Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
File: be610cc2-170e-494b-b1f3-db73bc5ff027.roa (raw, json)
Hash identifier: QHKvZ9rFJD8iKETsrs1TUwTHcvDtzN3X1YOi9wIpaEc=
Subject key identifier: C0:AC:55:79:9C:85:50:6E:ED:60:46:F2:C8:0D:F7:79:BE:BA:59:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31F0A2EBBD782EF965A21D58F4EF1AB99DA3F13B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
Signing time: Sat 28 Feb 2026 06:01:11 +0000
ROA not before: Sat 28 Feb 2026 06:01:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:f0:a2:eb:bd:78:2e:f9:65:a2:1d:58:f4:ef:1a:b9:9d:a3:f1:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=160557a72cc67795052c10f05d857b9cc5fd2eaef0fdb34699c08ae48315401f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c0:62:8b:5c:ea:71:54:51:8a:1f:38:d8:3e:
8b:07:f7:a2:e3:64:3d:18:49:35:13:a0:5a:14:07:
34:9a:dd:ee:09:49:e7:62:d7:ef:d1:14:fe:dc:ba:
fb:84:0d:ac:12:a9:c5:e8:24:ab:5d:76:d4:5a:5d:
ed:da:37:70:fd:cf:ac:6a:cf:cc:7f:a5:83:aa:4f:
c1:0b:68:08:20:30:0e:d0:90:5f:e8:ee:c9:cf:77:
09:fb:bc:5f:92:e7:a1:ad:7d:51:38:34:b8:88:f1:
53:ed:f4:c9:09:77:f0:57:5e:5e:a0:8d:00:e4:59:
e5:64:ba:9f:f3:c7:eb:ec:49:b4:ab:a4:58:b2:b2:
73:48:2e:09:ab:75:f7:89:e6:3e:61:40:2d:61:78:
3a:ed:fb:3d:ed:8a:d3:09:1c:27:57:39:db:cc:a2:
44:b9:51:a8:4b:8c:f0:cc:d1:7d:66:36:6c:0a:be:
1e:73:65:43:f6:96:1b:93:d5:43:ee:a5:86:25:c3:
e9:f0:7b:6b:e1:12:cd:d1:43:2f:2a:3f:c7:de:af:
86:d3:7d:72:84:ac:ce:58:8a:bc:2f:41:0f:ab:5a:
86:f4:cf:40:13:a3:60:8f:4c:4e:1d:ef:6b:e3:d4:
a4:d6:c1:c9:57:ec:bd:66:f3:bd:72:62:78:ba:a0:
3d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:AC:55:79:9C:85:50:6E:ED:60:46:F2:C8:0D:F7:79:BE:BA:59:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6080::/48
Signature Algorithm: sha256WithRSAEncryption
c2:0a:80:ac:72:8d:c1:01:60:51:3a:bb:59:01:c1:39:9a:e1:
87:62:11:01:ca:da:9d:2e:23:b3:ca:03:86:a2:62:69:bf:52:
42:44:0e:ac:a0:b3:f4:a4:69:f3:e2:f7:fa:7b:c0:a7:ac:4c:
76:30:e8:d1:98:b2:1e:0b:2a:27:05:b1:6d:b2:c5:a8:06:56:
11:a6:7c:a6:59:a0:dd:b3:f0:78:4a:7f:96:90:a0:77:ee:06:
0d:39:a1:ae:43:06:34:e4:87:7c:88:26:be:bb:0b:b1:37:af:
cb:69:0d:c8:01:13:bc:e9:e0:9f:84:a6:44:5d:8d:e1:03:29:
07:11:92:ea:95:20:96:3f:83:2c:58:df:cd:91:55:a9:fe:aa:
d7:d5:eb:94:5e:61:9d:76:0b:5a:1e:49:64:02:0d:85:22:c3:
a5:ff:91:68:6b:76:a6:a4:db:6b:53:78:1b:37:dd:94:89:d2:
34:e7:9b:37:ce:c0:58:a8:4d:6b:60:7e:07:9e:64:21:e0:31:
ce:c2:41:80:1e:51:58:60:59:cc:88:ef:1a:e2:8d:ba:fc:7c:
77:84:7d:51:f4:b7:1b:08:d2:59:e6:fa:9e:ec:fc:59:c7:e0:
f1:9e:04:7d:87:bc:3c:2e:f3:4b:ff:24:1d:68:d1:41:4b:e6:
85:2e:1d:67
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMfCi6714Lvlloh1Y9O8auZ2j8TswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MDU1N2E3MmNjNjc3OTUwNTJjMTBmMDVkODU3YjljYzVmZDJlYWVmMGZk
YjM0Njk5YzA4YWU0ODMxNTQwMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOrAYotc6nFUUYofONg+iwf3ouNkPRhJNROgWhQHNJrd7glJ52LX79EU/ty6
+4QNrBKpxegkq1121Fpd7do3cP3PrGrPzH+lg6pPwQtoCCAwDtCQX+juyc93Cfu8
X5Lnoa19UTg0uIjxU+30yQl38FdeXqCNAORZ5WS6n/PH6+xJtKukWLKyc0guCat1
94nmPmFALWF4Ou37Pe2K0wkcJ1c528yiRLlRqEuM8MzRfWY2bAq+HnNlQ/aWG5PV
Q+6lhiXD6fB7a+ESzdFDLyo/x96vhtN9coSszliKvC9BD6tahvTPQBOjYI9MTh3v
a+PUpNbByVfsvWbzvXJieLqgPQsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTArFV5
nIVQbu1gRvLIDfd5vrpZbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MTBjYzItMTcwZS00OTRiLWIxZjMtZGI3M2JjNWZmMDI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
gDANBgkqhkiG9w0BAQsFAAOCAQEAwgqArHKNwQFgUTq7WQHBOZrhh2IRAcranS4j
s8oDhqJiab9SQkQOrKCz9KRp8+L3+nvAp6xMdjDo0ZiyHgsqJwWxbbLFqAZWEaZ8
plmg3bPweEp/lpCgd+4GDTmhrkMGNOSHfIgmvrsLsTevy2kNyAETvOngn4SmRF2N
4QMpBxGS6pUglj+DLFjfzZFVqf6q19XrlF5hnXYLWh5JZAINhSLDpf+RaGt2pqTb
a1N4GzfdlInSNOebN87AWKhNa2B+B55kIeAxzsJBgB5RWGBZzIjvGuKNuvx8d4R9
UfS3GwjSWeb6nuz8Wcfg8Z4EfYe8PC7zS/8kHWjRQUvmhS4dZw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:05 2026 by rpki-client