Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
File: 6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa (raw, json)
Hash identifier: /TBqP0JxwtXUJkZxndY5+sdOVSKAbvhqzQ3lPdlxV1g=
Subject key identifier: 78:1D:50:65:4E:2E:ED:D4:7B:0D:52:18:DA:4D:1F:CD:88:C1:F6:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FC76E132F393040EBA0DB6622090B4DEC7772AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
Signing time: Sat 28 Feb 2026 05:41:29 +0000
ROA not before: Sat 28 Feb 2026 05:41:29 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:c7:6e:13:2f:39:30:40:eb:a0:db:66:22:09:0b:4d:ec:77:72:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:29 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=71ca8b154afe7b91e4c40fe544d49fee8f5452d61597401d7ada67645feeed47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9f:98:d3:17:1e:27:76:4c:94:91:7f:f2:b7:
f5:6e:84:d6:50:7e:ab:5e:4f:40:d4:eb:4f:d1:95:
ef:85:0b:75:5b:df:b5:9b:9b:6f:22:7f:f0:b4:9c:
c1:5a:97:7f:13:dc:e7:d2:6f:55:46:64:15:5e:b6:
b3:f8:39:5a:6f:54:4f:69:b6:1e:96:8a:49:43:e5:
36:11:e1:80:53:47:42:b1:94:1f:4f:a2:d3:e3:6a:
2e:56:16:e6:4b:d7:5b:bc:49:59:f2:3c:29:d1:08:
ae:b0:d3:d9:27:d8:4e:01:1d:78:a8:70:9b:a7:bc:
ec:c9:fc:f9:a7:30:27:c7:b7:67:59:3d:67:68:d2:
4b:7b:e0:c7:1a:58:a7:89:5d:8c:bc:1e:d9:0b:c2:
3d:75:7f:c5:f8:ae:1c:8e:14:c5:7a:07:8a:ae:fc:
11:08:51:c8:59:cb:35:67:1c:c7:09:62:25:be:c5:
e7:65:ad:d9:36:69:e9:c1:72:76:f9:96:1b:ea:6d:
bd:4f:9c:21:a2:67:81:89:c2:31:35:59:ee:25:64:
c2:8a:c7:45:6c:a4:3c:5b:0e:f6:4d:76:3f:e4:c4:
9a:95:6f:3a:ab:10:a6:de:80:f0:8b:4f:7f:3a:54:
03:bd:29:d0:ce:24:58:e2:7e:af:84:a9:10:6b:ff:
9b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:1D:50:65:4E:2E:ED:D4:7B:0D:52:18:DA:4D:1F:CD:88:C1:F6:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4040::/48
Signature Algorithm: sha256WithRSAEncryption
c8:c8:19:39:ba:d7:6d:8d:dc:aa:09:1b:0e:0d:be:f3:9a:6d:
f6:a7:7e:91:e3:34:07:fa:d2:54:94:3e:f1:d9:e0:52:4a:d3:
19:08:91:a5:90:e8:c0:b4:b7:88:6b:15:05:79:20:ab:8a:f8:
67:18:b2:b1:8e:bb:8d:85:fd:d4:01:a9:87:02:14:7a:a1:db:
70:36:0b:84:80:6b:fc:a2:f0:f6:e6:2c:f7:83:91:68:09:67:
29:fb:3a:05:c6:fe:df:8b:12:19:98:7b:63:db:c5:58:4b:c7:
6f:00:57:cc:b4:77:1d:2e:27:97:28:a2:f9:96:d6:d7:36:45:
0b:97:45:31:f9:32:3b:2b:ca:60:6a:23:63:4d:d0:7c:1f:64:
36:e1:cd:5b:84:23:d5:8c:e8:20:a8:19:af:bd:f3:51:36:da:
b5:c3:90:60:4e:e0:bc:da:c5:61:3b:e8:73:5e:61:a5:26:5b:
e5:76:a4:3c:5b:89:bf:dd:9a:fe:2d:ee:ca:6e:8b:af:ce:b8:
20:85:2c:3d:9a:e8:cc:ba:00:89:c0:fc:30:b7:a5:02:a0:58:
cf:45:73:9d:09:e3:e8:49:93:7e:6f:e2:60:37:b6:07:3d:dd:
08:6a:7b:00:16:b4:5d:32:33:55:30:98:67:fa:c0:60:8f:7c:
24:66:e6:05
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT8duEy85MEDroNtmIgkLTex3cqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxY2E4YjE1NGFmZTdiOTFlNGM0MGZlNTQ0ZDQ5ZmVlOGY1NDUyZDYxNTk3
NDAxZDdhZGE2NzY0NWZlZWVkNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyfmNMXHid2TJSRf/K39W6E1lB+q15PQNTrT9GV74ULdVvftZubbyJ/8LSc
wVqXfxPc59JvVUZkFV62s/g5Wm9UT2m2HpaKSUPlNhHhgFNHQrGUH0+i0+NqLlYW
5kvXW7xJWfI8KdEIrrDT2SfYTgEdeKhwm6e87Mn8+acwJ8e3Z1k9Z2jSS3vgxxpY
p4ldjLwe2QvCPXV/xfiuHI4UxXoHiq78EQhRyFnLNWccxwliJb7F52Wt2TZp6cFy
dvmWG+ptvU+cIaJngYnCMTVZ7iVkworHRWykPFsO9k12P+TEmpVvOqsQpt6A8ItP
fzpUA70p0M4kWOJ+r4SpEGv/mzUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR4HVBl
Ti7t1HsNUhjaTR/NiMH2STAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU0ZDk4OTAtYjRmNC00YjllLWE3MzQtYjYzZjUxNTM2MGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
QDANBgkqhkiG9w0BAQsFAAOCAQEAyMgZObrXbY3cqgkbDg2+85pt9qd+keM0B/rS
VJQ+8dngUkrTGQiRpZDowLS3iGsVBXkgq4r4ZxiysY67jYX91AGphwIUeqHbcDYL
hIBr/KLw9uYs94ORaAlnKfs6Bcb+34sSGZh7Y9vFWEvHbwBXzLR3HS4nlyii+ZbW
1zZFC5dFMfkyOyvKYGojY03QfB9kNuHNW4Qj1YzoIKgZr73zUTbatcOQYE7gvNrF
YTvoc15hpSZb5XakPFuJv92a/i3uym6Lr864IIUsPZrozLoAicD8MLelAqBYz0Vz
nQnj6EmTfm/iYDe2Bz3dCGp7ABa0XTIzVTCYZ/rAYI98JGbmBQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:37:38 2026 by rpki-client