Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
File: 6e236a15-c957-4409-8a2a-3a19150d1b43.roa (raw, json)
Hash identifier: wZWSdL6iDbxTBhIG1YnvlyuZFLeS4RaDI8JujbkslUM=
Subject key identifier: 09:44:21:0D:6E:31:C7:1C:3C:F0:3E:9C:EB:D0:88:C8:87:9A:33:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E7C930BEEF1296278F5FD8BF73F7AC576CC6683
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
Signing time: Fri 20 Feb 2026 01:40:05 +0000
ROA not before: Fri 20 Feb 2026 01:40:05 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:7c:93:0b:ee:f1:29:62:78:f5:fd:8b:f7:3f:7a:c5:76:cc:66:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:40:05 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=9bd89faf5fc96fd5b072f6a3ffd3e22aa559d54ec7e57d8527e5317929d24bb8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:fb:2a:1c:7e:79:d3:f3:5e:ab:7b:c5:d1:6b:
ce:4f:ce:b5:73:5a:61:49:61:ef:c7:04:9c:f5:85:
52:03:a1:1e:3f:78:30:6d:b5:53:85:fb:8c:a2:16:
74:58:2c:fa:db:29:b5:14:59:83:ac:6f:be:34:66:
3f:2a:e8:0c:4e:e2:29:0b:99:47:48:75:3e:15:6f:
f9:bb:24:78:ba:ef:55:53:08:e5:49:01:c1:3d:c7:
a7:fd:eb:8e:f7:7b:25:5e:01:c7:48:75:d3:01:61:
cd:12:6a:1a:28:2a:0a:39:f2:38:1b:de:bb:dd:29:
50:12:e6:ee:07:1d:95:f1:f7:cc:5f:eb:b6:b9:ce:
f4:3d:ce:46:c9:1c:19:34:15:a5:18:29:10:1f:b5:
90:14:e1:be:96:32:63:1f:90:1e:49:d4:6b:d9:04:
74:54:8a:86:94:27:4d:96:0b:6e:e9:81:61:29:5d:
93:23:fd:de:48:a5:a2:7a:e0:ba:18:ae:1f:22:8f:
35:0b:db:33:d6:e3:80:e5:13:c2:19:95:46:56:ff:
4d:8a:0d:3d:0c:62:fe:81:b9:e7:83:62:43:7f:92:
99:3b:fa:e6:f0:47:5f:6c:2d:4c:4e:e8:68:2d:29:
45:83:09:0a:c5:12:b4:40:c2:6c:e9:d7:21:0e:1e:
31:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:44:21:0D:6E:31:C7:1C:3C:F0:3E:9C:EB:D0:88:C8:87:9A:33:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
87:ea:7a:f0:91:0d:04:75:3b:90:75:08:cb:ea:4d:82:86:e7:
6f:b1:d4:bc:fb:6c:36:a1:d6:09:10:0c:bb:3d:37:5a:d6:48:
9e:c4:1d:24:a5:11:2a:22:b0:fd:fb:1a:6f:06:69:8c:87:c5:
81:e4:5e:d6:65:0c:41:c5:81:8c:2b:7f:7b:51:93:17:73:71:
3e:e6:1e:6f:0b:31:d8:a4:20:dd:f7:c8:6f:35:49:98:bd:e1:
53:16:18:89:41:1f:75:9d:b4:b3:97:bc:0c:38:72:ab:2b:ca:
07:e6:ea:21:a4:1d:af:14:40:de:36:a5:c5:bb:47:32:a7:a9:
f2:42:34:c0:60:80:be:fe:d9:a3:8e:38:a4:28:42:1e:93:41:
30:c3:9e:9c:78:0d:a6:8b:7f:79:eb:27:f5:4f:b0:9d:ed:7a:
fc:bc:e3:3d:c3:40:07:74:61:e7:56:b7:b8:9a:65:27:2a:fd:
9b:74:a1:a6:67:42:1f:33:db:f8:3f:39:93:6d:bc:5d:57:a0:
63:99:b0:ce:a8:c7:ef:a2:d8:0c:fe:d6:3b:1f:3d:30:56:53:
24:09:82:7b:84:b5:09:7b:6e:fc:3a:2c:49:4e:15:f6:48:9a:
67:80:20:09:44:01:e3:b5:d6:af:31:c2:67:c6:f6:14:3e:c3:
c0:12:5a:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHnyTC+7xKWJ49f2L9z96xXbMZoMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTQwMDVaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDliZDg5ZmFmNWZjOTZmZDViMDcyZjZhM2ZmZDNlMjJhYTU1OWQ1NGVjN2U1
N2Q4NTI3ZTUzMTc5MjlkMjRiYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO37Khx+edPzXqt7xdFrzk/OtXNaYUlh78cEnPWFUgOhHj94MG21U4X7jKIW
dFgs+tsptRRZg6xvvjRmPyroDE7iKQuZR0h1PhVv+bskeLrvVVMI5UkBwT3Hp/3r
jvd7JV4Bx0h10wFhzRJqGigqCjnyOBveu90pUBLm7gcdlfH3zF/rtrnO9D3ORskc
GTQVpRgpEB+1kBThvpYyYx+QHknUa9kEdFSKhpQnTZYLbumBYSldkyP93kilonrg
uhiuHyKPNQvbM9bjgOUTwhmVRlb/TYoNPQxi/oG554NiQ3+SmTv65vBHX2wtTE7o
aC0pRYMJCsUStEDCbOnXIQ4eMQMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQJRCEN
bjHHHDzwPpzr0IjIh5ozjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUyMzZhMTUtYzk1Ny00NDA5LThhMmEtM2ExOTE1MGQxYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCH6nrwkQ0EdTuQdQjL6k2ChudvsdS8+2w2odYJ
EAy7PTda1kiexB0kpREqIrD9+xpvBmmMh8WB5F7WZQxBxYGMK397UZMXc3E+5h5v
CzHYpCDd98hvNUmYveFTFhiJQR91nbSzl7wMOHKrK8oH5uohpB2vFEDeNqXFu0cy
p6nyQjTAYIC+/tmjjjikKEIek0Eww56ceA2mi3956yf1T7Cd7Xr8vOM9w0AHdGHn
Vre4mmUnKv2bdKGmZ0IfM9v4PzmTbbxdV6BjmbDOqMfvotgM/tY7Hz0wVlMkCYJ7
hLUJe278OixJThX2SJpngCAJRAHjtdavMcJnxvYUPsPAEloH
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:12:57 2026 by rpki-client