Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: 7jV/QJNjRzy1u3SBJaKnQ182Tl+xkR+y4G2lvnQvIIg=
Subject key identifier: 63:B3:B4:F1:85:A1:88:4B:DB:D7:22:E7:98:68:D8:DA:06:FA:68:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CA20C77D9B719BDE6C9E6B8F539C45CAA29E1CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Sat 28 Feb 2026 05:20:23 +0000
ROA not before: Sat 28 Feb 2026 05:20:23 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:a2:0c:77:d9:b7:19:bd:e6:c9:e6:b8:f5:39:c4:5c:aa:29:e1:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:23 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=60728b97efa79d2bf72093be5bdbcdd4d5fb8ce7dfe473262d8afddb9f409443, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fd:c0:76:22:dc:c5:3f:f4:b3:70:46:8b:ce:
6c:0b:05:c1:e7:a0:e5:52:c6:4d:9b:af:e5:10:b9:
71:55:e0:86:6d:b0:f5:36:a9:55:9a:00:2b:43:cb:
b0:d5:71:7b:4b:57:63:97:8a:88:0d:01:da:56:6b:
59:34:52:f7:4c:bc:d9:97:b3:cf:f8:f9:55:8d:6d:
15:57:4d:36:3b:12:3b:b4:d3:76:f1:bc:2d:d4:ea:
3b:04:ef:9d:05:c5:41:46:13:9e:ae:86:17:57:3f:
46:45:ea:48:36:74:99:16:16:d2:6e:20:91:ec:f0:
8d:70:2b:1f:20:b3:82:9b:61:3e:57:40:21:c9:26:
26:47:23:fc:15:1b:f8:ef:50:33:d7:51:b7:a6:d7:
68:e2:b6:72:eb:fc:46:35:04:a0:e5:f8:86:33:44:
15:96:fb:ce:88:b3:6f:f4:41:1f:db:3c:da:b3:72:
98:2b:d7:03:2a:85:83:37:5a:c0:e1:67:e2:4b:4d:
89:d5:e6:16:55:f9:31:85:4d:4f:23:a9:ca:6f:8c:
8d:6b:18:02:ff:a8:bc:1c:11:60:c9:ae:fa:27:74:
e2:e0:2e:a1:34:d8:ef:73:53:e1:67:fa:43:84:6f:
20:c5:39:d5:e4:38:ee:37:f9:c1:8d:9b:18:4e:08:
a5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B3:B4:F1:85:A1:88:4B:DB:D7:22:E7:98:68:D8:DA:06:FA:68:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:d6:27:27:58:cb:bc:10:fe:7c:0f:c0:f3:7f:1f:61:d4:33:
95:97:0c:2f:d3:22:c4:f8:d3:09:08:60:c9:c4:7c:3c:35:c5:
df:a1:a4:42:c4:5c:e3:e0:ce:8a:f7:b0:a5:6a:bf:2e:d2:c0:
0d:df:b5:7a:0c:aa:32:27:53:c3:f2:36:6a:1c:c7:17:ed:8c:
41:28:f6:54:d5:d2:9e:42:2e:7a:7d:41:af:cb:40:3c:e8:85:
0e:43:1b:d7:8f:63:59:d9:a3:8e:c4:c5:2e:a2:13:a3:d7:09:
56:9b:6e:40:30:d1:80:2f:1f:76:1a:48:fe:2b:db:0f:04:0a:
33:60:74:09:dc:46:08:d5:56:40:2d:a9:7d:83:17:0e:de:9b:
84:ca:9f:27:49:3a:ac:7b:51:fd:a6:9d:43:9b:f0:78:db:2f:
58:16:82:d6:90:71:6a:c2:3d:37:16:fd:dd:c7:f5:52:ae:a6:
8d:0b:1a:d1:06:ac:01:33:99:08:66:7f:66:b7:c3:86:f4:8d:
f3:1c:79:93:d7:ad:4d:be:d7:9e:85:e4:23:9c:bd:81:0f:b4:
0d:f0:7f:05:6d:73:9e:4d:61:66:db:89:a7:10:78:8a:e3:47:
47:48:cb:b7:12:fb:0c:d1:d9:b8:fe:4e:11:1b:79:99:31:2c:
64:6a:da:fd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULKIMd9m3Gb3myea49TnEXKop4cwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMjNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwNzI4Yjk3ZWZhNzlkMmJmNzIwOTNiZTViZGJjZGQ0ZDVmYjhjZTdkZmU0
NzMyNjJkOGFmZGRiOWY0MDk0NDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALb9wHYi3MU/9LNwRovObAsFweeg5VLGTZuv5RC5cVXghm2w9TapVZoAK0PL
sNVxe0tXY5eKiA0B2lZrWTRS90y82Zezz/j5VY1tFVdNNjsSO7TTdvG8LdTqOwTv
nQXFQUYTnq6GF1c/RkXqSDZ0mRYW0m4gkezwjXArHyCzgpthPldAIckmJkcj/BUb
+O9QM9dRt6bXaOK2cuv8RjUEoOX4hjNEFZb7zoizb/RBH9s82rNymCvXAyqFgzda
wOFn4ktNidXmFlX5MYVNTyOpym+MjWsYAv+ovBwRYMmu+id04uAuoTTY73NT4Wf6
Q4RvIMU51eQ47jf5wY2bGE4IpTMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjs7Tx
haGIS9vXIueYaNjaBvpoGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQB61icnWMu8EP58D8Dzfx9h1DOVlwwv0yLE+NMJ
CGDJxHw8NcXfoaRCxFzj4M6K97Clar8u0sAN37V6DKoyJ1PD8jZqHMcX7YxBKPZU
1dKeQi56fUGvy0A86IUOQxvXj2NZ2aOOxMUuohOj1wlWm25AMNGALx92Gkj+K9sP
BAozYHQJ3EYI1VZALal9gxcO3puEyp8nSTqse1H9pp1Dm/B42y9YFoLWkHFqwj03
Fv3dx/VSrqaNCxrRBqwBM5kIZn9mt8OG9I3zHHmT161NvteeheQjnL2BD7QN8H8F
bXOeTWFm24mnEHiK40dHSMu3EvsM0dm4/k4RG3mZMSxkatr9
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:09:29 2026 by rpki-client