Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
File: cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa (raw, json)
Hash identifier: GLj0IaJ0fGTGaXd+S8MdxRL4jEY4T+d3fAG7GX1ty9Y=
Subject key identifier: 69:9B:3E:BA:E8:C1:66:1E:12:DE:7F:02:55:74:66:52:60:99:01:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1ECF100CBFF1A9CD1148CD4311C0E1AC9DA3047A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
Signing time: Sat 28 Feb 2026 05:41:04 +0000
ROA not before: Sat 28 Feb 2026 05:41:04 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:cf:10:0c:bf:f1:a9:cd:11:48:cd:43:11:c0:e1:ac:9d:a3:04:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:04 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f4bb69c143eb598f8427e4d3448050317d04bc40dcee3525418a8e225b706f91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:eb:bf:58:91:dc:36:5e:30:de:c0:22:e5:0e:
7c:c2:f1:b4:a6:d2:ab:51:15:5f:dd:bd:69:ed:47:
a2:c4:f0:79:92:53:e3:bb:06:2a:c3:78:ae:e7:6c:
6e:98:29:3a:19:93:2a:3a:e1:2b:9b:f4:48:4a:f7:
f2:f4:90:c3:fb:b1:86:52:fd:a0:a8:df:11:88:6a:
67:af:cf:52:fc:86:9d:8d:2b:25:70:9c:3b:2e:49:
a2:78:3a:b9:8d:2d:90:44:86:37:70:ba:d5:1d:05:
83:6c:bb:c3:56:8d:3c:6b:9a:3a:e3:e1:86:78:4a:
e7:04:69:66:f8:57:10:5f:d4:8f:bf:b7:9e:8e:c6:
ba:c7:d6:70:c4:6f:85:5b:6b:40:4a:e1:8d:50:ed:
21:ab:50:b4:50:3f:f1:29:3f:b4:c8:26:0f:cb:1a:
d8:c8:23:1d:ce:b7:b2:ab:a4:d8:36:fe:f1:bd:a4:
8c:cf:bd:93:fa:8a:41:95:f4:2d:db:d9:9d:b6:81:
48:87:d2:9f:b8:39:12:b7:d3:81:c5:d5:88:55:ae:
58:82:94:11:9a:ad:bf:a7:7a:b4:d3:07:60:4a:ce:
a6:48:90:01:5a:e2:83:73:9e:e4:0c:66:30:89:47:
a8:88:7b:bc:8d:b0:f1:c2:13:90:e3:c8:e5:f1:a6:
0f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9B:3E:BA:E8:C1:66:1E:12:DE:7F:02:55:74:66:52:60:99:01:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80a0::/48
Signature Algorithm: sha256WithRSAEncryption
15:7c:6e:af:72:3b:c0:07:60:be:19:ce:0f:47:a7:27:46:b3:
b9:9e:ae:8a:db:68:2b:63:62:84:98:0e:85:ee:3d:31:49:2f:
3c:6b:c5:38:7f:19:ce:ff:bc:5b:bc:ab:b7:83:60:75:c7:d9:
b7:6b:b2:2c:ac:2b:1d:cc:5d:35:cc:36:a5:e0:59:20:aa:54:
40:f2:7d:6c:9e:65:1d:05:1f:26:59:aa:0d:89:0b:f2:13:22:
4d:1b:cc:03:91:f0:83:19:40:60:02:cb:7c:18:a1:16:e1:5d:
03:ef:21:7e:f5:75:03:2d:19:8f:f3:25:8a:d8:ae:f1:27:ce:
2a:d1:ed:d0:97:5b:b3:62:a4:01:1a:12:46:e3:de:cb:ae:95:
47:1e:09:7e:92:67:b0:7c:34:bf:ca:b4:f7:06:e5:69:5a:c6:
cc:5d:ba:c6:b6:38:12:a8:3e:8c:67:94:2d:17:d9:14:0b:15:
7e:71:d9:e8:15:37:57:83:7a:73:62:18:71:a6:1d:29:31:b2:
9b:46:db:d4:93:0b:84:ed:32:0a:c9:2e:a9:62:5e:51:83:8b:
dd:67:41:30:98:e3:04:d5:d6:85:78:57:e0:a3:79:aa:82:9e:
7d:93:08:ff:36:d2:97:f6:fb:81:ab:1e:0e:fb:53:44:d9:6e:
ea:16:00:7f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHs8QDL/xqc0RSM1DEcDhrJ2jBHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMDRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YmI2OWMxNDNlYjU5OGY4NDI3ZTRkMzQ0ODA1MDMxN2QwNGJjNDBkY2Vl
MzUyNTQxOGE4ZTIyNWI3MDZmOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3rv1iR3DZeMN7AIuUOfMLxtKbSq1EVX929ae1HosTweZJT47sGKsN4ruds
bpgpOhmTKjrhK5v0SEr38vSQw/uxhlL9oKjfEYhqZ6/PUvyGnY0rJXCcOy5Jong6
uY0tkESGN3C61R0Fg2y7w1aNPGuaOuPhhnhK5wRpZvhXEF/Uj7+3no7GusfWcMRv
hVtrQErhjVDtIatQtFA/8Sk/tMgmD8sa2MgjHc63squk2Db+8b2kjM+9k/qKQZX0
LdvZnbaBSIfSn7g5ErfTgcXViFWuWIKUEZqtv6d6tNMHYErOpkiQAVrig3Oe5Axm
MIlHqIh7vI2w8cITkOPI5fGmD3UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpmz66
6MFmHhLefwJVdGZSYJkBXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y2YWMzZWYtODJmNS00YWJjLWEzNmUtNDA1Yjg2M2Y4ODRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
oDANBgkqhkiG9w0BAQsFAAOCAQEAFXxur3I7wAdgvhnOD0enJ0azuZ6uittoK2Ni
hJgOhe49MUkvPGvFOH8Zzv+8W7yrt4NgdcfZt2uyLKwrHcxdNcw2peBZIKpUQPJ9
bJ5lHQUfJlmqDYkL8hMiTRvMA5HwgxlAYALLfBihFuFdA+8hfvV1Ay0Zj/Mlitiu
8SfOKtHt0Jdbs2KkARoSRuPey66VRx4JfpJnsHw0v8q09wblaVrGzF26xrY4Eqg+
jGeULRfZFAsVfnHZ6BU3V4N6c2IYcaYdKTGym0bb1JMLhO0yCskuqWJeUYOL3WdB
MJjjBNXWhXhX4KN5qoKefZMI/zbSl/b7gaseDvtTRNlu6hYAfw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:50:06 2026 by rpki-client