Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
File: cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa (raw, json)
Hash identifier: TjUelodr14b65F2MkDBwtZeZERHQFwlIxmAa9TL0KfI=
Subject key identifier: E6:11:45:86:FE:8F:27:1C:EF:E7:93:53:E8:95:2F:70:0E:52:1A:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1250F1F312055C5E71B817EA0FC4494841A2BEAC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
Signing time: Sat 28 Feb 2026 06:21:04 +0000
ROA not before: Sat 28 Feb 2026 06:21:04 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:50:f1:f3:12:05:5c:5e:71:b8:17:ea:0f:c4:49:48:41:a2:be:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:04 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=6e5631d9fe354f504b55d2a3f908c463cf0767772221b048750ffa02677a6c11, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:81:01:1e:a3:fb:3b:b3:c7:a7:08:f8:64:81:
87:f4:ca:e9:e8:59:22:c3:a9:a4:4d:f8:83:16:5a:
78:44:e6:13:6d:27:21:b7:e4:1a:88:92:f4:42:48:
c7:ff:f2:ce:dd:d8:d4:48:5c:9b:47:4a:34:5d:22:
39:9e:ef:c1:19:9a:e7:39:4c:b7:5e:2f:5d:61:a5:
bb:38:3e:ac:5a:6d:04:e5:dd:2c:a1:ec:6a:aa:0a:
41:b7:da:30:31:4a:45:9b:28:74:a1:49:4a:7a:90:
59:b7:b8:90:46:37:6c:5d:2b:60:e0:96:03:77:42:
c1:bb:5d:de:8b:7d:6a:d4:10:9e:41:7f:a6:99:00:
a2:b0:24:f3:e3:2c:98:50:df:b1:6f:66:33:35:33:
b3:e4:1f:c0:38:17:c1:79:78:b0:15:38:25:27:4e:
31:08:e9:97:b4:d1:51:af:c3:f0:14:57:f8:17:b1:
3f:b4:76:be:60:98:4c:d2:e2:b5:64:6e:77:fa:d8:
8c:ed:20:28:d0:95:2d:af:98:d7:c2:66:22:9a:b2:
f9:10:cd:8e:82:77:3a:d7:23:5a:08:80:4c:18:f7:
af:02:1b:ce:2a:e9:f4:7b:b6:02:d2:4c:b1:85:1a:
d8:ed:73:b5:4b:94:ae:95:af:5b:67:ed:4d:2d:10:
ef:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:11:45:86:FE:8F:27:1C:EF:E7:93:53:E8:95:2F:70:0E:52:1A:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:c00::/38
Signature Algorithm: sha256WithRSAEncryption
0c:cf:f6:2a:85:89:89:5d:88:fc:c2:12:5e:34:d4:0b:d1:cb:
00:4c:ed:e5:b4:3b:22:7f:b3:41:ce:79:7f:2e:9a:0a:cf:0f:
32:1d:47:24:4c:9c:bd:10:c4:3a:d6:ca:31:d5:a0:65:55:7a:
fe:3c:31:89:12:b8:e1:2a:18:16:dc:39:d9:26:ca:af:87:db:
eb:1b:39:eb:6e:02:70:6f:e3:a2:e4:c1:6a:cd:48:02:f9:16:
99:5f:07:d7:38:c0:56:60:8d:26:1e:7a:e1:a1:94:dd:6c:f2:
dc:28:bd:67:8e:76:a3:be:50:0f:67:f8:34:da:34:1e:1c:7c:
f8:7c:05:54:97:da:ad:55:b4:3e:44:7d:1a:ab:49:4a:6e:f0:
b2:05:fe:fe:f4:6e:15:b5:0f:90:f0:c9:f8:64:bf:6a:9f:c1:
a7:51:d6:e2:4d:20:95:22:7d:8b:29:7f:54:5e:67:e1:92:b2:
d9:d3:2a:f3:c6:9b:bb:c9:71:d7:a0:ee:1e:2a:42:bd:2e:cf:
48:1f:20:15:1f:e2:85:d5:34:6d:d8:5a:45:c8:2e:b0:d6:56:
e8:1c:b0:f6:24:ff:11:ea:1e:39:7e:1c:95:e3:82:ff:13:3b:
fd:d1:b1:ab:10:09:03:b1:c3:64:cd:50:78:39:47:7c:d3:68:
a2:96:22:bd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUElDx8xIFXF5xuBfqD8RJSEGivqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMDRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlNTYzMWQ5ZmUzNTRmNTA0YjU1ZDJhM2Y5MDhjNDYzY2YwNzY3NzcyMjIx
YjA0ODc1MGZmYTAyNjc3YTZjMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSBAR6j+zuzx6cI+GSBh/TK6ehZIsOppE34gxZaeETmE20nIbfkGoiS9EJI
x//yzt3Y1Ehcm0dKNF0iOZ7vwRma5zlMt14vXWGluzg+rFptBOXdLKHsaqoKQbfa
MDFKRZsodKFJSnqQWbe4kEY3bF0rYOCWA3dCwbtd3ot9atQQnkF/ppkAorAk8+Ms
mFDfsW9mMzUzs+QfwDgXwXl4sBU4JSdOMQjpl7TRUa/D8BRX+BexP7R2vmCYTNLi
tWRud/rYjO0gKNCVLa+Y18JmIpqy+RDNjoJ3OtcjWgiATBj3rwIbzirp9Hu2AtJM
sYUa2O1ztUuUrpWvW2ftTS0Q72cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTmEUWG
/o8nHO/nk1PolS9wDlIaKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I1ZWU0YzEtZGQzNi00OWE5LThiMDktODlkNThhYTgwMzVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEM
MA0GCSqGSIb3DQEBCwUAA4IBAQAMz/YqhYmJXYj8whJeNNQL0csATO3ltDsif7NB
znl/LpoKzw8yHUckTJy9EMQ61sox1aBlVXr+PDGJErjhKhgW3DnZJsqvh9vrGznr
bgJwb+Oi5MFqzUgC+RaZXwfXOMBWYI0mHnrhoZTdbPLcKL1njnajvlAPZ/g02jQe
HHz4fAVUl9qtVbQ+RH0aq0lKbvCyBf7+9G4VtQ+Q8Mn4ZL9qn8GnUdbiTSCVIn2L
KX9UXmfhkrLZ0yrzxpu7yXHXoO4eKkK9Ls9IHyAVH+KF1TRt2FpFyC6w1lboHLD2
JP8R6h45fhyV44L/Ezv90bGrEAkDscNkzVB4OUd802iiliK9
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:19:18 2026 by rpki-client