Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
File: 979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa (raw, json)
Hash identifier: +AkDYAkkX15TJx9deGBjn/c8rns7fnYTjuqUUiuWTtQ=
Subject key identifier: B2:DB:4B:6D:B2:6E:31:23:79:50:43:92:75:E6:2E:09:EF:9A:C7:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B9CCED1384D9F4C060FC4BCF140294B51AE437B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
Signing time: Sat 28 Feb 2026 05:31:15 +0000
ROA not before: Sat 28 Feb 2026 05:31:15 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:9c:ce:d1:38:4d:9f:4c:06:0f:c4:bc:f1:40:29:4b:51:ae:43:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:15 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=3e6bd48eacf714c95c742c39b0997658e45c8aeb3ca159e301086ccd55012b51, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:85:a2:d3:cf:32:ce:63:fa:41:af:da:31:c7:
c4:af:41:b2:b6:cc:19:cf:fd:59:4a:fc:80:90:f9:
56:ac:f4:4e:e5:9c:4d:c2:b0:2c:b7:93:f9:e3:e3:
7e:2e:96:fb:a6:12:4b:39:28:55:9a:ec:2a:e0:3b:
d3:76:c4:f6:36:9c:de:e0:3c:e4:e1:b3:dd:e7:37:
a3:8d:8c:04:0a:1c:c8:5d:69:1b:9c:81:53:5b:81:
3c:a1:d5:12:a1:21:01:c1:01:a7:2e:3a:96:53:c8:
c7:81:09:35:97:18:93:2c:b7:5f:7e:80:e7:40:51:
18:b3:a9:1c:7d:5b:42:a6:bf:46:6f:25:48:62:98:
ce:11:d4:f1:56:b2:43:56:ae:82:e6:d5:0b:3a:b9:
bb:d5:7f:2c:ad:74:07:da:3f:d8:26:1c:0c:02:87:
79:1a:81:21:fb:ed:3b:19:2a:0f:50:e8:b5:01:76:
ed:1b:0a:f8:6a:9a:ff:3c:1e:8b:7e:f3:aa:b5:28:
76:be:2d:a2:bc:d1:68:d5:7a:a5:63:0a:28:6e:08:
f4:ba:50:3a:63:c6:a8:db:42:d5:9e:d1:5a:d9:18:
ec:64:43:8d:f7:c0:fe:69:15:8d:4a:a3:62:8d:0f:
f6:58:8e:81:a4:4a:0b:6a:5e:46:f5:1a:c2:e0:d0:
20:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DB:4B:6D:B2:6E:31:23:79:50:43:92:75:E6:2E:09:EF:9A:C7:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8040::/48
Signature Algorithm: sha256WithRSAEncryption
3b:60:8b:66:ee:16:f6:65:13:5a:ec:0d:36:2d:51:3a:a0:a4:
17:e6:1d:f6:3e:41:88:d0:b7:88:c7:57:3c:70:57:22:e6:2a:
0e:aa:f5:f1:cf:06:30:e9:43:62:ae:14:8a:d8:7c:9e:9c:c8:
d6:f6:b7:56:b6:97:66:82:9e:02:cd:3e:1d:72:76:39:c5:c9:
28:ee:99:e2:ae:ca:95:97:4f:fc:ca:a8:51:f3:db:66:db:a1:
11:66:be:99:f3:41:33:77:9d:b3:1a:3f:72:68:7d:1f:0d:8a:
65:de:f2:72:b7:66:aa:af:0d:d4:e5:26:9e:7e:9b:7b:a0:e1:
19:4b:a7:49:ee:27:0f:1e:0e:8c:92:2d:1a:b9:32:31:e8:91:
4a:89:96:8e:a2:fe:50:c3:de:33:33:55:b1:91:ae:a0:ed:56:
24:f5:e3:5f:13:ed:ce:33:bd:9f:75:02:4c:22:cf:d7:2e:67:
52:05:10:2d:ea:24:db:c6:b4:bd:c9:ae:eb:d1:70:39:f8:5f:
21:3a:5a:51:41:73:2f:af:67:2d:04:ae:03:6b:9d:05:28:f6:
6f:58:6e:90:e0:eb:97:af:ff:8f:13:cf:e1:33:c1:52:70:65:
a1:fd:8b:cb:9f:6a:e0:a6:11:13:43:34:b3:9a:b4:95:5e:01:
d7:31:a4:5d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC5zO0ThNn0wGD8S88UApS1GuQ3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMTVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlNmJkNDhlYWNmNzE0Yzk1Yzc0MmMzOWIwOTk3NjU4ZTQ1YzhhZWIzY2Ex
NTllMzAxMDg2Y2NkNTUwMTJiNTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOaFotPPMs5j+kGv2jHHxK9BsrbMGc/9WUr8gJD5Vqz0TuWcTcKwLLeT+ePj
fi6W+6YSSzkoVZrsKuA703bE9jac3uA85OGz3ec3o42MBAocyF1pG5yBU1uBPKHV
EqEhAcEBpy46llPIx4EJNZcYkyy3X36A50BRGLOpHH1bQqa/Rm8lSGKYzhHU8Vay
Q1augubVCzq5u9V/LK10B9o/2CYcDAKHeRqBIfvtOxkqD1DotQF27RsK+Gqa/zwe
i37zqrUodr4torzRaNV6pWMKKG4I9LpQOmPGqNtC1Z7RWtkY7GRDjffA/mkVjUqj
Yo0P9liOgaRKC2peRvUawuDQIPcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSy20tt
sm4xI3lQQ5J15i4J75rHxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc5YmM3M2YtN2Q4Ny00Y2ZhLTkzYmQtMDM3OGNmMWQ2YWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
QDANBgkqhkiG9w0BAQsFAAOCAQEAO2CLZu4W9mUTWuwNNi1ROqCkF+Yd9j5BiNC3
iMdXPHBXIuYqDqr18c8GMOlDYq4Uith8npzI1va3VraXZoKeAs0+HXJ2OcXJKO6Z
4q7KlZdP/MqoUfPbZtuhEWa+mfNBM3edsxo/cmh9Hw2KZd7ycrdmqq8N1OUmnn6b
e6DhGUunSe4nDx4OjJItGrkyMeiRSomWjqL+UMPeMzNVsZGuoO1WJPXjXxPtzjO9
n3UCTCLP1y5nUgUQLeok28a0vcmu69FwOfhfITpaUUFzL69nLQSuA2udBSj2b1hu
kODrl6//jxPP4TPBUnBlof2Ly59q4KYRE0M0s5q0lV4B1zGkXQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:01:29 2026 by rpki-client