Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
File: cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa (raw, json)
Hash identifier: 7Bvo907jfky2PII+9cxvFsxdbonIG/YGoJavrYQ/i+U=
Subject key identifier: 10:BB:63:DE:77:5B:84:E2:A7:83:35:90:E9:B2:82:BC:BA:D2:84:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2789C10AEC4F48EA72E445950166A5DC3F847DF4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
Signing time: Thu 26 Feb 2026 02:00:08 +0000
ROA not before: Thu 26 Feb 2026 02:00:08 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:89:c1:0a:ec:4f:48:ea:72:e4:45:95:01:66:a5:dc:3f:84:7d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:00:08 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=dbbe3a1d79480c8258b3f477b85eabd4cd3c0fe322aed2e11909f2ed644b0c2f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:dc:05:6c:40:b6:c8:a7:9c:11:c7:ba:99:
05:84:dd:77:d9:2a:4f:45:ba:43:3d:c8:10:17:d4:
e9:5b:de:15:b0:4b:88:a5:aa:9b:5b:48:72:7e:8f:
23:a0:5f:7f:e4:e7:8f:91:6d:13:eb:02:d9:cc:a0:
9a:ca:48:3b:67:db:24:9c:f4:25:e9:c8:93:7d:93:
7e:94:e8:c2:e7:29:61:da:3d:51:6b:0a:d9:09:ab:
ee:c0:3f:48:d0:b5:f6:15:ba:d7:ae:b5:e6:cd:a5:
29:a9:7c:58:12:26:94:2e:23:1d:f3:61:8c:60:23:
6e:31:13:00:71:3e:a6:57:3e:ab:4a:a7:5a:29:cc:
f2:60:f8:66:0b:5a:d3:84:8c:8e:e7:93:fd:53:19:
a2:54:15:dc:35:a6:13:31:0f:2e:95:d3:f1:8c:de:
84:eb:d1:ee:71:a8:e6:97:b5:30:44:e7:21:5e:50:
bd:f7:25:cb:a2:af:22:d6:39:3f:90:a6:c9:e4:3e:
b5:e9:f8:5b:1c:c7:81:5b:89:b4:5c:ce:85:49:96:
cb:c0:32:8c:55:e5:0b:8d:5f:93:8b:44:3a:9f:aa:
b3:16:e5:a4:07:d2:01:05:8d:b0:0c:4a:db:4b:7f:
59:3c:a8:94:81:c6:e0:9c:39:ae:e2:8e:b7:54:de:
56:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:BB:63:DE:77:5B:84:E2:A7:83:35:90:E9:B2:82:BC:BA:D2:84:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:840::/48
Signature Algorithm: sha256WithRSAEncryption
ac:71:71:e9:53:6f:f1:8a:43:c0:0a:20:a5:3c:d0:9b:76:4b:
8a:a6:5f:61:76:0d:fb:c3:cd:e3:13:ae:4d:97:00:f8:fc:8a:
c9:f0:10:f4:e8:5a:ed:b9:3b:67:b9:62:dc:d1:2c:72:5a:89:
59:b3:d1:e6:07:c3:97:c5:c9:d7:a4:06:b2:81:ff:76:57:c3:
2a:48:3d:75:35:1e:cd:0f:0b:5b:c0:7c:49:ea:5b:56:db:54:
f0:62:1a:a9:26:c3:84:e3:36:54:1c:d9:29:fb:24:6a:e9:09:
31:15:d8:d7:4c:84:45:43:9c:ca:6e:48:dd:45:a3:d5:7e:65:
fb:aa:89:30:09:c9:90:b8:1a:cd:76:73:e2:81:f6:f0:0b:9b:
73:0c:7f:3f:0b:a7:18:62:70:35:98:7b:86:33:4d:66:25:8d:
c7:1d:02:e4:72:3f:28:42:30:cd:6a:04:e6:e7:ab:10:ec:ee:
cb:b8:d7:c0:be:ca:5d:62:6a:37:cd:ff:7f:0a:87:e3:ba:db:
13:3f:27:91:7d:09:36:f2:f1:98:59:d9:b4:b7:01:d4:f8:db:
6a:15:ae:6b:8d:4c:59:57:c0:33:ea:eb:7c:72:cc:78:76:eb:
09:eb:9e:dc:f9:c9:a1:57:2a:cd:db:51:bd:3b:7e:59:7e:59:
cf:b6:d0:67
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJ4nBCuxPSOpy5EWVAWal3D+EffQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjAwMDhaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiYmUzYTFkNzk0ODBjODI1OGIzZjQ3N2I4NWVhYmQ0Y2QzYzBmZTMyMmFl
ZDJlMTE5MDlmMmVkNjQ0YjBjMmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkg3AVsQLbIp5wRx7qZBYTdd9kqT0W6Qz3IEBfU6VveFbBLiKWqm1tIcn6P
I6Bff+Tnj5FtE+sC2cygmspIO2fbJJz0JenIk32TfpTowucpYdo9UWsK2Qmr7sA/
SNC19hW616615s2lKal8WBImlC4jHfNhjGAjbjETAHE+plc+q0qnWinM8mD4Zgta
04SMjueT/VMZolQV3DWmEzEPLpXT8YzehOvR7nGo5pe1METnIV5Qvfcly6KvItY5
P5CmyeQ+ten4WxzHgVuJtFzOhUmWy8AyjFXlC41fk4tEOp+qsxblpAfSAQWNsAxK
20t/WTyolIHG4Jw5ruKOt1TeVgkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQQu2Pe
d1uE4qeDNZDpsoK8utKE5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2MwYzM1N2MtNzBjNy00YTcxLWEzNGUtYmY2ZmQ4YTFkYzc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
QDANBgkqhkiG9w0BAQsFAAOCAQEArHFx6VNv8YpDwAogpTzQm3ZLiqZfYXYN+8PN
4xOuTZcA+PyKyfAQ9Oha7bk7Z7li3NEsclqJWbPR5gfDl8XJ16QGsoH/dlfDKkg9
dTUezQ8LW8B8SepbVttU8GIaqSbDhOM2VBzZKfskaukJMRXY10yERUOcym5I3UWj
1X5l+6qJMAnJkLgazXZz4oH28Aubcwx/PwunGGJwNZh7hjNNZiWNxx0C5HI/KEIw
zWoE5uerEOzuy7jXwL7KXWJqN83/fwqH47rbEz8nkX0JNvLxmFnZtLcB1PjbahWu
a41MWVfAM+rrfHLMeHbrCeue3PnJoVcqzdtRvTt+WX5Zz7bQZw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:43:58 2026 by rpki-client