Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
File: 7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa (raw, json)
Hash identifier: RczwGvAqyxQlt4JAeQmdt6WXpksnkOuh1o6mN0m+/i4=
Subject key identifier: 15:7D:F4:C1:C7:92:5C:28:7F:3E:2E:8B:16:81:BD:4E:B1:EB:77:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C596D22E2EC84869685B966450F6985B990BBDD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
Signing time: Sat 28 Feb 2026 05:20:09 +0000
ROA not before: Sat 28 Feb 2026 05:20:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:59:6d:22:e2:ec:84:86:96:85:b9:66:45:0f:69:85:b9:90:bb:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=9ac526861122b1dcb0572c4dceb726904d655bbc032b4b31481b5027dbdb1498, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:07:7a:87:47:b3:69:8f:37:85:6b:d5:00:6d:
88:57:74:1c:da:ea:39:49:7f:98:ea:6f:d8:52:05:
f3:10:e5:0e:85:de:bc:1e:8c:cb:f0:d1:05:03:bb:
68:69:cb:65:65:b0:9a:dc:78:77:80:95:48:07:60:
db:2c:2b:e3:4d:d3:84:27:5f:87:9e:48:85:7c:4e:
e5:04:c2:bf:e8:a5:80:85:74:cf:ac:1f:a1:9c:ea:
84:8f:9a:e2:f2:7e:99:52:61:67:55:68:03:95:32:
6e:6b:82:d6:3f:d1:85:5e:cd:f9:36:66:9c:a9:71:
22:01:25:3b:8e:f2:e8:7a:95:8a:e0:f2:f1:50:aa:
25:2a:7a:9c:09:39:c9:a4:2c:70:7b:41:c7:db:65:
c6:a4:3c:a7:b3:fc:6d:f6:1c:30:2e:2f:9b:8d:18:
e0:a7:5a:f3:d1:91:7c:68:63:e5:45:53:f3:84:b5:
ec:41:cd:09:61:51:9f:2e:c0:c5:eb:a0:18:83:2f:
55:e5:59:37:ce:f0:37:51:ca:19:35:1e:ad:74:d1:
1f:ae:d6:7b:cd:51:9c:d8:ec:df:58:2b:09:5a:28:
62:d9:28:1e:58:bc:91:ce:cf:9d:95:aa:66:5b:13:
9f:2f:e9:20:76:c9:3a:32:28:2a:01:46:55:fe:d5:
e2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:7D:F4:C1:C7:92:5C:28:7F:3E:2E:8B:16:81:BD:4E:B1:EB:77:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
a0:53:07:83:35:1e:f7:ce:12:d2:94:b9:b9:92:cd:c4:ba:94:
40:b9:6b:50:24:69:81:7d:0c:de:71:14:11:6e:37:33:3f:28:
9a:0b:5d:e9:77:a9:a5:08:0b:f8:7c:d0:77:66:ea:46:41:36:
41:a0:d8:26:55:7f:37:cf:98:95:8a:5a:aa:ac:7a:7e:c6:22:
90:3a:39:0a:e0:a9:c3:9d:ef:7a:2f:21:ca:b6:9d:eb:41:59:
ad:26:a0:87:ab:5a:44:dc:2f:83:5c:e6:f6:87:3a:20:3a:d0:
de:90:dc:5f:69:07:8d:17:f5:79:4a:b7:7f:2c:92:25:0a:5c:
80:d1:ae:11:fd:57:f0:ea:c4:49:f3:a5:5e:4d:2e:97:19:e4:
39:cf:94:43:36:27:75:7a:5f:32:47:de:74:c5:8f:25:18:8b:
07:8c:f1:e8:d0:61:25:55:72:e8:d3:89:14:16:b1:11:92:e2:
f0:25:b7:6c:88:2e:23:dc:75:c1:07:a8:10:29:16:6b:a5:9c:
42:87:af:76:e0:92:f7:87:5d:54:35:93:20:20:6d:7b:87:b7:
17:45:9c:50:1c:09:f8:ac:ff:55:26:c6:ab:67:6f:c6:be:f7:
c9:37:d9:08:97:8b:2c:4a:9e:09:10:38:2b:c7:bd:f2:9d:b2:
fb:28:87:df
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbFltIuLshIaWhblmRQ9phbmQu90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhYzUyNjg2MTEyMmIxZGNiMDU3MmM0ZGNlYjcyNjkwNGQ2NTViYmMwMzJi
NGIzMTQ4MWI1MDI3ZGJkYjE0OTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEHeodHs2mPN4Vr1QBtiFd0HNrqOUl/mOpv2FIF8xDlDoXevB6My/DRBQO7
aGnLZWWwmtx4d4CVSAdg2ywr403ThCdfh55IhXxO5QTCv+ilgIV0z6wfoZzqhI+a
4vJ+mVJhZ1VoA5UybmuC1j/RhV7N+TZmnKlxIgElO47y6HqViuDy8VCqJSp6nAk5
yaQscHtBx9tlxqQ8p7P8bfYcMC4vm40Y4Kda89GRfGhj5UVT84S17EHNCWFRny7A
xeugGIMvVeVZN87wN1HKGTUerXTRH67We81RnNjs31grCVooYtkoHli8kc7PnZWq
ZlsTny/pIHbJOjIoKgFGVf7V4ssCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQVffTB
x5JcKH8+LosWgb1Oset35DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E2ZDVjNGQtNDBkZC00NTc3LTk1MjAtYTJhYzI4NmM4MTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
wDANBgkqhkiG9w0BAQsFAAOCAQEAoFMHgzUe984S0pS5uZLNxLqUQLlrUCRpgX0M
3nEUEW43Mz8omgtd6XeppQgL+HzQd2bqRkE2QaDYJlV/N8+YlYpaqqx6fsYikDo5
CuCpw53vei8hyrad60FZrSagh6taRNwvg1zm9oc6IDrQ3pDcX2kHjRf1eUq3fyyS
JQpcgNGuEf1X8OrESfOlXk0ulxnkOc+UQzYndXpfMkfedMWPJRiLB4zx6NBhJVVy
6NOJFBaxEZLi8CW3bIguI9x1wQeoECkWa6WcQoevduCS94ddVDWTICBte4e3F0Wc
UBwJ+Kz/VSbGq2dvxr73yTfZCJeLLEqeCRA4K8e98p2y+yiH3w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:57 2026 by rpki-client