Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
File: c42c966b-1b62-4165-bbfb-62aaaca567ad.roa (raw, json)
Hash identifier: PED/hSgEfK0sKz21uPyDE+3NHFePqCzqFvsqR/2hRCE=
Subject key identifier: 6C:99:E3:BA:15:18:7B:EE:3F:27:7E:24:B5:4E:12:C2:FB:C6:16:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 546D50ABA57BDACC2572F16588A23E03C841B7F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
Signing time: Tue 24 Feb 2026 04:10:37 +0000
ROA not before: Tue 24 Feb 2026 04:10:37 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:6d:50:ab:a5:7b:da:cc:25:72:f1:65:88:a2:3e:03:c8:41:b7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 04:10:37 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=d2dff58ebee8b1ae7d010385b02f9353dd1ccac151a982e9cbe7d9bb48b3ae99, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:25:2f:6a:8e:4e:81:8f:35:5b:8f:0b:19:0d:
9e:84:48:91:32:78:08:5d:58:6a:c6:aa:29:fa:1f:
e2:90:e4:f6:9c:5d:be:93:b1:13:63:9a:6b:ef:72:
fc:bf:f9:3a:18:a3:89:da:51:5e:55:58:5f:22:fc:
ca:a1:db:74:32:34:52:fe:ec:7a:7a:c1:6a:ba:22:
50:f8:fa:68:75:c3:9d:c7:18:18:e8:51:7a:fc:c3:
4d:e5:34:65:c9:02:11:57:e0:e4:0e:79:1e:0b:4a:
af:58:cf:fe:ea:64:78:42:6f:55:09:e5:f9:ba:61:
a7:11:5b:b3:80:45:9a:5d:82:e7:4d:fb:76:e1:1b:
1f:41:83:39:b3:b1:37:4d:8c:b7:e4:34:5d:03:d3:
23:83:2c:2f:eb:e7:05:9d:ed:30:0b:eb:d8:bc:14:
9d:b4:dd:36:29:4c:e9:3d:16:2e:4b:77:69:cb:6a:
24:49:4c:df:b9:09:5e:d2:9e:9e:42:13:56:62:5a:
29:28:1c:00:05:d5:04:70:b7:92:6b:9e:79:e1:31:
64:b5:70:19:5d:dc:a7:a4:26:e1:6e:1d:09:2d:90:
ac:70:ac:30:4b:d3:2c:16:ac:d1:6e:6f:22:14:aa:
18:fa:f7:e2:4d:b1:b6:eb:c2:a2:04:cc:f2:b4:8b:
d6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:99:E3:BA:15:18:7B:EE:3F:27:7E:24:B5:4E:12:C2:FB:C6:16:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077::/32
Signature Algorithm: sha256WithRSAEncryption
6a:44:43:64:65:84:ef:b0:f1:ce:1a:cf:dc:46:e8:4d:82:ca:
2d:65:0b:51:f8:a9:46:a8:37:72:df:0b:25:f8:5f:da:34:be:
70:20:59:71:93:ba:f2:5e:e6:9d:4b:ac:2b:4b:de:19:43:78:
6d:ec:22:a3:50:4b:5f:b3:d6:ec:39:23:78:6d:3e:88:39:f7:
6b:a1:55:ef:2d:93:02:19:ca:a1:f2:b3:cb:11:d5:17:03:f4:
f9:ff:c3:02:ab:1a:44:44:d1:fb:8f:d9:fa:9a:fc:46:df:d3:
fa:bb:d3:98:40:11:58:0d:56:eb:9b:9d:2d:bf:e8:61:5d:12:
5e:71:e9:52:1a:a4:52:57:87:f7:ff:b9:81:55:21:ab:83:f6:
fb:88:b9:16:af:33:38:82:4d:23:31:33:d4:9f:70:c2:24:74:
4b:08:c9:09:82:9b:31:01:37:fe:7c:7b:c1:41:ff:6f:dc:ea:
db:82:69:2d:ef:84:61:84:b7:b1:a2:1b:ed:a9:c5:5d:82:a2:
da:5a:9e:8c:4b:08:91:3d:dd:b6:1a:04:ed:a0:00:bf:b6:f1:
61:ef:b4:a2:65:c3:db:77:05:f3:19:17:3e:6e:21:aa:34:0e:
64:f9:aa:9c:c0:63:20:7a:9e:36:f7:64:e7:67:ae:d8:14:3b:
32:da:b1:6e
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUVG1Qq6V72swlcvFliKI+A8hBt/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwNDEwMzdaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyZGZmNThlYmVlOGIxYWU3ZDAxMDM4NWIwMmY5MzUzZGQxY2NhYzE1MWE5
ODJlOWNiZTdkOWJiNDhiM2FlOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMclL2qOToGPNVuPCxkNnoRIkTJ4CF1YasaqKfof4pDk9pxdvpOxE2Oaa+9y
/L/5OhijidpRXlVYXyL8yqHbdDI0Uv7senrBaroiUPj6aHXDnccYGOhRevzDTeU0
ZckCEVfg5A55HgtKr1jP/upkeEJvVQnl+bphpxFbs4BFml2C5037duEbH0GDObOx
N02Mt+Q0XQPTI4MsL+vnBZ3tMAvr2LwUnbTdNilM6T0WLkt3actqJElM37kJXtKe
nkITVmJaKSgcAAXVBHC3kmueeeExZLVwGV3cp6Qm4W4dCS2QrHCsMEvTLBas0W5v
IhSqGPr34k2xtuvCogTM8rSL1i0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRsmeO6
FRh77j8nfiS1ThLC+8YW7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQyYzk2NmItMWI2Mi00MTY1LWJiZmItNjJhYWFjYTU2N2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw
DQYJKoZIhvcNAQELBQADggEBAGpEQ2RlhO+w8c4az9xG6E2Cyi1lC1H4qUaoN3Lf
CyX4X9o0vnAgWXGTuvJe5p1LrCtL3hlDeG3sIqNQS1+z1uw5I3htPog592uhVe8t
kwIZyqHys8sR1RcD9Pn/wwKrGkRE0fuP2fqa/Ebf0/q705hAEVgNVuubnS2/6GFd
El5x6VIapFJXh/f/uYFVIauD9vuIuRavMziCTSMxM9SfcMIkdEsIyQmCmzEBN/58
e8FB/2/c6tuCaS3vhGGEt7GiG+2pxV2CotpanoxLCJE93bYaBO2gAL+28WHvtKJl
w9t3BfMZFz5uIao0DmT5qpzAYyB6njb3ZOdnrtgUOzLasW4=
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:10:52 2026 by rpki-client