Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fd7a5ed-37e9-48af-965f-a4b6d6af2b98.roa
File: 7fd7a5ed-37e9-48af-965f-a4b6d6af2b98.roa (raw, json)
Hash identifier: 8uVFxpNK0+/Ff43JP9Xt660edFCFrxupQhuF5OB0+OM=
Subject key identifier: FF:74:7A:95:E8:99:BF:19:85:DB:98:4D:FD:A7:81:7C:B9:EA:5C:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 036FA6DA50034ADFCACC79EC9A6CBB004336C256
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fd7a5ed-37e9-48af-965f-a4b6d6af2b98.roa
Signing time: Wed 25 Feb 2026 03:00:11 +0000
ROA not before: Wed 25 Feb 2026 03:00:11 +0000
ROA not after: Tue 26 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:6f:a6:da:50:03:4a:df:ca:cc:79:ec:9a:6c:bb:00:43:36:c2:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 25 03:00:11 2026 GMT
Not After : May 26 23:59:59 2026 GMT
Subject: serialNumber=18e7700161ad4b72392e88731a7dada3f9300afd798d1eb07835bbdd2fb8f3f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8e:fd:e7:ab:38:28:61:2d:a2:61:64:81:ce:
05:e7:97:15:67:45:d5:23:46:d8:da:cc:7c:19:6c:
a4:24:ac:03:d7:e7:1e:00:0b:e5:18:a7:f9:23:32:
d9:fd:0d:0e:92:d5:c4:15:a0:c1:44:8c:0c:e4:9e:
f8:e4:39:f8:e8:88:59:ac:03:5c:2d:f6:a8:fe:e2:
17:72:45:cd:7d:f9:1a:46:83:29:48:87:63:6c:e9:
11:6a:33:7f:58:19:84:d7:38:35:3a:4c:95:60:c4:
11:24:8e:fa:53:8d:f7:b8:ed:a7:b5:3d:62:1d:94:
95:ae:cb:6f:09:95:4f:26:19:35:b2:5f:c0:b3:7e:
fb:39:e1:d9:f0:05:2b:11:60:fe:28:c7:bd:29:70:
84:60:b8:f6:1a:33:43:a4:21:41:11:cd:aa:24:1d:
fd:11:41:80:b9:3d:7c:fb:16:90:6b:31:29:2e:02:
ee:1c:6e:6f:84:5a:a2:64:dc:ac:62:b2:2f:83:bd:
8c:f6:2d:76:84:a9:ee:b7:be:e5:58:bc:b0:48:f1:
20:86:fc:d3:5d:7e:89:60:10:81:fc:99:46:6b:33:
28:6e:4a:5b:e9:ea:d5:2d:1a:09:8d:a8:27:e0:c7:
16:e1:26:27:bb:05:9b:af:4f:04:da:8c:e0:2e:9a:
47:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:74:7A:95:E8:99:BF:19:85:DB:98:4D:FD:A7:81:7C:B9:EA:5C:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fd7a5ed-37e9-48af-965f-a4b6d6af2b98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:6000::/48
Signature Algorithm: sha256WithRSAEncryption
46:91:5a:41:69:da:1b:1b:56:cb:a5:32:e2:d8:3e:05:4c:ab:
a6:7d:64:de:a8:3e:a7:3b:c4:04:20:a8:42:0b:99:55:cf:98:
e9:8b:d0:6c:02:91:ee:50:de:82:1a:54:a9:71:44:84:79:ca:
33:8b:07:3f:56:81:68:d9:d3:41:32:d8:00:53:37:d8:25:4c:
05:94:e5:3c:2e:d9:03:3a:b8:63:6a:3e:4d:3b:54:37:8c:ae:
f5:83:7c:ff:50:7e:7d:98:ba:26:1e:0f:e5:0f:5a:e6:44:55:
83:a7:ec:e7:58:8e:ea:82:e6:96:70:83:08:b2:59:75:b5:59:
fb:c6:10:04:b6:6d:0f:2c:f2:c7:5b:fd:3a:cf:fb:3c:8c:f0:
b5:9e:03:2f:b7:6b:4d:fb:02:a0:32:23:20:e4:8a:99:36:bf:
40:cc:84:dc:28:19:b7:8d:1f:6d:4a:ae:b4:e9:38:d9:81:b9:
42:be:ab:ea:f4:c4:75:a6:a8:6e:13:6b:3b:48:64:48:13:30:
58:5c:9d:1f:42:11:66:5c:31:00:96:19:a4:0b:56:da:36:5d:
f4:9b:f9:be:b6:37:af:fd:6c:ad:6e:01:02:b0:8a:f6:2a:09:
5a:12:24:c7:4f:d0:97:20:c4:f3:bd:1b:2e:b2:42:9d:90:61:
ca:f8:ac:ff
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUA2+m2lADSt/KzHnsmmy7AEM2wlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjUwMzAwMTFaFw0yNjA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4ZTc3MDAxNjFhZDRiNzIzOTJlODg3MzFhN2RhZGEzZjkzMDBhZmQ3OThk
MWViMDc4MzViYmRkMmZiOGYzZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWO/eerOChhLaJhZIHOBeeXFWdF1SNG2NrMfBlspCSsA9fnHgAL5Rin+SMy
2f0NDpLVxBWgwUSMDOSe+OQ5+OiIWawDXC32qP7iF3JFzX35GkaDKUiHY2zpEWoz
f1gZhNc4NTpMlWDEESSO+lON97jtp7U9Yh2Ula7LbwmVTyYZNbJfwLN++znh2fAF
KxFg/ijHvSlwhGC49hozQ6QhQRHNqiQd/RFBgLk9fPsWkGsxKS4C7hxub4RaomTc
rGKyL4O9jPYtdoSp7re+5Vi8sEjxIIb8011+iWAQgfyZRmszKG5KW+nq1S0aCY2o
J+DHFuEmJ7sFm69PBNqM4C6aRw8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT/dHqV
6Jm/GYXbmE39p4F8uepcqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2ZkN2E1ZWQtMzdlOS00OGFmLTk2NWYtYTRiNmQ2YWYyYjk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gxg
ADANBgkqhkiG9w0BAQsFAAOCAQEARpFaQWnaGxtWy6Uy4tg+BUyrpn1k3qg+pzvE
BCCoQguZVc+Y6YvQbAKR7lDeghpUqXFEhHnKM4sHP1aBaNnTQTLYAFM32CVMBZTl
PC7ZAzq4Y2o+TTtUN4yu9YN8/1B+fZi6Jh4P5Q9a5kRVg6fs51iO6oLmlnCDCLJZ
dbVZ+8YQBLZtDyzyx1v9Os/7PIzwtZ4DL7drTfsCoDIjIOSKmTa/QMyE3CgZt40f
bUqutOk42YG5Qr6r6vTEdaaobhNrO0hkSBMwWFydH0IRZlwxAJYZpAtW2jZd9Jv5
vrY3r/1srW4BArCK9ioJWhIkx0/QlyDE870bLrJCnZBhyvis/w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:04 2026 by rpki-client