Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
File: b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa (raw, json)
Hash identifier: 0pxViqOnIIR3oN2oFY/XT3Sz1qh0thxZHtXQtfyklmc=
Subject key identifier: 05:A7:5E:BB:01:FB:FA:FD:B3:74:19:8D:E5:7B:CD:38:71:8E:0C:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0611948FDFF722587704D7378B2E04CB37EB1C67
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
Signing time: Sat 28 Feb 2026 06:01:14 +0000
ROA not before: Sat 28 Feb 2026 06:01:14 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:11:94:8f:df:f7:22:58:77:04:d7:37:8b:2e:04:cb:37:eb:1c:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:14 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=564f3ca98f6fd3c3b73bd5c0cbbf4ad980f0b27b01841873b54b43580bfed9ac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c7:15:12:ec:18:fe:50:1e:2a:1d:a5:f7:b7:
b2:22:35:56:74:d8:13:e3:82:df:20:7a:6e:b0:8a:
87:59:4c:50:a1:ff:eb:81:df:e9:bc:e1:54:0c:02:
d8:3a:de:34:64:4a:1e:c2:4d:1b:f4:fa:22:f3:18:
62:3a:cd:35:0b:dd:4c:72:1a:86:fd:f8:bc:c0:62:
9e:c5:2d:12:4d:70:ee:e9:7f:4c:48:d4:c8:1d:8c:
f6:14:8b:ba:e6:52:b3:cd:07:2e:33:c3:bc:2c:a0:
21:c5:80:9b:8f:a0:f0:83:15:33:3d:3f:f2:e0:cc:
67:fb:bd:95:94:04:95:88:05:d0:e7:59:a7:d2:5b:
42:8e:73:12:0f:39:26:bf:0d:a0:53:35:22:99:d6:
9d:b0:97:b6:ee:77:f9:12:f7:13:ca:b4:d6:d4:99:
86:56:6c:81:a0:2a:a8:62:3d:59:c0:cb:be:25:2f:
07:ff:1c:0c:b0:64:18:c5:62:08:84:76:24:9f:39:
35:7c:8b:ea:31:1e:fc:2b:66:d9:db:27:cb:d9:cb:
82:99:fa:e1:84:ff:bb:ba:ec:f4:05:74:d6:21:6d:
70:21:59:4b:72:e9:ab:2f:14:6f:b9:49:f7:f4:df:
ea:6e:1e:60:8c:55:d2:71:15:48:40:e6:e3:34:8d:
d2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A7:5E:BB:01:FB:FA:FD:B3:74:19:8D:E5:7B:CD:38:71:8E:0C:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
36:05:27:3a:56:8e:17:f3:7c:02:70:ae:e2:80:58:97:0b:f6:
01:67:e7:13:20:fa:12:3b:b0:22:80:ae:fc:14:bf:c4:03:e6:
e8:56:78:d5:9c:29:8e:a6:08:6f:fe:1f:4d:54:81:78:8c:58:
44:9d:2a:df:ef:7e:38:a9:dc:b2:3f:b6:13:a6:61:0c:81:f7:
d7:4a:c8:65:fa:84:ba:34:3c:22:c8:f6:45:a4:51:3d:99:f0:
fd:b1:45:38:36:a4:98:42:ce:ac:0b:d7:58:a3:c0:4c:6f:24:
1c:d4:94:c7:63:10:98:63:4c:ea:3f:a0:60:bb:59:24:7d:b7:
a7:50:07:06:0e:cb:d5:ee:93:76:02:7a:cb:4a:19:35:8d:98:
46:91:ac:bf:f5:fe:d8:85:4f:74:09:d3:62:1e:7e:aa:32:a1:
d0:42:40:9f:3d:19:0a:ac:03:ae:b4:15:1b:47:68:3a:83:e1:
ba:a0:91:60:a8:b1:20:ee:19:67:77:91:38:3a:48:89:fd:df:
d9:1a:f3:39:98:c5:0e:39:0d:06:bb:63:08:49:e8:db:40:a2:
42:7a:82:80:06:2d:31:d4:88:36:41:84:45:84:33:bc:f1:69:
f0:40:2c:5b:21:0e:1e:10:b9:36:62:1f:ca:e1:61:d3:bb:5d:
05:6f:9e:99
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBhGUj9/3Ilh3BNc3iy4EyzfrHGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2NGYzY2E5OGY2ZmQzYzNiNzNiZDVjMGNiYmY0YWQ5ODBmMGIyN2IwMTg0
MTg3M2I1NGI0MzU4MGJmZWQ5YWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnHFRLsGP5QHiodpfe3siI1VnTYE+OC3yB6brCKh1lMUKH/64Hf6bzhVAwC
2DreNGRKHsJNG/T6IvMYYjrNNQvdTHIahv34vMBinsUtEk1w7ul/TEjUyB2M9hSL
uuZSs80HLjPDvCygIcWAm4+g8IMVMz0/8uDMZ/u9lZQElYgF0OdZp9JbQo5zEg85
Jr8NoFM1IpnWnbCXtu53+RL3E8q01tSZhlZsgaAqqGI9WcDLviUvB/8cDLBkGMVi
CIR2JJ85NXyL6jEe/Ctm2dsny9nLgpn64YT/u7rs9AV01iFtcCFZS3Lpqy8Ub7lJ
9/Tf6m4eYIxV0nEVSEDm4zSN0gUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQFp167
Afv6/bN0GY3le804cY4MqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBjYjY2MWMtNDNjMy00YzJhLTg2ZTMtY2M4ODY0MmQ2MzE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
wDANBgkqhkiG9w0BAQsFAAOCAQEANgUnOlaOF/N8AnCu4oBYlwv2AWfnEyD6Ejuw
IoCu/BS/xAPm6FZ41ZwpjqYIb/4fTVSBeIxYRJ0q3+9+OKncsj+2E6ZhDIH310rI
ZfqEujQ8Isj2RaRRPZnw/bFFODakmELOrAvXWKPATG8kHNSUx2MQmGNM6j+gYLtZ
JH23p1AHBg7L1e6TdgJ6y0oZNY2YRpGsv/X+2IVPdAnTYh5+qjKh0EJAnz0ZCqwD
rrQVG0doOoPhuqCRYKixIO4ZZ3eRODpIif3f2RrzOZjFDjkNBrtjCEno20CiQnqC
gAYtMdSINkGERYQzvPFp8EAsWyEOHhC5NmIfyuFh07tdBW+emQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:45 2026 by rpki-client