Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa
File: c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa (raw, json)
Hash identifier: TEmyVcnFUd8c6gIOuZUcZCXrqt7zPLxM4bw2PcsNrgA=
Subject key identifier: 8C:81:F8:FD:61:2C:7C:F0:C1:14:25:F5:6C:C9:1C:8D:CC:8E:88:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 095AB0CB5B6E83D7206BEB818D398AAF6691E2EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa
Signing time: Fri 13 Feb 2026 15:20:32 +0000
ROA not before: Fri 13 Feb 2026 15:20:32 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:40c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:5a:b0:cb:5b:6e:83:d7:20:6b:eb:81:8d:39:8a:af:66:91:e2:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:32 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=849aace216ca3b5087c15cb5f6bf18458f56a6993f6b9ca487e232b557f06eb0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:9d:c8:69:38:01:95:89:42:a5:50:89:28:32:
56:2c:df:c7:2a:ee:ee:4a:da:d2:a6:39:79:50:33:
3d:7e:c6:fb:bb:eb:5a:6f:23:af:1e:80:59:bb:bd:
a7:b0:06:44:1b:14:50:ee:79:2e:89:74:ed:ed:ea:
68:97:0f:87:94:f3:e4:a5:9b:7c:b5:75:2c:3b:06:
86:ab:69:b7:74:a8:8d:d1:61:7b:78:d2:33:87:c0:
71:9f:5d:08:73:d1:3c:3e:bd:13:54:38:b3:40:f9:
05:2d:7c:8f:04:8d:5e:6d:ca:52:a4:24:2f:c9:ba:
59:dc:00:36:13:7c:53:e6:34:dd:f1:5f:7d:c0:da:
dc:db:4f:29:6b:ce:ad:de:8a:2a:66:06:60:ca:54:
5e:f9:8a:44:6b:84:9b:df:28:ae:e9:71:99:36:4a:
db:a0:78:b1:a8:1c:de:80:28:2a:66:2b:83:10:ae:
96:b0:12:2c:5e:7e:36:04:ca:2f:a2:ac:4a:47:60:
85:e5:f0:a0:2a:c6:c6:4c:a0:cd:b6:bd:3a:32:48:
0f:51:b7:e6:70:c9:9f:ce:ab:a7:49:19:fd:bd:b0:
14:94:fd:01:ed:bf:3b:3c:d8:25:2e:86:c2:65:02:
a8:96:df:51:8c:92:c0:40:b0:48:b5:7a:39:6d:d1:
a6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:81:F8:FD:61:2C:7C:F0:C1:14:25:F5:6C:C9:1C:8D:CC:8E:88:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:40c0::/46
Signature Algorithm: sha256WithRSAEncryption
22:a6:64:f5:e4:b4:28:78:f6:eb:60:b3:a9:85:70:90:d0:fb:
ea:14:a0:db:15:a5:ae:e4:25:e1:23:b1:1f:95:a7:bd:de:d0:
32:35:f9:a0:7e:bc:5f:4c:f7:b1:f7:ce:81:07:43:cf:f0:dc:
f5:91:d1:32:16:b7:33:b8:01:50:06:66:8e:8a:02:25:c3:08:
64:f3:af:c0:4b:25:77:e6:1d:ac:4d:86:6e:34:2c:a9:04:74:
f7:ab:2c:bc:ec:fa:69:b6:bb:29:99:ee:14:21:f1:5c:9d:ba:
0a:96:0b:98:55:1a:65:57:a2:d7:c6:e7:7f:62:66:80:94:3e:
95:b7:e2:66:10:7c:27:ab:7d:55:46:61:7f:16:0f:da:cb:b1:
d7:7e:4b:e5:21:86:35:8c:bd:c7:59:09:cf:3f:38:a4:0e:74:
82:21:12:aa:18:9d:01:01:ba:43:34:fd:bf:05:5b:a2:62:e7:
4f:56:9b:13:8c:b3:3a:17:70:fd:7d:75:a2:13:a4:c0:b0:7b:
96:bc:b5:e4:82:2d:16:6b:f0:97:3c:03:d3:a1:0c:d6:93:07:
75:ca:24:bc:06:b4:5b:36:ee:be:0a:21:52:4b:e9:41:68:f3:
67:16:c1:13:af:9f:79:f1:94:06:b3:c4:3a:77:e1:89:d4:c2:
17:fd:1b:55
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCVqwy1tug9cga+uBjTmKr2aR4uswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMzJaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0OWFhY2UyMTZjYTNiNTA4N2MxNWNiNWY2YmYxODQ1OGY1NmE2OTkzZjZi
OWNhNDg3ZTIzMmI1NTdmMDZlYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPSdyGk4AZWJQqVQiSgyVizfxyru7kra0qY5eVAzPX7G+7vrWm8jrx6AWbu9
p7AGRBsUUO55Lol07e3qaJcPh5Tz5KWbfLV1LDsGhqtpt3SojdFhe3jSM4fAcZ9d
CHPRPD69E1Q4s0D5BS18jwSNXm3KUqQkL8m6WdwANhN8U+Y03fFffcDa3NtPKWvO
rd6KKmYGYMpUXvmKRGuEm98orulxmTZK26B4sagc3oAoKmYrgxCulrASLF5+NgTK
L6KsSkdgheXwoCrGxkygzba9OjJID1G35nDJn86rp0kZ/b2wFJT9Ae2/OzzYJS6G
wmUCqJbfUYySwECwSLV6OW3Rpj0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSMgfj9
YSx88MEUJfVsyRyNzI6IMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ3ZDliZjctM2U5Yi00YWQ1LTk1OGEtZGRlN2NhZGZhODlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
wDANBgkqhkiG9w0BAQsFAAOCAQEAIqZk9eS0KHj262CzqYVwkND76hSg2xWlruQl
4SOxH5Wnvd7QMjX5oH68X0z3sffOgQdDz/Dc9ZHRMha3M7gBUAZmjooCJcMIZPOv
wEsld+YdrE2GbjQsqQR096ssvOz6aba7KZnuFCHxXJ26CpYLmFUaZVei18bnf2Jm
gJQ+lbfiZhB8J6t9VUZhfxYP2sux135L5SGGNYy9x1kJzz84pA50giESqhidAQG6
QzT9vwVbomLnT1abE4yzOhdw/X11ohOkwLB7lry15IItFmvwlzwD06EM1pMHdcok
vAa0WzbuvgohUkvpQWjzZxbBE6+fefGUBrPEOnfhidTCF/0bVQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:24:36 2026 by rpki-client