Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
File: bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa (raw, json)
Hash identifier: BmG4AEKlJN+wL/hZtjGkXS2hC/JGSC+i+T9rZUqtHeI=
Subject key identifier: AE:20:B6:CD:96:55:9B:5D:7F:14:07:9D:74:D4:9E:83:34:7C:8A:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62F25DE6B0B8E9577CD10F3424816B843F5F1783
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
Signing time: Sat 28 Feb 2026 06:10:13 +0000
ROA not before: Sat 28 Feb 2026 06:10:13 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:f2:5d:e6:b0:b8:e9:57:7c:d1:0f:34:24:81:6b:84:3f:5f:17:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:13 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f4bea48cebef2d089eb58e3f095f5c5276f63f1d0f8f729cdc49705b198b864f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ee:6c:50:09:62:10:35:00:0b:6c:e9:3e:72:
60:60:cd:40:17:1d:98:11:ca:ea:b4:de:e1:f9:39:
38:65:65:19:93:71:99:41:05:95:f3:32:ef:b7:2e:
97:e5:5c:ac:86:f4:6a:2d:e6:42:fa:5c:90:8d:f4:
5e:f7:ad:b5:12:2a:9d:01:66:35:9e:a8:e4:4b:e8:
b0:7b:db:0b:23:ef:b0:44:4e:79:b2:03:ab:ac:89:
9f:b8:46:b4:95:52:66:dd:1a:11:6d:d0:2c:ae:2d:
09:82:32:42:7c:9f:61:ed:09:e7:a5:38:1a:b2:d3:
e5:4b:89:b4:8c:76:c8:8a:d4:4d:59:16:e1:c7:ee:
c1:9c:77:fb:2b:76:2a:3e:a5:3d:9a:11:5f:83:33:
24:47:ff:ba:0a:f6:1e:d9:5f:ef:e9:35:4c:93:ec:
43:c4:3e:13:c2:ce:e5:f2:96:2b:41:8f:a8:40:93:
64:3b:6d:de:8b:2b:36:82:5a:81:78:f0:f5:d4:44:
d2:ba:ae:88:e0:8d:43:e0:34:02:6d:fe:2b:9b:34:
f3:f1:d4:63:00:5f:a0:25:4e:6f:11:ac:d5:17:be:
b3:d7:77:0b:43:0d:38:e2:ca:19:99:f2:79:13:86:
90:97:a7:7e:b9:ff:f9:1e:66:98:e3:f6:a3:ea:0f:
74:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:20:B6:CD:96:55:9B:5D:7F:14:07:9D:74:D4:9E:83:34:7C:8A:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:5000::/40
Signature Algorithm: sha256WithRSAEncryption
51:09:f0:4d:d3:89:77:dc:e0:ef:a0:33:95:09:ff:5c:c9:d6:
5b:94:1b:b2:20:c5:ae:7c:13:ad:4d:60:65:f6:dc:72:3f:f4:
76:7a:7f:f0:48:4e:60:49:1b:97:4e:98:79:ef:b7:0a:83:54:
3e:a5:e9:2f:c3:3f:23:43:55:e5:66:25:fc:f2:68:10:fc:7c:
fa:02:85:3b:96:b3:de:7b:6f:5d:d4:a9:6b:56:8a:30:c0:81:
24:bb:95:c9:01:39:e0:39:80:8c:b8:10:42:a6:ad:57:d2:1d:
10:6e:94:2e:69:1d:71:0b:40:a6:7c:a8:79:c4:bc:f2:dd:d0:
66:c7:a2:5f:4e:05:fd:75:5c:c4:38:f4:fb:dd:cc:eb:0e:61:
f5:a2:ae:ae:43:be:e6:e9:2d:f4:6b:21:09:a7:95:93:52:6c:
0f:73:69:a4:4a:1e:cb:54:b2:01:80:bd:bf:84:ae:59:53:84:
0a:23:20:77:84:42:9a:ea:78:58:49:56:22:1c:eb:49:4e:6c:
4a:42:ad:f5:ba:1b:b0:56:1a:07:41:4f:6d:4d:89:c2:cd:12:
eb:17:86:4a:58:4f:84:32:e3:60:81:50:f6:28:5b:80:eb:7f:
6f:3e:c8:5d:62:fe:b5:b9:9c:5f:ab:35:2d:44:82:ba:08:61:
64:7f:70:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYvJd5rC46Vd80Q80JIFrhD9fF4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YmVhNDhjZWJlZjJkMDg5ZWI1OGUzZjA5NWY1YzUyNzZmNjNmMWQwZjhm
NzI5Y2RjNDk3MDViMTk4Yjg2NGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/ubFAJYhA1AAts6T5yYGDNQBcdmBHK6rTe4fk5OGVlGZNxmUEFlfMy77cu
l+VcrIb0ai3mQvpckI30XvettRIqnQFmNZ6o5EvosHvbCyPvsEROebIDq6yJn7hG
tJVSZt0aEW3QLK4tCYIyQnyfYe0J56U4GrLT5UuJtIx2yIrUTVkW4cfuwZx3+yt2
Kj6lPZoRX4MzJEf/ugr2Htlf7+k1TJPsQ8Q+E8LO5fKWK0GPqECTZDtt3osrNoJa
gXjw9dRE0rquiOCNQ+A0Am3+K5s08/HUYwBfoCVObxGs1Re+s9d3C0MNOOLKGZny
eROGkJenfrn/+R5mmOP2o+oPdBcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuILbN
llWbXX8UB5101J6DNHyKuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM2OWY4ZjYtMDNjOC00NDY4LWE5OGEtZjIzZmU0MGVlYWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBRCfBN04l33ODvoDOVCf9cydZblBuyIMWufBOt
TWBl9txyP/R2en/wSE5gSRuXTph577cKg1Q+pekvwz8jQ1XlZiX88mgQ/Hz6AoU7
lrPee29d1KlrVoowwIEku5XJATngOYCMuBBCpq1X0h0QbpQuaR1xC0CmfKh5xLzy
3dBmx6JfTgX9dVzEOPT73czrDmH1oq6uQ77m6S30ayEJp5WTUmwPc2mkSh7LVLIB
gL2/hK5ZU4QKIyB3hEKa6nhYSVYiHOtJTmxKQq31uhuwVhoHQU9tTYnCzRLrF4ZK
WE+EMuNggVD2KFuA639vPshdYv61uZxfqzUtRIK6CGFkf3Cg
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:10:53 2026 by rpki-client