Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
File: b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa (raw, json)
Hash identifier: GHkCvXd2P6081OWYi4DtpwtH6AjJq/eK0HrsmMO062U=
Subject key identifier: 42:39:38:61:4E:CD:03:1F:A4:32:7A:27:35:14:69:3D:1C:E0:DB:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F6647F5A03E0C446050C077FE746068A4FE2A56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
Signing time: Sat 28 Feb 2026 06:00:49 +0000
ROA not before: Sat 28 Feb 2026 06:00:49 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:66:47:f5:a0:3e:0c:44:60:50:c0:77:fe:74:60:68:a4:fe:2a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:49 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=55d91a066bb1b89ed556b60ce764a75866c08a98df2a58bde35a62571e6e0389, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:65:3a:d1:fd:85:f6:76:21:21:1b:37:12:c4:
77:42:a5:b3:62:8a:10:b2:78:7b:c0:bf:26:14:cb:
6a:3a:65:4d:b2:4b:25:c5:2b:c5:7f:b4:e5:e6:7a:
5f:47:af:e1:af:7a:e1:a4:c5:f7:04:5b:b9:e4:ee:
0a:3a:7c:c2:44:f1:64:83:c5:69:70:b6:30:0f:2d:
10:df:0f:7f:74:65:9e:17:b3:59:ac:78:8f:19:d4:
40:8c:f5:78:7a:2a:b1:a2:7c:ad:89:5f:9a:d0:23:
5a:57:db:ad:28:54:dc:72:64:93:b3:73:86:56:f9:
04:64:d8:16:0a:5d:93:3d:26:38:aa:f2:fb:27:ea:
7a:28:d6:0b:9d:39:4f:24:93:97:4b:a9:a6:6d:52:
ab:4f:5b:b2:f5:f3:78:09:8c:f1:54:a6:0b:a7:73:
ca:e9:86:30:1e:76:08:01:d1:07:48:fd:2d:b3:fb:
c1:3a:fa:84:f1:48:d6:1e:89:76:45:41:5b:76:3e:
70:de:27:10:3e:de:5d:7e:86:8e:cd:83:0a:5f:22:
0f:1e:86:68:68:e4:05:2b:a7:3f:f2:c5:aa:81:a7:
da:1a:b9:52:12:03:53:d8:ac:50:7f:72:77:c8:c2:
82:71:9e:5c:39:73:e4:a3:14:cd:ba:39:a1:68:54:
5e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:39:38:61:4E:CD:03:1F:A4:32:7A:27:35:14:69:3D:1C:E0:DB:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c080::/48
Signature Algorithm: sha256WithRSAEncryption
b3:52:2f:0e:9e:e9:5d:10:78:e4:78:70:a8:bf:a9:04:8a:aa:
6e:bf:97:d4:43:03:19:c9:aa:ca:ef:0f:ef:a7:99:cd:cf:1b:
e7:2c:a9:15:fd:b3:b2:a7:5f:e4:8a:02:51:7d:e6:7e:82:2e:
a7:1a:6f:60:e8:83:f4:7b:20:22:a3:88:4f:44:8c:bc:76:4c:
8f:18:c2:8b:2c:ce:d9:78:b7:c0:34:4e:a8:11:50:b3:24:48:
60:06:3e:e4:4d:4e:1c:60:32:49:52:f8:b8:88:d0:bb:06:62:
d1:fc:77:ff:a9:0d:50:a6:58:7d:8a:4c:12:93:df:e2:ce:7c:
7a:d0:0e:69:4f:77:5e:6e:4d:a2:6e:43:08:a1:78:2d:d4:7e:
7a:d1:b9:eb:0b:2c:9b:69:1b:04:24:96:76:53:b4:c3:70:52:
b9:d7:cb:5e:7c:7b:a4:df:25:8e:16:e8:07:e5:54:d2:15:5d:
b9:91:e2:31:db:eb:1a:d8:4c:64:f2:28:59:94:11:80:58:95:
6a:ad:df:60:1c:fc:7a:b8:37:2e:d9:59:fb:64:04:c3:63:ec:
15:56:f6:6d:c7:2e:5b:15:7d:8b:de:ee:a5:6a:5b:20:db:46:
8b:59:c4:2f:f0:d7:6c:31:e7:d6:80:46:76:78:05:b6:c2:ab:
5b:00:62:31
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT2ZH9aA+DERgUMB3/nRgaKT+KlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1ZDkxYTA2NmJiMWI4OWVkNTU2YjYwY2U3NjRhNzU4NjZjMDhhOThkZjJh
NThiZGUzNWE2MjU3MWU2ZTAzODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOllOtH9hfZ2ISEbNxLEd0Kls2KKELJ4e8C/JhTLajplTbJLJcUrxX+05eZ6
X0ev4a964aTF9wRbueTuCjp8wkTxZIPFaXC2MA8tEN8Pf3RlnhezWax4jxnUQIz1
eHoqsaJ8rYlfmtAjWlfbrShU3HJkk7Nzhlb5BGTYFgpdkz0mOKry+yfqeijWC505
TySTl0uppm1Sq09bsvXzeAmM8VSmC6dzyumGMB52CAHRB0j9LbP7wTr6hPFI1h6J
dkVBW3Y+cN4nED7eXX6Gjs2DCl8iDx6GaGjkBSunP/LFqoGn2hq5UhIDU9isUH9y
d8jCgnGeXDlz5KMUzbo5oWhUXn8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRCOThh
Ts0DH6Qyeic1FGk9HODb5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllYTYyZDYtZGNlMy00Yzc0LWI5MzEtMGNjYTg3Y2NhZGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
gDANBgkqhkiG9w0BAQsFAAOCAQEAs1IvDp7pXRB45HhwqL+pBIqqbr+X1EMDGcmq
yu8P76eZzc8b5yypFf2zsqdf5IoCUX3mfoIupxpvYOiD9HsgIqOIT0SMvHZMjxjC
iyzO2Xi3wDROqBFQsyRIYAY+5E1OHGAySVL4uIjQuwZi0fx3/6kNUKZYfYpMEpPf
4s58etAOaU93Xm5Nom5DCKF4LdR+etG56wssm2kbBCSWdlO0w3BSudfLXnx7pN8l
jhboB+VU0hVduZHiMdvrGthMZPIoWZQRgFiVaq3fYBz8erg3LtlZ+2QEw2PsFVb2
bccuWxV9i97upWpbINtGi1nEL/DXbDHn1oBGdngFtsKrWwBiMQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:58 2026 by rpki-client