Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
File: cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa (raw, json)
Hash identifier: QolwcnS+wWVH5k+rVqISKsw2DCRVV68bz5Pvy+wSAg8=
Subject key identifier: B7:B7:EF:0B:C0:C0:52:46:26:75:E1:DA:B9:30:F0:E1:92:8D:A2:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 163EBD875196215B6DA619E31DE79C1DDD869597
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
Signing time: Sat 28 Feb 2026 06:30:12 +0000
ROA not before: Sat 28 Feb 2026 06:30:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:3e:bd:87:51:96:21:5b:6d:a6:19:e3:1d:e7:9c:1d:dd:86:95:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:30:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=0be097535e1edc10f6c743d2291fd154fe61dd6de5612ccdac9554098e65c481, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6b:93:36:c5:4d:58:50:63:ab:d6:e6:88:15:
ed:f7:2a:fe:b7:da:15:69:3c:c2:f4:37:d0:31:8f:
57:e5:af:66:a7:33:d2:4c:cb:31:fa:0f:44:39:c2:
60:2a:f6:d5:17:45:3f:8b:dd:b9:cd:06:49:94:a1:
8d:0d:58:51:30:88:13:01:f1:cd:d4:e5:6c:b4:0f:
96:a0:18:3a:2a:57:d1:da:29:2b:35:2b:c5:b8:4b:
73:c9:b3:d1:f6:6c:0a:85:ec:6a:a0:ea:ba:76:18:
12:89:2a:3b:a8:e8:0a:3c:44:61:8e:89:89:db:63:
af:74:f7:1a:08:4e:11:ec:62:fe:e0:46:e8:54:8a:
ae:00:4b:30:c8:6e:be:ca:13:04:79:d9:f3:70:cc:
b6:12:22:96:00:e0:39:0c:2f:f3:c6:21:b0:43:a6:
94:2e:0e:26:13:f4:61:90:e9:e9:e6:c6:29:28:98:
6e:89:29:6f:00:08:7e:c5:62:c9:2f:38:51:a5:e2:
65:34:6a:e2:ed:d9:6a:ea:74:24:96:a1:e1:38:ba:
e5:ff:60:ad:88:67:ce:97:b0:d6:77:c9:e8:b5:84:
f1:a8:f0:11:e4:34:14:fb:e5:f7:01:7e:a0:62:a1:
3e:af:47:42:2f:15:eb:9c:31:ef:e8:b4:5e:08:76:
d7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B7:EF:0B:C0:C0:52:46:26:75:E1:DA:B9:30:F0:E1:92:8D:A2:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1040::/48
Signature Algorithm: sha256WithRSAEncryption
8e:62:cb:27:3b:92:42:35:6a:90:ba:b9:97:77:19:fc:91:9c:
aa:18:09:0b:a8:45:08:ff:e6:34:ec:5c:d4:6d:ca:4f:d4:26:
e3:09:34:37:5d:73:d7:37:b5:d2:82:3f:fd:bf:5d:8b:ec:7e:
77:f1:7b:9b:f5:88:fd:4c:aa:75:4a:9e:e5:5b:b9:a3:73:ce:
67:3f:f7:26:1a:1e:22:b6:34:8e:3e:b2:b7:0f:0d:f5:05:ec:
18:81:81:24:d7:b9:96:c9:5c:58:18:2c:02:31:bc:40:04:54:
b9:07:52:68:03:ea:ee:22:ef:89:e0:c7:2e:3c:e0:64:2d:90:
ce:18:f2:76:f2:da:ff:9e:e2:3e:76:0b:a5:f7:b5:19:eb:1f:
0a:1f:d6:de:19:07:de:cc:f3:0e:1f:19:9f:cf:84:8f:c9:1b:
c8:0c:aa:30:d4:a4:6b:d5:1e:12:2c:cc:70:33:c1:5e:c7:1f:
b8:2e:ae:8c:b0:95:08:60:31:9c:98:c5:a6:66:33:94:bc:1a:
ca:f4:fa:e4:c0:1f:d1:7b:25:3f:4e:34:c1:10:ec:57:e4:b6:
6c:c3:01:a4:4a:c5:ba:67:9e:42:f0:8c:1e:a7:7d:b5:8e:01:
f1:42:19:1f:65:08:1e:f1:da:d3:93:6a:ed:68:1d:41:19:29:
c1:30:f8:96
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFj69h1GWIVttphnjHeecHd2GlZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjMwMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiZTA5NzUzNWUxZWRjMTBmNmM3NDNkMjI5MWZkMTU0ZmU2MWRkNmRlNTYx
MmNjZGFjOTU1NDA5OGU2NWM0ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhrkzbFTVhQY6vW5ogV7fcq/rfaFWk8wvQ30DGPV+WvZqcz0kzLMfoPRDnC
YCr21RdFP4vduc0GSZShjQ1YUTCIEwHxzdTlbLQPlqAYOipX0dopKzUrxbhLc8mz
0fZsCoXsaqDqunYYEokqO6joCjxEYY6Jidtjr3T3GghOEexi/uBG6FSKrgBLMMhu
vsoTBHnZ83DMthIilgDgOQwv88YhsEOmlC4OJhP0YZDp6ebGKSiYbokpbwAIfsVi
yS84UaXiZTRq4u3Zaup0JJah4Ti65f9grYhnzpew1nfJ6LWE8ajwEeQ0FPvl9wF+
oGKhPq9HQi8V65wx7+i0Xgh213cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS3t+8L
wMBSRiZ14dq5MPDhko2ibzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FjODUwZjgtNWFhOS00YTU2LWFlYTItZTIyZDNhZmQ0ZTM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAjmLLJzuSQjVqkLq5l3cZ/JGcqhgJC6hFCP/m
NOxc1G3KT9Qm4wk0N11z1ze10oI//b9di+x+d/F7m/WI/UyqdUqe5Vu5o3POZz/3
JhoeIrY0jj6ytw8N9QXsGIGBJNe5lslcWBgsAjG8QARUuQdSaAPq7iLvieDHLjzg
ZC2QzhjydvLa/57iPnYLpfe1GesfCh/W3hkH3szzDh8Zn8+Ej8kbyAyqMNSka9Ue
EizMcDPBXscfuC6ujLCVCGAxnJjFpmYzlLwayvT65MAf0XslP040wRDsV+S2bMMB
pErFumeeQvCMHqd9tY4B8UIZH2UIHvHa05Nq7WgdQRkpwTD4lg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:44 2026 by rpki-client