Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
File: cd129ecb-5978-40fd-ada8-5ab27adcb622.roa (raw, json)
Hash identifier: o5mvx7NgPy2/3TLJ8w9PEroKx3CbBoeiMwWA4KN08Vk=
Subject key identifier: 6B:84:FB:64:C4:D9:90:70:0A:A1:70:E2:C9:3C:20:8C:55:31:B6:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4351836F4A015ED2E533E83842BCFBC73ED3AAF9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
Signing time: Sat 28 Feb 2026 06:10:32 +0000
ROA not before: Sat 28 Feb 2026 06:10:32 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:51:83:6f:4a:01:5e:d2:e5:33:e8:38:42:bc:fb:c7:3e:d3:aa:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:32 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7835d07ead0cbbb34234d150231027a2884689d86d14bb0a911d0a59c8453dd3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:37:53:a6:48:72:43:a2:c0:7a:73:62:8e:d9:
36:ce:52:8c:ab:a3:98:4b:68:28:ea:6e:1a:d6:7b:
20:81:07:26:b4:4e:89:43:9e:32:7b:3f:d4:76:a4:
9e:9c:5b:f3:b5:ee:9c:9e:ea:19:da:27:94:17:bf:
dd:9e:af:18:71:d7:8c:a5:a5:70:a7:df:30:71:39:
3d:ba:19:18:a8:6f:38:73:d3:b7:0b:76:21:d4:5e:
4e:89:fd:c3:5f:d5:60:19:f1:54:4c:81:67:a4:3d:
0f:14:15:9d:b2:39:f2:72:b9:fe:5c:c0:66:e0:b3:
54:e4:af:c5:0f:57:fc:9a:c6:2e:f9:a2:47:67:c1:
13:e4:e0:94:26:20:2f:a0:06:dc:27:d0:6c:9e:00:
7f:87:0a:b2:e4:16:84:41:a5:cb:84:3f:ab:e7:b7:
2a:90:22:ed:75:32:37:de:22:b2:00:7b:a0:a1:fe:
e3:77:4b:f4:b1:7a:c8:34:13:9c:4a:84:3e:e1:10:
47:94:fe:78:8d:f6:d7:fd:ce:15:e5:b2:0b:ba:ab:
d9:55:b9:c1:9a:6d:e4:1f:52:6c:28:72:10:6a:19:
ca:35:73:8f:7a:0e:f6:bf:d6:f1:97:aa:97:90:78:
b1:8e:1f:fe:78:b4:37:26:eb:ee:86:4f:72:a9:50:
61:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:84:FB:64:C4:D9:90:70:0A:A1:70:E2:C9:3C:20:8C:55:31:B6:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
00:2c:33:14:51:27:93:34:2f:04:14:bd:96:62:be:7a:95:52:
76:e7:0d:7d:d0:af:4f:06:9f:26:03:9f:b6:2f:75:bb:78:43:
50:38:48:d6:a8:cd:23:29:70:f4:7b:60:d7:ba:2d:e0:29:d3:
d3:d4:5c:92:1f:78:c8:f6:36:e6:aa:26:b2:9f:5b:0e:17:46:
8d:53:e8:db:97:94:c0:9f:fa:4a:d9:09:f0:de:a1:09:4c:fd:
e4:f0:e5:9c:65:39:e8:5e:0f:97:6b:48:09:c3:6a:56:14:91:
34:85:34:44:f8:63:89:56:19:f4:47:5d:49:84:b7:53:4b:ef:
dd:98:9f:26:b0:d0:7c:36:57:e0:6b:17:7d:ff:55:76:59:ca:
68:24:7f:52:81:5a:df:c4:67:8b:dd:98:df:8f:51:a9:77:d8:
9f:ce:cd:9d:6a:f2:ea:14:65:ef:f0:31:71:da:9f:83:c6:11:
78:07:14:1c:a6:63:8c:da:f5:41:70:d8:aa:09:5c:2c:41:64:
54:81:8d:0d:85:e0:f4:f7:d0:2a:f3:2a:dd:13:75:29:04:c5:
24:b2:0a:15:f6:ca:f9:4b:ea:c9:69:58:24:6e:33:94:0b:6f:
e0:a9:dd:9a:f3:14:2f:58:b9:df:ae:2e:25:60:30:68:a0:45:
fe:d1:80:b2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ1GDb0oBXtLlM+g4Qrz7xz7TqvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMzJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MzVkMDdlYWQwY2JiYjM0MjM0ZDE1MDIzMTAyN2EyODg0Njg5ZDg2ZDE0
YmIwYTkxMWQwYTU5Yzg0NTNkZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALI3U6ZIckOiwHpzYo7ZNs5SjKujmEtoKOpuGtZ7IIEHJrROiUOeMns/1Hak
npxb87XunJ7qGdonlBe/3Z6vGHHXjKWlcKffMHE5PboZGKhvOHPTtwt2IdReTon9
w1/VYBnxVEyBZ6Q9DxQVnbI58nK5/lzAZuCzVOSvxQ9X/JrGLvmiR2fBE+TglCYg
L6AG3CfQbJ4Af4cKsuQWhEGly4Q/q+e3KpAi7XUyN94isgB7oKH+43dL9LF6yDQT
nEqEPuEQR5T+eI321/3OFeWyC7qr2VW5wZpt5B9SbChyEGoZyjVzj3oO9r/W8Zeq
l5B4sY4f/ni0Nybr7oZPcqlQYaMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRrhPtk
xNmQcAqhcOLJPCCMVTG2oDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2QxMjllY2ItNTk3OC00MGZkLWFkYTgtNWFiMjdhZGNiNjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
wDANBgkqhkiG9w0BAQsFAAOCAQEAACwzFFEnkzQvBBS9lmK+epVSducNfdCvTwaf
JgOfti91u3hDUDhI1qjNIylw9Htg17ot4CnT09Rckh94yPY25qomsp9bDhdGjVPo
25eUwJ/6StkJ8N6hCUz95PDlnGU56F4Pl2tICcNqVhSRNIU0RPhjiVYZ9EddSYS3
U0vv3ZifJrDQfDZX4GsXff9VdlnKaCR/UoFa38Rni92Y349RqXfYn87NnWry6hRl
7/Axcdqfg8YReAcUHKZjjNr1QXDYqglcLEFkVIGNDYXg9PfQKvMq3RN1KQTFJLIK
FfbK+UvqyWlYJG4zlAtv4KndmvMUL1i5364uJWAwaKBF/tGAsg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:36 2026 by rpki-client