Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
File: 6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa (raw, json)
Hash identifier: LfmgCBzRgoAZ1g/M+0dFg3BKqOt7qbrkyZFt7JiaUZ8=
Subject key identifier: CF:40:83:30:44:8C:68:2B:6D:67:2D:94:8A:6B:60:AB:B1:C2:7E:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CE27D4CC00823323396BC57C471170B175EDB2A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
Signing time: Sat 28 Feb 2026 06:20:52 +0000
ROA not before: Sat 28 Feb 2026 06:20:52 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:e2:7d:4c:c0:08:23:32:33:96:bc:57:c4:71:17:0b:17:5e:db:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:52 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7378e5b5c1656736e19d428481b786297871cc1d88c0fd41f87cb15566fcb7eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3c:3e:64:ee:85:51:7e:61:d4:8b:8e:58:7d:
5f:d3:3d:4c:55:83:08:7a:c5:25:bb:76:1a:ac:af:
f0:e9:19:cb:7c:af:5b:d1:a5:00:c3:6b:98:87:31:
45:24:13:70:30:87:4f:04:b0:ea:03:d9:03:86:83:
8e:ef:81:b7:50:51:04:a1:03:e0:f5:4c:a9:02:9f:
47:4b:10:e0:0d:d4:cc:f3:33:1f:74:e8:43:a0:ec:
f4:2d:c8:8d:63:be:fb:b6:ba:28:76:17:69:fd:d7:
a8:ba:4d:5b:6a:a8:63:b3:51:b8:30:73:b6:f0:c6:
46:d2:3e:14:98:e2:1c:4c:7d:1e:bb:fe:10:de:18:
b0:3e:80:47:c2:a3:5e:ad:20:ef:63:11:aa:98:86:
3e:e3:29:8f:0d:06:2c:dd:36:00:ad:12:cd:5b:5c:
af:6c:58:bd:1b:9d:b2:86:d0:08:b0:ba:de:16:ff:
79:e9:c9:5f:31:a4:c3:f4:c0:0a:bc:6f:43:e7:48:
a5:ec:62:ab:5c:97:3d:a1:76:e6:5e:68:21:da:a3:
a2:ba:ff:4f:2e:27:d6:fc:d5:f4:8d:5b:3b:15:2a:
7a:da:72:33:3d:33:16:9f:6c:b1:c8:66:14:ee:8a:
97:d1:23:63:f4:2e:d5:8d:05:77:f2:3e:79:86:66:
d5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:40:83:30:44:8C:68:2B:6D:67:2D:94:8A:6B:60:AB:B1:C2:7E:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6fbb7303-c6a4-43da-bcdb-d26ab78c366e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2040::/48
Signature Algorithm: sha256WithRSAEncryption
90:9f:59:29:8f:c5:47:a0:34:dd:d6:38:e8:8a:12:26:59:3c:
c0:01:cc:4c:03:db:ec:2e:b1:2d:99:da:66:ef:9d:20:8a:35:
a9:e9:71:dc:e5:f7:1a:82:f1:f3:03:ef:4b:2f:e7:f2:da:19:
63:7d:93:5e:f3:a2:27:d3:36:0e:e9:da:b7:5c:59:86:71:6c:
18:a2:fd:b7:c7:b7:36:25:2e:22:d4:7c:fb:cc:f0:28:77:74:
30:d0:2d:b6:46:49:30:ff:6c:a4:81:85:7b:81:46:8c:48:7e:
4e:7c:6e:fc:26:c4:23:b7:a9:3f:cc:c3:8b:e4:54:45:82:50:
be:78:f0:df:12:ab:18:67:54:c7:c1:89:df:47:81:9e:12:22:
06:90:7d:d9:6f:a3:bd:46:89:16:35:71:e4:4a:12:8e:eb:80:
22:9b:1d:9e:46:34:23:6b:a4:62:68:5b:c9:e4:65:df:0d:25:
92:05:25:0c:a5:94:f5:7e:21:05:1f:3a:6c:4e:3e:70:3b:68:
6d:3c:1a:9e:76:82:6d:35:95:c8:64:7c:b4:9f:bb:76:f3:66:
3c:64:5a:ab:d8:48:d3:fb:f8:ce:68:d3:a3:d0:0b:1f:6d:8e:
fd:c8:24:8b:09:c4:de:8c:43:d5:21:25:ac:67:02:3a:1a:97:
f4:24:28:88
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfOJ9TMAIIzIzlrxXxHEXCxde2yowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwNTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDczNzhlNWI1YzE2NTY3MzZlMTlkNDI4NDgxYjc4NjI5Nzg3MWNjMWQ4OGMw
ZmQ0MWY4N2NiMTU1NjZmY2I3ZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALw8PmTuhVF+YdSLjlh9X9M9TFWDCHrFJbt2Gqyv8OkZy3yvW9GlAMNrmIcx
RSQTcDCHTwSw6gPZA4aDju+Bt1BRBKED4PVMqQKfR0sQ4A3UzPMzH3ToQ6Ds9C3I
jWO++7a6KHYXaf3XqLpNW2qoY7NRuDBztvDGRtI+FJjiHEx9Hrv+EN4YsD6AR8Kj
Xq0g72MRqpiGPuMpjw0GLN02AK0SzVtcr2xYvRudsobQCLC63hb/eenJXzGkw/TA
CrxvQ+dIpexiq1yXPaF25l5oIdqjorr/Ty4n1vzV9I1bOxUqetpyMz0zFp9sschm
FO6Kl9EjY/Qu1Y0Fd/I+eYZm1SECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTPQIMw
RIxoK21nLZSKa2CrscJ+XzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmZiYjczMDMtYzZhNC00M2RhLWJjZGItZDI2YWI3OGMzNjZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
QDANBgkqhkiG9w0BAQsFAAOCAQEAkJ9ZKY/FR6A03dY46IoSJlk8wAHMTAPb7C6x
LZnaZu+dIIo1qelx3OX3GoLx8wPvSy/n8toZY32TXvOiJ9M2Dunat1xZhnFsGKL9
t8e3NiUuItR8+8zwKHd0MNAttkZJMP9spIGFe4FGjEh+Tnxu/CbEI7epP8zDi+RU
RYJQvnjw3xKrGGdUx8GJ30eBnhIiBpB92W+jvUaJFjVx5EoSjuuAIpsdnkY0I2uk
YmhbyeRl3w0lkgUlDKWU9X4hBR86bE4+cDtobTwannaCbTWVyGR8tJ+7dvNmPGRa
q9hI0/v4zmjTo9ALH22O/cgkiwnE3oxD1SElrGcCOhqX9CQoiA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:11:38 2026 by rpki-client