Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd47a5a2-5bb4-4fe1-bd59-7f64ed4bfa2b.roa
File: cd47a5a2-5bb4-4fe1-bd59-7f64ed4bfa2b.roa (raw, json)
Hash identifier: 686aMj65Gif4yuzw4ny0G/4HhDKYeln7H5PVirmfgKo=
Subject key identifier: 04:0D:FC:4E:4C:EB:26:63:3B:95:D2:DE:67:6E:80:39:5E:52:AD:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 122A849A14E5A6C7C2AAF0B8F08D0BA6524D3CAB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd47a5a2-5bb4-4fe1-bd59-7f64ed4bfa2b.roa
Signing time: Wed 11 Feb 2026 01:30:31 +0000
ROA not before: Wed 11 Feb 2026 01:30:31 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:c020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:2a:84:9a:14:e5:a6:c7:c2:aa:f0:b8:f0:8d:0b:a6:52:4d:3c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:31 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=e469a7d20147019986d0555d32a35fd3c53790e29a916cc8bc0323f3aa79b64a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:56:85:b9:3e:b1:c4:46:dd:c3:8f:89:30:e4:
58:70:72:b8:d1:b7:f1:6e:5c:83:1f:cb:b4:65:40:
aa:6f:13:d6:93:d3:08:f2:fc:dc:71:bc:f6:9d:3b:
98:b7:e3:5f:79:b1:d4:a9:f5:e6:38:6b:68:8c:a3:
d6:1e:d1:30:b4:6b:b3:d1:c8:fc:d3:dc:42:95:de:
cd:0a:be:45:85:98:5c:c6:42:37:8a:48:4e:a7:07:
b6:8e:f1:6e:b0:62:b4:ff:54:eb:bd:16:5e:9d:36:
18:19:1a:0f:b2:26:35:3e:f4:a0:21:6e:b2:53:32:
56:8d:4a:dd:b0:cb:b5:66:b6:b8:16:58:2b:95:52:
8c:be:bc:cf:68:92:66:f6:ab:c9:01:46:13:0a:37:
f7:d7:bb:77:49:e7:24:46:d3:8d:5a:e4:92:41:e3:
1f:43:15:c3:20:c5:a7:47:87:2b:c1:b6:6d:8a:86:
90:42:15:4a:6c:da:d9:d2:c4:5e:fa:2d:25:8c:bd:
2d:9d:e5:1d:75:b7:8c:f3:2a:6c:7d:d3:a9:72:82:
62:e3:68:d5:ac:74:62:fe:1b:e0:c0:52:93:c0:9c:
f4:ee:67:09:1a:ab:29:0f:e3:ff:1b:ec:5a:27:f2:
9e:88:a3:8b:10:22:af:57:2e:eb:25:26:34:be:43:
5f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0D:FC:4E:4C:EB:26:63:3B:95:D2:DE:67:6E:80:39:5E:52:AD:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd47a5a2-5bb4-4fe1-bd59-7f64ed4bfa2b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:c020::/48
Signature Algorithm: sha256WithRSAEncryption
0a:09:da:04:af:11:01:e2:6e:58:b9:51:68:85:af:c3:d3:5d:
0f:3b:94:bb:f5:0f:1a:78:18:95:74:ae:bd:5b:b1:18:2d:d8:
af:ac:f8:cd:d0:be:0c:11:45:e4:0a:66:73:10:40:a6:77:8a:
b1:a3:7c:69:40:e4:75:94:5e:2d:62:32:47:63:d7:b6:bf:e3:
c8:8f:22:05:44:77:b0:27:2a:4e:4a:e4:2b:01:83:ea:8c:ba:
fa:f7:16:54:91:98:e4:c2:f0:dc:27:5a:6c:cd:d3:a2:ec:ed:
84:24:ed:88:46:31:50:89:d9:6a:d0:2c:0b:73:c4:7a:42:97:
b3:24:5a:9d:82:0f:0d:95:3a:a8:41:5e:dd:85:03:cb:15:7e:
06:17:37:3d:a2:6b:69:14:aa:76:e0:2c:fb:b8:9d:22:29:2b:
82:09:01:c4:b5:e4:3d:32:25:1f:71:70:1c:5e:69:72:d0:56:
d0:8f:ff:8f:1b:bc:66:18:1c:3f:a2:84:79:49:1f:3f:78:05:
b7:35:c8:81:54:11:e3:3d:f0:98:c1:0f:08:1e:ee:f7:18:d7:
37:01:29:f1:cd:4e:12:72:1a:6d:4e:49:cb:e2:5e:87:ab:2a:
7c:24:df:a2:cc:6d:83:f9:a2:3d:ca:b4:68:f6:ed:98:8d:03:
90:96:e7:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEiqEmhTlpsfCqvC48I0LplJNPKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwMzFaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NjlhN2QyMDE0NzAxOTk4NmQwNTU1ZDMyYTM1ZmQzYzUzNzkwZTI5YTkx
NmNjOGJjMDMyM2YzYWE3OWI2NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNWhbk+scRG3cOPiTDkWHByuNG38W5cgx/LtGVAqm8T1pPTCPL83HG89p07
mLfjX3mx1Kn15jhraIyj1h7RMLRrs9HI/NPcQpXezQq+RYWYXMZCN4pITqcHto7x
brBitP9U670WXp02GBkaD7ImNT70oCFuslMyVo1K3bDLtWa2uBZYK5VSjL68z2iS
ZvaryQFGEwo399e7d0nnJEbTjVrkkkHjH0MVwyDFp0eHK8G2bYqGkEIVSmza2dLE
XvotJYy9LZ3lHXW3jPMqbH3TqXKCYuNo1ax0Yv4b4MBSk8Cc9O5nCRqrKQ/j/xvs
WifynoijixAir1cu6yUmNL5DX5cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQEDfxO
TOsmYzuV0t5nboA5XlKtfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Q0N2E1YTItNWJiNC00ZmUxLWJkNTktN2Y2NGVkNGJmYTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GrA
IDANBgkqhkiG9w0BAQsFAAOCAQEACgnaBK8RAeJuWLlRaIWvw9NdDzuUu/UPGngY
lXSuvVuxGC3Yr6z4zdC+DBFF5ApmcxBApneKsaN8aUDkdZReLWIyR2PXtr/jyI8i
BUR3sCcqTkrkKwGD6oy6+vcWVJGY5MLw3CdabM3TouzthCTtiEYxUInZatAsC3PE
ekKXsyRanYIPDZU6qEFe3YUDyxV+Bhc3PaJraRSqduAs+7idIikrggkBxLXkPTIl
H3FwHF5pctBW0I//jxu8ZhgcP6KEeUkfP3gFtzXIgVQR4z3wmMEPCB7u9xjXNwEp
8c1OEnIabU5Jy+Jeh6sqfCTfosxtg/miPcq0aPbtmI0DkJbnLg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:22 2026 by rpki-client