Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa
File: cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa (raw, json)
Hash identifier: 8IC02hzaLUrHzWZeYX33SeLHKyJrA8K17LO3x64Expo=
Subject key identifier: BD:FC:C4:0C:26:E0:36:BE:38:1C:E5:21:31:11:25:7C:B4:61:EA:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F0D857566AEF300F6D2B7C2FCD92A9495A9AEED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa
Signing time: Sat 28 Feb 2026 06:10:32 +0000
ROA not before: Sat 28 Feb 2026 06:10:32 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:0d:85:75:66:ae:f3:00:f6:d2:b7:c2:fc:d9:2a:94:95:a9:ae:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:32 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=88f62fba6fb64e52ed5a80cf749b270a485968c1b6349ccab517653f7ab889e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:c0:5f:7d:82:a0:b2:61:76:15:bc:04:8b:92:
8e:ac:35:72:d6:35:cd:90:46:89:69:57:7f:72:15:
cb:4b:66:aa:e3:e8:60:dc:00:97:18:65:e9:31:65:
7c:82:0c:46:80:86:27:aa:e2:a3:1d:87:5b:f2:0e:
35:19:39:ca:23:b5:53:03:cd:47:89:ea:64:69:5b:
b9:81:61:81:84:0a:d8:1b:cc:25:fe:02:6b:d2:56:
28:60:70:95:d6:08:8d:cf:6e:6e:ec:90:70:8b:06:
4b:9e:dd:18:1d:fb:64:fa:36:fe:00:8e:f6:39:f8:
72:cd:53:97:61:f7:75:18:78:03:8b:ed:8e:63:a6:
2b:5d:e4:7a:e4:17:31:68:a2:2d:bb:a9:d4:43:6d:
6c:e5:55:37:b9:0f:ed:6e:2b:a7:44:ef:dd:17:37:
a2:64:35:52:bd:fb:dd:4c:c7:d6:c2:68:9e:2d:83:
6c:b5:6c:c9:5b:0f:ee:56:3a:08:58:5a:6c:2d:38:
3e:28:7c:46:e4:e4:51:9f:cd:09:de:a1:03:6b:15:
4d:a4:b8:84:80:5a:5f:7b:fc:18:1a:5f:cb:c3:ce:
ad:1d:2f:f3:c2:99:87:0a:74:fa:ee:cb:ed:da:20:
5a:02:2b:15:6a:eb:1e:48:7f:29:6b:72:4d:6b:d3:
f5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FC:C4:0C:26:E0:36:BE:38:1C:E5:21:31:11:25:7C:B4:61:EA:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:8b:a1:30:93:e6:2f:85:a1:56:d8:3a:5c:35:79:46:fa:a8:
27:1d:e7:8e:ff:60:73:2e:c8:6c:79:62:75:ef:f5:de:f2:ac:
3a:be:3c:73:e6:97:3a:dd:2d:9b:65:81:54:72:cb:66:eb:e3:
43:d7:bf:cb:c2:f8:dd:62:b2:b2:f7:db:f6:d0:54:8a:2d:aa:
14:4c:98:04:46:02:49:b3:53:2d:8d:67:c0:c3:89:45:c6:fe:
b4:72:5c:b3:21:36:a8:64:42:ce:91:4f:f4:75:d3:f3:1f:d8:
20:ef:89:e4:86:71:e5:6d:3f:2e:12:c8:4b:a6:d4:45:30:4f:
cf:5d:e0:a6:78:c8:31:c0:7a:d3:52:4a:b8:41:ba:14:cb:fe:
9e:47:8a:df:97:d8:96:48:e8:bb:24:e7:fa:71:1f:cc:6f:23:
b0:b8:a7:aa:06:95:f9:f4:72:6f:87:e7:8a:b0:dc:38:58:02:
82:40:a8:de:8c:cd:05:a9:dd:c1:13:9a:87:79:a1:d4:99:1d:
c0:df:90:e7:56:71:31:72:1a:97:19:e7:36:9b:20:a3:03:2e:
08:4a:12:85:ef:5d:f9:81:68:b8:71:3f:52:1b:7e:71:37:a2:
09:a5:81:ea:17:c0:3f:73:6b:d7:a8:50:d5:2f:9e:8b:b0:d0:
32:9d:7c:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDw2FdWau8wD20rfC/NkqlJWpru0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMzJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ZjYyZmJhNmZiNjRlNTJlZDVhODBjZjc0OWIyNzBhNDg1OTY4YzFiNjM0
OWNjYWI1MTc2NTNmN2FiODg5ZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPLAX32CoLJhdhW8BIuSjqw1ctY1zZBGiWlXf3IVy0tmquPoYNwAlxhl6TFl
fIIMRoCGJ6riox2HW/IONRk5yiO1UwPNR4nqZGlbuYFhgYQK2BvMJf4Ca9JWKGBw
ldYIjc9ubuyQcIsGS57dGB37ZPo2/gCO9jn4cs1Tl2H3dRh4A4vtjmOmK13keuQX
MWiiLbup1ENtbOVVN7kP7W4rp0Tv3Rc3omQ1Ur373UzH1sJoni2DbLVsyVsP7lY6
CFhabC04Pih8RuTkUZ/NCd6hA2sVTaS4hIBaX3v8GBpfy8POrR0v88KZhwp0+u7L
7dogWgIrFWrrHkh/KWtyTWvT9csCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS9/MQM
JuA2vjgc5SExESV8tGHq7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I4ZjRmMzctZmVjZC00YmM2LThlZGMtODBiZTlmMmZiZWRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DrA
MA0GCSqGSIb3DQEBCwUAA4IBAQCzi6Ewk+YvhaFW2DpcNXlG+qgnHeeO/2BzLshs
eWJ17/Xe8qw6vjxz5pc63S2bZYFUcstm6+ND17/LwvjdYrKy99v20FSKLaoUTJgE
RgJJs1MtjWfAw4lFxv60clyzITaoZELOkU/0ddPzH9gg74nkhnHlbT8uEshLptRF
ME/PXeCmeMgxwHrTUkq4QboUy/6eR4rfl9iWSOi7JOf6cR/MbyOwuKeqBpX59HJv
h+eKsNw4WAKCQKjejM0Fqd3BE5qHeaHUmR3A35DnVnExchqXGec2myCjAy4IShKF
7135gWi4cT9SG35xN6IJpYHqF8A/c2vXqFDVL56LsNAynXyB
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:57 2026 by rpki-client