Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
File: c46a0827-1052-46e2-ad52-4a27d9a65f24.roa (raw, json)
Hash identifier: Jn2RrO80URCwYLpS0MuDCIkPNqcbP7M2lNDMIW4sxFg=
Subject key identifier: 6F:5B:19:66:B3:4E:DD:8C:A9:B3:7C:70:89:9D:83:3E:67:6A:A2:EA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55DED2C07FDCD6D8F6A20C2FA19242463B1C23B7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
Signing time: Sat 28 Feb 2026 05:41:27 +0000
ROA not before: Sat 28 Feb 2026 05:41:27 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:de:d2:c0:7f:dc:d6:d8:f6:a2:0c:2f:a1:92:42:46:3b:1c:23:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:27 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=65957cad8e55ad74e7da82efaee0921d25f07aa4719c737cfee2df3343e491fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8b:f5:b5:ca:6b:ef:f2:5c:b3:08:2f:50:49:
a6:a0:e5:7e:5f:8a:56:6f:bc:a1:0c:c3:3a:9f:63:
f3:03:ef:bc:31:b8:ee:15:e6:50:85:a4:49:ba:4f:
f1:6e:dd:fd:78:ff:4b:9e:a1:5a:e7:de:e7:3d:df:
1e:cf:91:78:ff:cc:5c:9d:14:3f:b8:6c:6c:bd:79:
d0:e8:ff:fa:87:8d:96:53:f6:d0:5e:8f:1b:df:1c:
3f:6a:82:c3:de:f7:55:07:43:6e:1c:29:f7:9a:88:
d5:3d:2d:2e:fc:74:e2:49:18:3c:51:d8:e2:89:00:
8c:d8:8f:dc:7e:b6:36:2d:39:5f:be:7e:a2:9d:46:
90:0a:b4:c2:24:a3:a3:cf:4c:6b:09:2c:93:7c:1e:
9c:25:9a:2f:e7:70:1b:5a:1d:b1:87:e2:e9:98:f9:
c1:83:63:be:b6:b9:df:f4:ec:d0:f1:fe:e4:16:45:
ce:5b:c4:73:a8:3e:71:a2:92:b0:04:66:5d:c5:ef:
0c:2e:6f:c7:3a:5e:f8:10:c1:11:5b:d4:38:70:ff:
13:7b:8d:4a:39:98:d7:c9:45:5a:77:bb:0b:ae:a8:
a2:38:6f:e8:23:45:e4:8c:03:fa:19:19:8b:88:51:
f7:da:98:91:29:1f:b7:1e:a4:9c:fc:70:e8:a4:a8:
30:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:5B:19:66:B3:4E:DD:8C:A9:B3:7C:70:89:9D:83:3E:67:6A:A2:EA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/36
Signature Algorithm: sha256WithRSAEncryption
37:16:3f:3a:16:4f:b3:32:93:f2:c8:c7:9b:14:c3:13:c8:80:
ff:d7:51:51:38:84:89:72:67:95:a5:dd:3c:31:5c:e0:e6:87:
ef:ed:43:5d:6a:8e:3b:29:9a:8b:7b:75:17:d1:cb:e1:7b:94:
50:90:86:84:f7:d5:be:93:2f:00:7a:ee:1f:67:a7:f2:19:7d:
87:3d:98:46:37:b2:56:10:94:75:70:10:97:0f:5b:85:6b:84:
7c:3a:1d:cf:67:e8:c9:1a:56:80:3e:21:bd:b8:b8:51:a2:22:
20:7c:e0:75:c6:1a:1c:e4:8a:7b:d8:2d:72:6e:5f:69:ac:9e:
71:bc:99:b4:11:fd:f3:7e:2d:b4:b9:af:e1:93:d5:0e:3d:d5:
92:39:09:bf:d0:5a:54:9f:88:f8:aa:36:d9:a5:fb:58:1e:e2:
54:65:ce:ce:cc:25:da:b3:4f:7c:51:5c:3a:e5:c8:9a:c7:3f:
c4:fb:4b:34:d9:96:78:8b:d5:5c:f3:b0:f1:7b:13:a7:f0:a1:
64:d9:8c:08:20:5c:f9:88:28:0e:c8:fd:02:fc:cc:56:8e:6d:
44:45:30:12:d9:42:44:f0:d7:17:0a:c8:d6:eb:b1:d9:b5:c3:
fc:fa:43:d4:94:92:2d:79:23:94:23:a1:2d:b9:0a:38:2d:ba:
5c:62:a1:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVd7SwH/c1tj2ogwvoZJCRjscI7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1OTU3Y2FkOGU1NWFkNzRlN2RhODJlZmFlZTA5MjFkMjVmMDdhYTQ3MTlj
NzM3Y2ZlZTJkZjMzNDNlNDkxZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOL9bXKa+/yXLMIL1BJpqDlfl+KVm+8oQzDOp9j8wPvvDG47hXmUIWkSbpP
8W7d/Xj/S56hWufe5z3fHs+ReP/MXJ0UP7hsbL150Oj/+oeNllP20F6PG98cP2qC
w973VQdDbhwp95qI1T0tLvx04kkYPFHY4okAjNiP3H62Ni05X75+op1GkAq0wiSj
o89Mawksk3wenCWaL+dwG1odsYfi6Zj5wYNjvra53/Ts0PH+5BZFzlvEc6g+caKS
sARmXcXvDC5vxzpe+BDBEVvUOHD/E3uNSjmY18lFWne7C66oojhv6CNF5IwD+hkZ
i4hR99qYkSkftx6knPxw6KSoMFECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRvWxlm
s07djKmzfHCJnYM+Z2qi6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ2YTA4MjctMTA1Mi00NmUyLWFkNTItNGEyN2Q5YTY1ZjI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQA3Fj86Fk+zMpPyyMebFMMTyID/11FROISJcmeV
pd08MVzg5ofv7UNdao47KZqLe3UX0cvhe5RQkIaE99W+ky8Aeu4fZ6fyGX2HPZhG
N7JWEJR1cBCXD1uFa4R8Oh3PZ+jJGlaAPiG9uLhRoiIgfOB1xhoc5Ip72C1ybl9p
rJ5xvJm0Ef3zfi20ua/hk9UOPdWSOQm/0FpUn4j4qjbZpftYHuJUZc7OzCXas098
UVw65ciaxz/E+0s02ZZ4i9Vc87DxexOn8KFk2YwIIFz5iCgOyP0C/MxWjm1ERTAS
2UJE8NcXCsjW67HZtcP8+kPUlJIteSOUI6EtuQo4LbpcYqGc
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:55 2026 by rpki-client