:16:5f:15:c2:c8:71:1b:32:fb:56:07:b5:6f:c6:8d:
5c:c2:ea:4f:6e:eb:5d:c9:a0:b5:2c:a8:b0:50:0c:29:f0:95:
18:61:be:bb:df:d2:d9:9d:d6:77:70:a7:c1:16:2f:77:64:15:
8c:fd:aa:71:e9:aa:2b:ec:01:eb:cf:97:0f:6d:88:bf:7c:9d:
a1:92:b5:c8:e5:e5:32:cd:8b:09:d8:77:c1:9d:e9:fe:8b:c0:
d1:39:82:6a:d1:62:7c:85:04:19:f5:2b:c0:84:87:c2:20:2d:
20:0a:95:0f:f4:01:89:6a:13:fc:4a:1d:d9:d4:e5:80:4f:48:
e9:4b:c9:9c:41:79:6d:a0:ed:46:4a:a1:2c:a3:62:d6:65:7d:
98:31:39:c5:6e:0b:88:24:e8:e4:5b:bc:6a:2e:25:94:3d:60:
77:93:e8:56:32:56:b5:e3:88:ad:36:30:03:0f:b4:29:a9:82:
a4:5c:a4:eb:52:84:11:ae:06:5e:c3:30:d0:f3:26:0d:93:5a:
ef:07:79:61:4a:3c:5c:1d:ee:25:ae:64:fa:8f:a5:ed:e0:ea:
bc:b1:b1:c3:75:11:84:e8:25:ef:43:62:d1:5a:25:d1:e7:df:
44:f6:05:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbB0qlbuGaj4fBj1SXFmbEhzqVUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMzJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkNzU2ZWU1Nzk0ODQzNWU4ODEzMjEyOWQ2YmE5M2E4NzViNGM3ODZkNTcx
YjhhODQ0NmU4YTcwMDJmZGI1Y2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRoAJc4RxRYxq3S4kuWiTgOyJHIg/41duha3lKxqlrQaQDe/jznbnigiXyb
P8qfhix8ihma+TvC/8xhyMWuB0ojDxOMNQDq2KZShRhtm31JEbkPR5E24dTrILfT
5DxKuz16FuGD30yeWOhlapwMK0YSwrNqwHL4f16CVkNSk8WAbtYn2vkazNdsnzgB
4Jm8J7OVkMmoGEtZkfTRO8cFtuVAKdZW7Gkz3Po2m3iUuAhK/B4aCHNT6w4cRy0v
a4BwSgnp0W6bb/nPgJPlHkrUU8rxnxjS5D4D9BHYl/TEVjTCHRoyj3KeaWBsdd7P
ICh+arR64Ys5mqpn+/BKEJpgyJkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQTzg0o
Gm5Tgs5yDb32mkDLvzwgfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmJkM2Y2MDMtYzE4OS00ODljLWJkZjUtNjMxYjQ3YjJjZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
wDANBgkqhkiG9w0BAQsFAAOCAQEAbnAGjp/IDlBknqYxc5HrXNCT2TjAFl8Vwshx
GzL7Vge1b8aNXMLqT27rXcmgtSyosFAMKfCVGGG+u9/S2Z3Wd3CnwRYvd2QVjP2q
cemqK+wB68+XD22Iv3ydoZK1yOXlMs2LCdh3wZ3p/ovA0TmCatFifIUEGfUrwISH
wiAtIAqVD/QBiWoT/Eod2dTlgE9I6UvJnEF5baDtRkqhLKNi1mV9mDE5xW4LiCTo
5Fu8ai4llD1gd5PoVjJWteOIrTYwAw+0KamCpFyk61KEEa4GXsMw0PMmDZNa7wd5
YUo8XB3uJa5k+o+l7eDqvLGxw3URhOgl70Ni0Vol0effRPYF5A==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:38 2026 by rpki-client