Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
File: 6f78d89d-1d32-4176-8f3e-9966f674843e.roa (raw, json)
Hash identifier: jcThKIiaYhus4Jy9lCMLg+2+tbmOnwMHtkKZOELQu4g=
Subject key identifier: FD:38:22:62:94:5C:4F:FF:72:67:1A:41:F3:06:8E:FE:39:50:41:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A948413EDF125F0C08B66FFB30CCED92346F2B3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
Signing time: Sat 28 Feb 2026 05:40:08 +0000
ROA not before: Sat 28 Feb 2026 05:40:08 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:94:84:13:ed:f1:25:f0:c0:8b:66:ff:b3:0c:ce:d9:23:46:f2:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:08 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=76da541c29134e6970ba1f4abf4ec0bcc41396ceabce618f1d25577bdd077e26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ef:7e:d6:41:f9:90:39:02:62:4e:eb:4a:49:
ed:7a:9c:26:f0:1c:01:c1:ec:10:4c:e9:e6:20:52:
d6:51:23:0a:64:dd:3d:60:41:fe:67:e8:54:fe:74:
c3:5f:67:f8:94:6d:a1:50:b2:90:86:50:3d:e2:5d:
fd:b5:2c:51:12:73:78:eb:0d:79:d1:2e:09:bd:c9:
a6:91:fb:ab:85:4d:c5:86:60:5d:18:54:0a:ee:24:
39:87:14:1b:90:cc:50:c7:b2:b8:74:cc:10:f0:dd:
0f:98:68:1c:62:e7:de:70:5e:63:e5:86:7b:7e:95:
4f:0c:d6:ff:64:ae:62:c7:21:eb:9a:2f:98:6d:e6:
79:0c:5d:d2:a5:e7:64:7f:fe:98:d4:f5:52:7f:ed:
18:e9:69:e0:28:4f:af:6e:56:90:e2:02:84:2c:5f:
af:df:ee:79:60:6a:06:f0:de:05:ea:f2:dc:43:6e:
f3:5f:bc:73:ad:4a:cb:30:73:49:6d:b4:6e:27:50:
a9:86:e0:aa:48:a9:53:fc:c3:d5:5e:8f:f8:d8:fd:
e3:8f:e4:78:0f:1c:5b:84:4d:53:e1:f6:91:81:8f:
cf:c2:9a:92:f9:9c:84:99:9b:4b:25:a1:76:b9:1b:
6f:38:df:c1:6e:dd:0e:1b:26:f7:c0:14:29:e4:70:
6b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:38:22:62:94:5C:4F:FF:72:67:1A:41:F3:06:8E:FE:39:50:41:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071::/32
Signature Algorithm: sha256WithRSAEncryption
aa:37:09:81:03:31:8d:d0:73:65:65:8b:06:df:a0:4f:7a:ee:
87:9e:c4:f0:71:b7:5e:2b:81:66:ca:42:2e:a0:03:5f:63:6a:
6a:3a:d2:19:c9:21:72:68:08:fa:a1:36:df:34:aa:ca:c0:83:
d5:92:7d:54:2e:7e:dd:76:1b:a6:28:d5:43:10:87:ee:00:c3:
a7:f0:21:2d:26:8b:1b:56:cc:08:e0:59:23:65:ba:4c:aa:69:
ef:33:57:2d:27:97:dd:ee:66:06:b4:b7:e3:7c:63:50:69:8f:
32:8a:63:50:e7:3e:4f:cc:2a:da:66:e7:c7:8a:cd:13:88:62:
6a:db:64:0f:21:c2:84:5b:bb:e0:b1:f8:94:2f:1c:41:92:62:
72:57:08:aa:72:8a:91:6b:a5:2d:6a:81:88:92:2e:d8:56:fb:
b0:f3:49:88:90:21:ee:d0:dc:82:39:f8:b9:91:73:57:54:ed:
8c:89:85:f9:63:63:2a:51:64:a6:2e:49:62:40:1c:f1:c3:78:
db:a8:5b:63:0b:e5:41:38:97:72:8f:20:ca:15:cd:d1:2f:68:
23:2b:56:3b:24:f6:50:7b:08:84:6c:9a:9e:cb:0c:ae:52:5b:
62:f4:ce:47:5d:33:84:42:6b:9a:f1:df:72:26:ff:87:dd:cf:
64:4a:61:9a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUOpSEE+3xJfDAi2b/swzO2SNG8rMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwMDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2ZGE1NDFjMjkxMzRlNjk3MGJhMWY0YWJmNGVjMGJjYzQxMzk2Y2VhYmNl
NjE4ZjFkMjU1NzdiZGQwNzdlMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrvftZB+ZA5AmJO60pJ7XqcJvAcAcHsEEzp5iBS1lEjCmTdPWBB/mfoVP50
w19n+JRtoVCykIZQPeJd/bUsURJzeOsNedEuCb3JppH7q4VNxYZgXRhUCu4kOYcU
G5DMUMeyuHTMEPDdD5hoHGLn3nBeY+WGe36VTwzW/2SuYsch65ovmG3meQxd0qXn
ZH/+mNT1Un/tGOlp4ChPr25WkOIChCxfr9/ueWBqBvDeBery3ENu81+8c61KyzBz
SW20bidQqYbgqkipU/zD1V6P+Nj944/keA8cW4RNU+H2kYGPz8KakvmchJmbSyWh
drkbbzjfwW7dDhsm98AUKeRwa5sCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT9OCJi
lFxP/3JnGkHzBo7+OVBBLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY3OGQ4OWQtMWQzMi00MTc2LThmM2UtOTk2NmY2NzQ4NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HEw
DQYJKoZIhvcNAQELBQADggEBAKo3CYEDMY3Qc2VliwbfoE967oeexPBxt14rgWbK
Qi6gA19jamo60hnJIXJoCPqhNt80qsrAg9WSfVQuft12G6Yo1UMQh+4Aw6fwIS0m
ixtWzAjgWSNlukyqae8zVy0nl93uZga0t+N8Y1BpjzKKY1DnPk/MKtpm58eKzROI
YmrbZA8hwoRbu+Cx+JQvHEGSYnJXCKpyipFrpS1qgYiSLthW+7DzSYiQIe7Q3II5
+LmRc1dU7YyJhfljYypRZKYuSWJAHPHDeNuoW2ML5UE4l3KPIMoVzdEvaCMrVjsk
9lB7CIRsmp7LDK5SW2L0zkddM4RCa5rx33Im/4fdz2RKYZo=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:04 2026 by rpki-client