Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
File: ab7811c0-f548-43b8-897d-fac68de3433a.roa (raw, json)
Hash identifier: h4GeBDxDLuzdAuIr0mWOzfaNwG+TLMCSjT1YznuOGG0=
Subject key identifier: FF:B4:AE:82:FA:88:3A:E6:C4:EA:A8:4A:74:DC:A0:2C:6E:70:95:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CC1BD306526BCF07C050DE3664CD9557A8B8FB2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
Signing time: Sat 28 Feb 2026 06:00:53 +0000
ROA not before: Sat 28 Feb 2026 06:00:53 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:c1:bd:30:65:26:bc:f0:7c:05:0d:e3:66:4c:d9:55:7a:8b:8f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:53 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=33438a8f66268912a49fde58f761122cd4b39d713eb20511878a532a0889eb6f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:64:e6:ca:6c:6d:79:f3:39:e4:ad:10:94:d6:
1c:13:3b:16:bb:02:06:33:dd:fe:f0:5f:91:88:2a:
e0:7c:15:f7:9d:57:42:38:13:2a:a7:f9:7d:c5:e5:
66:dd:aa:29:af:0a:d1:6c:c9:7f:6f:cb:4b:5d:41:
27:d7:1d:e7:45:76:2c:f1:d6:ff:4e:e9:72:47:bd:
82:f6:cf:b3:c0:d9:56:a3:60:93:57:9e:2d:7b:f0:
08:bd:13:44:cb:51:1f:b6:5b:cc:b0:ac:0b:a5:b6:
25:c0:02:e4:3f:83:8b:9b:4a:d7:df:89:bd:f9:7f:
17:67:4c:4a:f3:11:ea:7e:86:a9:a2:79:41:d4:95:
65:8c:38:da:e0:3b:c6:d8:34:d4:34:f7:75:e3:ea:
52:98:25:29:28:d2:19:6e:ad:ff:a0:cd:12:24:78:
12:59:5c:a7:b8:5a:44:23:91:99:6d:57:d7:f7:a1:
16:59:50:65:fa:d8:24:9f:7a:98:83:aa:c0:af:60:
a5:03:ed:4a:15:34:7b:77:45:39:85:bd:eb:d5:91:
7b:5d:58:9f:1a:f2:62:0e:06:6c:09:37:3a:31:4d:
4e:85:43:78:4d:63:69:d6:8e:02:5c:7c:10:84:3b:
76:02:0f:57:47:f1:6c:08:55:37:60:14:ec:44:4e:
0a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B4:AE:82:FA:88:3A:E6:C4:EA:A8:4A:74:DC:A0:2C:6E:70:95:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/36
Signature Algorithm: sha256WithRSAEncryption
6b:2b:ea:48:30:07:33:e4:75:1c:55:4f:69:5a:ec:fd:ee:f7:
df:96:a8:77:2a:69:89:ce:6f:d4:ad:08:cc:cc:97:b6:fe:c1:
12:6b:5e:3f:41:4f:7f:61:49:bd:21:87:d6:90:ff:07:47:02:
1e:22:de:ba:3e:dc:15:76:4b:9a:fd:a5:f4:ae:fc:4d:a1:cb:
e0:96:ef:37:d8:75:d6:14:a6:e0:fd:b8:af:55:03:5c:9b:e6:
77:1b:d1:a9:a8:68:ad:5b:48:0c:ea:15:aa:6e:dd:23:92:17:
10:7b:98:b1:06:2d:c9:4f:02:32:52:8b:9d:dc:e5:3c:43:f3:
4b:2a:32:8e:25:6c:c1:bc:ff:3f:33:e0:92:75:37:6b:f6:4b:
76:f0:dc:49:7c:7e:3c:4d:39:20:58:ec:93:d0:13:0c:b8:d7:
3c:39:76:88:06:8b:bf:c6:92:3b:7b:21:1d:88:03:32:1f:03:
ce:95:b0:62:25:80:94:59:e4:39:aa:33:61:d3:39:be:04:ab:
e7:80:35:8f:0c:23:c4:99:12:32:9d:fe:de:ba:b8:ec:07:af:
34:81:70:2a:80:90:2c:7c:e3:92:ca:29:e8:45:9c:b9:44:79:
42:3c:d1:a2:47:23:53:48:98:96:7d:2a:a3:a7:0f:68:0e:2d:
41:53:46:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbMG9MGUmvPB8BQ3jZkzZVXqLj7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNDM4YThmNjYyNjg5MTJhNDlmZGU1OGY3NjExMjJjZDRiMzlkNzEzZWIy
MDUxMTg3OGE1MzJhMDg4OWViNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNk5spsbXnzOeStEJTWHBM7FrsCBjPd/vBfkYgq4HwV951XQjgTKqf5fcXl
Zt2qKa8K0WzJf2/LS11BJ9cd50V2LPHW/07pcke9gvbPs8DZVqNgk1eeLXvwCL0T
RMtRH7ZbzLCsC6W2JcAC5D+Di5tK19+Jvfl/F2dMSvMR6n6GqaJ5QdSVZYw42uA7
xtg01DT3dePqUpglKSjSGW6t/6DNEiR4Ellcp7haRCORmW1X1/ehFllQZfrYJJ96
mIOqwK9gpQPtShU0e3dFOYW969WRe11YnxryYg4GbAk3OjFNToVDeE1jadaOAlx8
EIQ7dgIPV0fxbAhVN2AU7EROCskCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/tK6C
+og65sTqqEp03KAsbnCVZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI3ODExYzAtZjU0OC00M2I4LTg5N2QtZmFjNjhkZTM0MzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQBrK+pIMAcz5HUcVU9pWuz97vfflqh3KmmJzm/U
rQjMzJe2/sESa14/QU9/YUm9IYfWkP8HRwIeIt66PtwVdkua/aX0rvxNocvglu83
2HXWFKbg/bivVQNcm+Z3G9GpqGitW0gM6hWqbt0jkhcQe5ixBi3JTwIyUoud3OU8
Q/NLKjKOJWzBvP8/M+CSdTdr9kt28NxJfH48TTkgWOyT0BMMuNc8OXaIBou/xpI7
eyEdiAMyHwPOlbBiJYCUWeQ5qjNh0zm+BKvngDWPDCPEmRIynf7eurjsB680gXAq
gJAsfOOSyinoRZy5RHlCPNGiRyNTSJiWfSqjpw9oDi1BU0Zv
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:48:08 2026 by rpki-client