Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
File: bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa (raw, json)
Hash identifier: s9J58gmSy1h9dKmOzPl1HeW/vNXxXWfFzCDLPvy+MGU=
Subject key identifier: 33:49:FE:AF:09:4C:4A:CF:15:89:11:FD:CF:51:81:29:0F:5F:AD:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0677EC30DA2CC85FC3CDE88E8B65592A7CB613CF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
Signing time: Sat 28 Feb 2026 05:41:06 +0000
ROA not before: Sat 28 Feb 2026 05:41:06 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:77:ec:30:da:2c:c8:5f:c3:cd:e8:8e:8b:65:59:2a:7c:b6:13:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:06 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e7769618b6cd250d52e0a7e9f5369f8841b255c3b3b16a8a37b681c304ea8e08, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:51:6e:e9:e3:30:50:97:44:92:d2:a2:2e:6c:
c9:cb:17:26:46:06:e7:84:76:30:71:fa:19:cd:b8:
2c:d2:40:a4:63:e2:e5:66:8f:b2:ad:84:8c:10:b3:
7b:a6:77:bf:11:d5:91:8c:b8:9f:62:89:57:c1:6f:
1e:5b:b4:a1:a9:19:c4:4d:a7:c4:b8:d5:24:7e:69:
e7:37:0e:84:66:3d:00:5a:11:09:bc:80:d8:57:2d:
b2:0c:49:16:15:e7:a6:c6:40:f0:7d:2e:14:fb:7f:
1b:03:bd:65:2f:f8:56:78:77:79:c5:a7:bd:f7:20:
31:e4:30:f5:0c:8f:67:a1:05:01:3e:17:7b:c7:3e:
a5:30:e5:32:5e:32:a4:70:d1:f2:78:2e:1b:8e:16:
0a:38:dc:f4:48:08:03:ad:8f:fc:77:00:c3:36:3c:
db:3c:55:28:6a:73:92:17:b3:d5:5d:4d:b2:83:21:
4b:b1:1c:a5:62:8a:94:84:ca:88:62:2c:69:2d:35:
57:bf:7d:44:9d:0a:d6:dc:e7:e1:6a:96:d8:d4:4b:
8e:ee:44:53:97:cc:d5:97:c2:3f:b2:9e:9c:a8:ee:
07:9b:7a:d4:32:3f:98:7f:ce:4f:02:a5:da:d3:7f:
ae:c1:f7:90:fa:57:8e:5e:d2:a2:9d:b6:b7:57:82:
ba:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:49:FE:AF:09:4C:4A:CF:15:89:11:FD:CF:51:81:29:0F:5F:AD:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4020::/48
Signature Algorithm: sha256WithRSAEncryption
24:b3:43:96:d9:54:14:bf:af:aa:0c:d1:f0:b7:e4:05:d4:72:
c8:9a:bf:a6:0a:75:25:94:9a:0b:f0:e4:b6:87:67:e2:a1:8a:
e9:af:02:3a:b5:9f:68:29:66:fb:d9:83:1b:27:cc:37:6e:63:
f2:be:01:92:bd:35:10:ae:37:fa:31:d0:76:66:e9:63:d7:c4:
f7:9d:ef:47:d5:25:7c:06:5e:f5:a6:94:53:c8:82:38:62:e6:
8c:36:f0:96:23:82:ca:6c:32:af:ed:b6:6a:a7:a4:5a:60:6e:
1d:f7:b3:99:8a:65:58:b3:12:cc:2c:94:62:60:48:94:96:70:
6e:ae:b9:14:c3:2e:cf:83:7a:72:09:06:e3:77:0f:36:10:28:
85:42:07:79:ce:f3:bd:6e:62:bd:92:cd:9d:82:61:0c:0e:e9:
a3:98:25:e6:a7:47:73:7a:96:26:7e:1e:ad:6a:88:1f:8f:ee:
22:2a:b1:45:5e:81:04:ff:27:6b:ab:f3:5d:e9:32:0f:0c:1f:
d3:ad:37:62:cc:17:29:48:d1:f5:8f:bf:b4:80:e6:86:7c:10:
5b:a5:63:30:5e:48:35:0f:d0:4d:94:be:19:1e:28:bf:6b:e4:
63:7c:b1:c5:e4:48:4b:a6:56:d4:04:bc:7b:7a:4d:e0:2a:fc:
37:3e:bf:37
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBnfsMNosyF/DzeiOi2VZKny2E88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3NzY5NjE4YjZjZDI1MGQ1MmUwYTdlOWY1MzY5Zjg4NDFiMjU1YzNiM2Ix
NmE4YTM3YjY4MWMzMDRlYThlMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJRbunjMFCXRJLSoi5sycsXJkYG54R2MHH6Gc24LNJApGPi5WaPsq2EjBCz
e6Z3vxHVkYy4n2KJV8FvHlu0oakZxE2nxLjVJH5p5zcOhGY9AFoRCbyA2FctsgxJ
FhXnpsZA8H0uFPt/GwO9ZS/4Vnh3ecWnvfcgMeQw9QyPZ6EFAT4Xe8c+pTDlMl4y
pHDR8nguG44WCjjc9EgIA62P/HcAwzY82zxVKGpzkhez1V1NsoMhS7EcpWKKlITK
iGIsaS01V799RJ0K1tzn4WqW2NRLju5EU5fM1ZfCP7KenKjuB5t61DI/mH/OTwKl
2tN/rsH3kPpXjl7Sop22t1eCugkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQzSf6v
CUxKzxWJEf3PUYEpD1+tgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmY1NDA0YzItYmNiZS00ZGY0LTg2Y2UtNzJjZWIwNjdmNjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
IDANBgkqhkiG9w0BAQsFAAOCAQEAJLNDltlUFL+vqgzR8LfkBdRyyJq/pgp1JZSa
C/Dktodn4qGK6a8COrWfaClm+9mDGyfMN25j8r4Bkr01EK43+jHQdmbpY9fE953v
R9UlfAZe9aaUU8iCOGLmjDbwliOCymwyr+22aqekWmBuHfezmYplWLMSzCyUYmBI
lJZwbq65FMMuz4N6cgkG43cPNhAohUIHec7zvW5ivZLNnYJhDA7po5gl5qdHc3qW
Jn4erWqIH4/uIiqxRV6BBP8na6vzXekyDwwf0603YswXKUjR9Y+/tIDmhnwQW6Vj
MF5INQ/QTZS+GR4ov2vkY3yxxeRIS6ZW1AS8e3pN4Cr8Nz6/Nw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:55 2026 by rpki-client