Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa
File: 71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa (raw, json)
Hash identifier: fkOULBz7lw8BDyqYWUsVhMSHcERpkimfbxlho/JiqZg=
Subject key identifier: 93:36:19:80:8E:40:FD:B5:95:83:96:8B:07:F2:AA:33:7A:88:F4:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 352DC6ECE0E4F89E4D0836B4E68F0319EEFED2E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa
Signing time: Fri 06 Feb 2026 00:30:15 +0000
ROA not before: Fri 06 Feb 2026 00:30:15 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:2d:c6:ec:e0:e4:f8:9e:4d:08:36:b4:e6:8f:03:19:ee:fe:d2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:30:15 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=cbe37265b5f7de285bffb42cbbab3c0bf321b1eb509fe8c05788fb89fd356d10, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d5:85:9c:c7:d9:9d:68:8f:45:4c:db:5a:90:
53:c7:b5:4d:7d:6a:f4:66:24:97:80:d0:cd:16:76:
97:69:ec:7f:dc:18:54:95:02:bc:ac:69:45:42:c2:
bd:a1:49:34:44:94:5d:a3:35:d9:b7:e8:6b:b7:3c:
75:8e:ca:4f:e9:70:f4:bf:9e:0e:d3:a3:17:89:d9:
67:38:9a:4e:bc:7c:1e:29:dd:27:b2:87:6b:1b:0d:
9b:b6:cc:d9:29:2a:8a:69:ef:98:da:2d:2f:77:96:
c9:d4:bd:9e:ad:b3:2c:21:e7:13:6a:57:d8:e3:9b:
c9:75:89:0b:d4:79:47:ca:4f:70:8c:25:34:36:ce:
c3:cd:2c:c2:00:c3:be:cb:07:de:59:d4:92:3f:7b:
be:c9:8a:f8:ef:cf:a7:dd:15:6c:32:fd:25:44:79:
fb:30:61:6a:04:58:c1:6f:61:4c:bd:20:c8:c1:ef:
28:92:0e:cd:fb:ce:a9:13:39:d9:66:c0:5d:c9:b2:
85:26:cb:89:38:ab:32:0a:3f:f0:a9:8c:0b:f6:88:
eb:89:cf:e5:cb:d9:a3:e5:16:11:85:e6:47:c5:c2:
9d:66:e3:8c:f1:b5:16:54:5a:df:6c:75:8e:d2:a9:
49:9e:05:0a:a6:18:58:83:ae:95:3f:3e:b8:96:0f:
d8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:36:19:80:8E:40:FD:B5:95:83:96:8B:07:F2:AA:33:7A:88:F4:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/71d12ef8-96b3-4cc1-9b5b-b9b598cd18a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6080::/48
Signature Algorithm: sha256WithRSAEncryption
a9:4a:b5:d7:26:60:36:97:50:35:9e:90:7c:1f:b9:fd:68:98:
92:08:97:77:03:66:1d:19:b8:9d:45:2f:11:24:dc:cb:3c:54:
12:af:c2:2e:52:c7:b3:f6:e9:a7:4c:e7:07:16:5a:db:36:62:
f2:3c:b3:c8:e0:8d:1e:29:ee:e5:74:dc:3f:e7:89:3e:91:a2:
12:cb:53:e0:36:cf:6f:d8:2d:54:af:62:bc:7b:53:d4:15:48:
bf:77:6a:5d:d3:e3:2b:e9:38:05:7a:9a:ab:cb:c6:d0:88:3f:
65:cf:6e:29:45:73:9d:7a:b1:92:c8:b2:78:f1:53:85:84:d5:
ba:6b:44:ba:26:e1:1b:94:3f:5a:d2:0e:0c:2d:a3:72:23:13:
6a:da:11:db:f3:29:f8:04:62:24:b4:6d:c7:42:3e:25:05:8b:
dd:be:21:33:b9:68:e6:e0:da:18:0a:2e:3a:65:66:a1:8b:22:
3b:4c:3e:1b:ea:5a:8c:23:6a:df:d5:4c:fe:fe:83:97:42:4d:
2c:8a:09:78:04:31:69:01:0b:40:a3:bf:c6:20:49:09:64:16:
92:ee:c4:28:ff:91:e0:b2:92:fc:66:ae:96:9b:82:9d:3a:78:
34:fd:74:90:40:84:37:16:56:c4:ea:2b:75:23:e6:76:6a:18:
53:64:68:ac
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNS3G7ODk+J5NCDa05o8DGe7+0ugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDMwMTVaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiZTM3MjY1YjVmN2RlMjg1YmZmYjQyY2JiYWIzYzBiZjMyMWIxZWI1MDlm
ZThjMDU3ODhmYjg5ZmQzNTZkMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrVhZzH2Z1oj0VM21qQU8e1TX1q9GYkl4DQzRZ2l2nsf9wYVJUCvKxpRULC
vaFJNESUXaM12bfoa7c8dY7KT+lw9L+eDtOjF4nZZziaTrx8HindJ7KHaxsNm7bM
2SkqimnvmNotL3eWydS9nq2zLCHnE2pX2OObyXWJC9R5R8pPcIwlNDbOw80swgDD
vssH3lnUkj97vsmK+O/Pp90VbDL9JUR5+zBhagRYwW9hTL0gyMHvKJIOzfvOqRM5
2WbAXcmyhSbLiTirMgo/8KmMC/aI64nP5cvZo+UWEYXmR8XCnWbjjPG1FlRa32x1
jtKpSZ4FCqYYWIOulT8+uJYP2CkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSTNhmA
jkD9tZWDlosH8qozeoj0XDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzFkMTJlZjgtOTZiMy00Y2MxLTliNWItYjliNTk4Y2QxOGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
gDANBgkqhkiG9w0BAQsFAAOCAQEAqUq11yZgNpdQNZ6QfB+5/WiYkgiXdwNmHRm4
nUUvESTcyzxUEq/CLlLHs/bpp0znBxZa2zZi8jyzyOCNHinu5XTcP+eJPpGiEstT
4DbPb9gtVK9ivHtT1BVIv3dqXdPjK+k4BXqaq8vG0Ig/Zc9uKUVznXqxksiyePFT
hYTVumtEuibhG5Q/WtIODC2jciMTatoR2/Mp+ARiJLRtx0I+JQWL3b4hM7lo5uDa
GAouOmVmoYsiO0w+G+pajCNq39VM/v6Dl0JNLIoJeAQxaQELQKO/xiBJCWQWku7E
KP+R4LKS/GaulpuCnTp4NP10kECENxZWxOordSPmdmoYU2RorA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:17:34 2026 by rpki-client