Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
File: cfca2455-b58e-43e0-a15f-276f8a5b527f.roa (raw, json)
Hash identifier: fW6vOsitjKA2dlaBC07Mm6dnVUWNSPhYJ1PuFHi9CBw=
Subject key identifier: 47:47:8C:C8:6D:59:34:E9:51:8C:BD:13:F7:7A:D3:C4:73:E9:86:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1279C35ACD89599980369A85950F99297BFA8E40
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
Signing time: Sat 28 Feb 2026 05:51:04 +0000
ROA not before: Sat 28 Feb 2026 05:51:04 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:79:c3:5a:cd:89:59:99:80:36:9a:85:95:0f:99:29:7b:fa:8e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:04 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5536cc4424c5c16d01389589d82769c077accbcf0b88ced98d54505373d949fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:05:85:31:20:f3:f9:80:90:a8:89:f1:9d:92:
a1:53:ef:77:7d:5c:1d:83:3b:64:7e:a1:2c:01:37:
c4:75:17:ef:6d:e8:80:be:0e:bf:2d:a2:64:d4:67:
9c:02:be:ff:49:be:1d:11:5a:5f:7f:07:1e:8b:c8:
c0:58:03:81:0d:3e:3d:1f:63:2b:c8:41:bf:d3:e2:
e0:79:35:f9:e3:8b:c2:f6:bb:50:f4:30:66:d2:18:
cf:6a:9d:b1:42:41:0f:44:33:ae:a3:39:a0:b2:34:
ed:6d:90:37:8b:dc:79:fd:96:0b:df:80:8a:34:85:
72:d3:fe:ef:2e:83:ae:f6:81:82:e0:68:5c:c5:e4:
e8:43:e7:a5:ed:f0:b2:fb:1b:b3:6f:3e:ec:33:31:
d1:45:ed:1c:06:10:6c:76:95:17:91:b5:6a:6e:08:
cb:e3:bc:c5:a2:db:ca:48:af:3b:2f:38:ba:6a:9c:
07:f7:ce:b4:75:0e:da:6b:bd:3e:82:10:83:1d:8f:
95:2a:19:da:0e:85:61:ba:2f:b3:05:ef:ee:b5:04:
22:a8:4e:ad:97:20:42:9b:e6:1a:da:35:02:80:a1:
b3:86:f4:98:27:43:7a:e5:83:7d:a8:b4:ab:3f:63:
b1:8d:24:12:17:41:b6:5b:69:3d:d5:2b:c5:73:49:
c0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:47:8C:C8:6D:59:34:E9:51:8C:BD:13:F7:7A:D3:C4:73:E9:86:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e040::/48
Signature Algorithm: sha256WithRSAEncryption
26:31:19:22:54:2a:40:fd:ad:c5:18:57:68:e6:bc:65:64:61:
41:74:91:fb:66:d8:95:c4:ea:74:8b:11:ae:3b:4a:f4:97:b6:
73:b1:03:3e:a0:24:bc:7d:c8:1d:5b:ce:91:5f:7b:ea:eb:05:
61:92:90:ef:dc:f3:44:9f:5a:37:42:1b:04:df:57:fb:45:6e:
97:b6:19:41:50:8f:b7:b4:f7:d6:13:3c:96:1a:0a:1d:a6:f8:
11:65:16:fa:4c:77:1e:90:3b:62:d6:12:1a:1c:5e:ee:0f:a8:
14:be:3f:8b:d1:84:e4:28:62:08:e4:94:c5:aa:b5:32:b4:86:
99:c5:6a:74:e5:fd:57:5c:ee:72:dd:12:94:77:8f:c7:85:74:
7b:c0:b9:f8:86:00:f9:51:78:25:08:24:99:ad:32:45:41:7d:
cd:ae:73:d4:4a:1f:d2:79:1c:76:fb:df:2a:1e:1c:ea:2f:1d:
76:3f:71:bb:ad:2d:83:61:c2:a2:52:d0:64:bb:f6:75:7b:1c:
69:82:de:ff:98:ac:9d:15:72:a5:d4:1a:c5:a9:1b:3e:3d:ce:
a1:33:8b:01:2c:df:76:85:19:76:63:1c:02:93:30:f6:5b:33:
c6:21:6f:ed:28:d4:21:56:dc:ea:19:08:d5:17:90:60:86:a3:
80:f9:41:92
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEnnDWs2JWZmANpqFlQ+ZKXv6jkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMDRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1MzZjYzQ0MjRjNWMxNmQwMTM4OTU4OWQ4Mjc2OWMwNzdhY2NiY2YwYjg4
Y2VkOThkNTQ1MDUzNzNkOTQ5ZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIQFhTEg8/mAkKiJ8Z2SoVPvd31cHYM7ZH6hLAE3xHUX723ogL4Ovy2iZNRn
nAK+/0m+HRFaX38HHovIwFgDgQ0+PR9jK8hBv9Pi4Hk1+eOLwva7UPQwZtIYz2qd
sUJBD0QzrqM5oLI07W2QN4vcef2WC9+AijSFctP+7y6DrvaBguBoXMXk6EPnpe3w
svsbs28+7DMx0UXtHAYQbHaVF5G1am4Iy+O8xaLbykivOy84umqcB/fOtHUO2mu9
PoIQgx2PlSoZ2g6FYbovswXv7rUEIqhOrZcgQpvmGto1AoChs4b0mCdDeuWDfai0
qz9jsY0kEhdBtltpPdUrxXNJwEMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRHR4zI
bVk06VGMvRP3etPEc+mGhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ZjYTI0NTUtYjU4ZS00M2UwLWExNWYtMjc2ZjhhNWI1MjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
QDANBgkqhkiG9w0BAQsFAAOCAQEAJjEZIlQqQP2txRhXaOa8ZWRhQXSR+2bYlcTq
dIsRrjtK9Je2c7EDPqAkvH3IHVvOkV976usFYZKQ79zzRJ9aN0IbBN9X+0Vul7YZ
QVCPt7T31hM8lhoKHab4EWUW+kx3HpA7YtYSGhxe7g+oFL4/i9GE5ChiCOSUxaq1
MrSGmcVqdOX9V1zuct0SlHePx4V0e8C5+IYA+VF4JQgkma0yRUF9za5z1Eof0nkc
dvvfKh4c6i8ddj9xu60tg2HColLQZLv2dXscaYLe/5isnRVypdQaxakbPj3OoTOL
ASzfdoUZdmMcApMw9lszxiFv7SjUIVbc6hkI1ReQYIajgPlBkg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:50:05 2026 by rpki-client