Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa
File: bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa (raw, json)
Hash identifier: rZwp41LzTibWxEfuSH/UIBdeIAPRz2noQLvcZacBGWw=
Subject key identifier: 16:0A:CA:F6:2B:D2:B9:54:38:77:3D:88:05:71:38:28:4C:88:0F:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6EE9112439D623ED32AA8C76AD92EA38B9B8DA83
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa
Signing time: Fri 20 Feb 2026 01:40:07 +0000
ROA not before: Fri 20 Feb 2026 01:40:07 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:e9:11:24:39:d6:23:ed:32:aa:8c:76:ad:92:ea:38:b9:b8:da:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:40:07 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=856ef6057fa16d2ce4546888f51d05f2c5b23371b1b3be5e394d7ce33423cbf0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:81:2d:be:b5:6c:81:33:c5:7f:a5:36:e8:d1:
27:a1:94:7f:6a:22:57:6d:c2:48:64:80:59:53:25:
bf:b7:a0:ed:64:1f:55:7c:00:09:6c:53:ef:ae:99:
09:ef:18:c3:29:aa:80:47:1d:4b:ab:50:74:37:47:
ce:67:69:38:81:59:a1:a5:fe:21:84:2c:28:1b:1f:
bd:25:0d:99:1f:c8:1d:53:45:51:93:f3:9d:5b:2d:
50:bc:4a:36:a2:6b:39:e1:12:d8:bf:04:30:4d:a2:
ba:3c:aa:30:5a:69:12:46:b9:b9:d1:ad:81:fe:b0:
77:e0:99:3c:1b:ea:fb:81:f9:a2:41:48:a8:7b:d2:
cb:05:48:57:85:2e:df:be:2e:24:c0:5f:7a:56:09:
15:95:65:79:64:40:80:ba:65:5e:a9:26:f8:c2:95:
b1:0d:ff:08:13:e4:58:c6:bb:5e:73:45:97:0b:e9:
47:db:63:af:a3:19:e6:2b:23:fb:bc:3e:16:66:ae:
71:aa:df:e1:57:44:14:4d:c5:89:cc:4d:9a:0e:67:
ed:0e:66:24:9e:ea:58:83:30:ae:e9:d5:49:4a:05:
39:53:94:d2:5d:18:d3:7a:b9:7f:c6:9b:e9:22:3d:
4a:de:a4:a9:c7:32:e6:02:93:d3:35:57:ef:d2:de:
fb:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0A:CA:F6:2B:D2:B9:54:38:77:3D:88:05:71:38:28:4C:88:0F:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4000::/40
Signature Algorithm: sha256WithRSAEncryption
22:53:88:09:5c:46:85:82:48:ac:0b:a5:6e:87:79:69:e9:1b:
05:f4:00:65:57:ec:99:1c:35:2e:c5:75:66:bc:19:ed:ae:29:
07:26:5c:49:62:3b:86:fc:f5:a9:bd:83:a9:0e:fa:dd:23:10:
79:f3:a7:38:c6:a3:30:b8:60:e7:2a:f9:7d:d3:14:95:c7:a7:
a5:ac:5f:79:60:2e:b7:8a:3d:ed:5a:d9:29:f7:63:46:ca:2f:
b3:f2:1e:ff:32:39:d9:6b:5c:44:3a:89:57:9d:8b:8e:c1:7c:
5f:ad:1a:34:76:3f:5b:d1:e5:c7:fc:d6:13:42:e5:19:1f:11:
2f:77:9e:08:f4:7b:05:a5:31:14:43:83:d5:e3:11:3b:1f:84:
a2:73:b2:44:f6:43:16:f2:2a:2e:53:09:0d:a9:c9:61:60:5a:
e3:d5:5c:bd:63:71:6c:32:15:32:58:2b:69:23:db:d6:35:22:
fa:f0:1c:f2:f4:30:c4:72:a7:78:d1:b9:93:8b:5c:a4:9d:09:
6e:14:8b:b1:21:70:b6:41:44:f9:43:be:bb:1b:cb:8f:aa:26:
8d:d2:c0:29:46:e3:a0:02:38:54:8e:2b:90:0d:fd:3c:be:e7:
a9:d9:55:bf:1d:95:80:e3:99:8c:e6:bb:69:d1:7c:52:7f:1f:
0d:c8:f3:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbukRJDnWI+0yqox2rZLqOLm42oMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTQwMDdaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1NmVmNjA1N2ZhMTZkMmNlNDU0Njg4OGY1MWQwNWYyYzViMjMzNzFiMWIz
YmU1ZTM5NGQ3Y2UzMzQyM2NiZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuBLb61bIEzxX+lNujRJ6GUf2oiV23CSGSAWVMlv7eg7WQfVXwACWxT766Z
Ce8YwymqgEcdS6tQdDdHzmdpOIFZoaX+IYQsKBsfvSUNmR/IHVNFUZPznVstULxK
NqJrOeES2L8EME2iujyqMFppEka5udGtgf6wd+CZPBvq+4H5okFIqHvSywVIV4Uu
374uJMBfelYJFZVleWRAgLplXqkm+MKVsQ3/CBPkWMa7XnNFlwvpR9tjr6MZ5isj
+7w+Fmaucarf4VdEFE3FicxNmg5n7Q5mJJ7qWIMwrunVSUoFOVOU0l0Y03q5f8ab
6SI9St6kqccy5gKT0zVX79Le+2sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWCsr2
K9K5VDh3PYgFcTgoTIgP1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmYwY2Y0OTMtZDY1ZC00ODg2LWEzNDEtYmNiYjQwZmJmMTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRA
MA0GCSqGSIb3DQEBCwUAA4IBAQAiU4gJXEaFgkisC6Vuh3lp6RsF9ABlV+yZHDUu
xXVmvBntrikHJlxJYjuG/PWpvYOpDvrdIxB586c4xqMwuGDnKvl90xSVx6elrF95
YC63ij3tWtkp92NGyi+z8h7/MjnZa1xEOolXnYuOwXxfrRo0dj9b0eXH/NYTQuUZ
HxEvd54I9HsFpTEUQ4PV4xE7H4Sic7JE9kMW8iouUwkNqclhYFrj1Vy9Y3FsMhUy
WCtpI9vWNSL68Bzy9DDEcqd40bmTi1yknQluFIuxIXC2QUT5Q767G8uPqiaN0sAp
RuOgAjhUjiuQDf08vuep2VW/HZWA45mM5rtp0XxSfx8NyPPN
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:57 2026 by rpki-client