Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa
File: cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa (raw, json)
Hash identifier: SPXXc8CRd1RA28DBGKfCvzzb7Zpjx/zdly5cjA6/Mtg=
Subject key identifier: 93:A2:F3:40:8B:46:F4:F3:40:29:5C:B5:55:59:A7:B1:D1:29:E1:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 434F9940147E8580F0DC661685B2AF0684997143
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa
Signing time: Wed 25 Feb 2026 03:00:08 +0000
ROA not before: Wed 25 Feb 2026 03:00:08 +0000
ROA not after: Tue 26 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:4f:99:40:14:7e:85:80:f0:dc:66:16:85:b2:af:06:84:99:71:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 25 03:00:08 2026 GMT
Not After : May 26 23:59:59 2026 GMT
Subject: serialNumber=d23205007540eb28a49d34a5e71560accda4f220cbf0104bb384b466e027c52a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f5:a1:86:03:a6:ff:78:f9:3a:ce:5f:bd:15:
ba:68:6a:1f:df:8f:dd:b7:0d:62:f0:e3:4c:fb:fe:
e5:34:9b:1f:eb:c7:aa:38:90:42:05:c7:ce:30:56:
e9:ed:96:98:17:a8:e1:82:74:be:80:cd:af:33:8e:
06:e2:6b:9b:55:fd:98:4e:2c:97:57:45:55:01:08:
b7:29:05:68:e1:1a:5d:aa:77:49:d1:f4:38:d3:23:
5c:c6:6c:43:21:60:13:4c:e5:82:bc:f1:77:a9:b3:
5f:74:8c:41:57:b9:97:f1:77:0e:b5:45:01:38:d5:
cb:46:90:5d:43:35:b1:3f:0b:cb:54:5c:a8:c8:31:
fd:8e:2f:80:81:83:58:05:3f:cf:f2:56:ff:c4:5f:
84:a8:a4:18:1c:3d:19:61:ba:c0:64:c6:46:a7:6d:
62:8f:83:37:04:2b:9c:70:62:7e:48:34:b4:16:fa:
cc:97:ad:3c:5b:2d:8d:2a:bc:0a:33:2e:77:5a:de:
3c:61:06:b8:19:43:30:e2:ce:43:14:81:ff:5d:75:
06:41:60:cd:19:92:5e:9a:28:0b:ac:b1:17:49:29:
4d:bb:f4:76:cc:78:22:8e:90:db:9e:97:22:e8:86:
8b:b9:cb:a0:ea:a6:d8:d4:5f:30:f3:61:00:04:be:
be:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A2:F3:40:8B:46:F4:F3:40:29:5C:B5:55:59:A7:B1:D1:29:E1:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8000::/40
Signature Algorithm: sha256WithRSAEncryption
57:39:6c:ee:ef:63:5d:91:98:e5:61:5e:76:ab:1b:cf:f3:4a:
11:76:e4:f6:f9:98:90:c6:38:8b:1d:7e:02:34:0a:e0:00:fc:
e1:ac:73:3b:c6:32:a9:66:59:eb:d8:6e:af:93:e0:61:49:8c:
60:dd:0d:00:9e:37:2c:eb:e6:37:09:24:dd:ff:f3:0b:30:d8:
c8:d0:46:1e:2a:73:4a:d4:30:6f:dd:0d:83:26:73:eb:42:f8:
a5:20:d9:45:ae:52:e9:06:d3:a4:07:1d:64:ab:68:d6:d4:df:
93:9a:21:9f:d5:c0:af:cf:4e:4b:e0:52:0d:52:09:0d:84:b5:
1f:01:83:ea:a8:47:85:6d:08:9a:12:65:8b:0c:ae:7c:36:dd:
17:a0:60:d6:04:f0:1c:de:b7:47:44:1a:fe:fd:e1:25:fa:b8:
20:05:55:26:89:da:24:31:a9:e0:68:3f:d0:f8:8c:be:22:93:
55:00:e1:b0:6d:e9:ec:41:55:37:04:71:4f:68:43:c2:46:15:
4a:22:6b:8f:c0:e3:47:a2:96:55:7f:c8:14:01:a7:76:73:a3:
65:3d:9e:df:cc:59:ea:ea:22:fc:08:3c:20:62:a7:28:bb:60:
26:aa:e5:9b:9d:51:02:f8:53:13:72:3e:a3:0d:60:99:cd:3f:
59:a6:4a:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ0+ZQBR+hYDw3GYWhbKvBoSZcUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjUwMzAwMDhaFw0yNjA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyMzIwNTAwNzU0MGViMjhhNDlkMzRhNWU3MTU2MGFjY2RhNGYyMjBjYmYw
MTA0YmIzODRiNDY2ZTAyN2M1MmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJT1oYYDpv94+TrOX70VumhqH9+P3bcNYvDjTPv+5TSbH+vHqjiQQgXHzjBW
6e2WmBeo4YJ0voDNrzOOBuJrm1X9mE4sl1dFVQEItykFaOEaXap3SdH0ONMjXMZs
QyFgE0zlgrzxd6mzX3SMQVe5l/F3DrVFATjVy0aQXUM1sT8Ly1RcqMgx/Y4vgIGD
WAU/z/JW/8RfhKikGBw9GWG6wGTGRqdtYo+DNwQrnHBifkg0tBb6zJetPFstjSq8
CjMud1rePGEGuBlDMOLOQxSB/111BkFgzRmSXpooC6yxF0kpTbv0dsx4Io6Q256X
IuiGi7nLoOqm2NRfMPNhAAS+vicCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSTovNA
i0b080ApXLVVWaex0SnhHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y3ZTQ2NGQtNzdiYi00MzAyLWFhOWYtOTM5MDZhNWRjZGRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXOWzu72NdkZjlYV52qxvP80oRduT2+ZiQxjiL
HX4CNArgAPzhrHM7xjKpZlnr2G6vk+BhSYxg3Q0Anjcs6+Y3CSTd//MLMNjI0EYe
KnNK1DBv3Q2DJnPrQvilINlFrlLpBtOkBx1kq2jW1N+TmiGf1cCvz05L4FINUgkN
hLUfAYPqqEeFbQiaEmWLDK58Nt0XoGDWBPAc3rdHRBr+/eEl+rggBVUmidokMang
aD/Q+Iy+IpNVAOGwbensQVU3BHFPaEPCRhVKImuPwONHopZVf8gUAad2c6NlPZ7f
zFnq6iL8CDwgYqcou2AmquWbnVEC+FMTcj6jDWCZzT9Zpkrt
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:26 2026 by rpki-client