Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json)
Hash identifier: UrWlDf2eNHllPjVuSZYBlzun9QOfMIFvoQp/01RFVWI=
Subject key identifier: DD:08:CC:49:CE:5E:CA:99:0C:95:CD:5E:2B:B4:53:19:28:AA:0C:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CB8F554D14A391A4838FBB3E07A3241A16063B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
Signing time: Sat 28 Feb 2026 05:30:57 +0000
ROA not before: Sat 28 Feb 2026 05:30:57 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:b8:f5:54:d1:4a:39:1a:48:38:fb:b3:e0:7a:32:41:a1:60:63:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:57 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=a78eaabf2fc50bdeb2836de15773b36a69aa3edb200fe2fa03394ba70982660a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:67:ad:9e:01:a1:c5:fc:ce:29:23:70:f0:f9:
9a:66:dd:ae:fc:46:ac:f6:06:c3:03:79:e9:2d:43:
a8:5b:36:1d:16:43:fb:24:c5:66:80:a4:54:30:3f:
5e:c8:1f:29:89:5c:e5:ad:c4:bc:17:93:1e:57:4f:
51:e4:30:6c:df:05:92:52:b3:1d:f7:e6:a2:80:f0:
01:0d:93:cc:3f:e0:4a:15:e6:64:4d:1c:0d:11:dd:
d5:6e:eb:42:b6:ab:74:75:fa:56:21:3c:98:d3:03:
94:74:ae:74:bb:33:50:d4:6a:7d:8e:d7:03:c1:f0:
7d:cc:57:f4:65:51:4f:b9:ca:b2:31:44:cd:36:c4:
e4:14:51:97:58:2c:cb:f1:51:49:08:02:da:64:0d:
db:0c:94:a1:06:0b:e5:8a:74:ed:f7:ec:71:63:13:
0c:50:62:7f:fa:77:e3:e6:fc:4a:ee:2e:08:0d:b9:
5d:33:a0:ce:27:40:aa:dd:89:f9:b8:b5:4e:47:8c:
b0:63:25:0b:c9:18:8f:a5:4c:da:55:19:1b:60:09:
f2:cd:a3:55:c7:6b:2c:f3:12:99:fe:1f:50:16:c1:
a5:b9:61:b1:24:a0:e2:01:e3:10:00:e5:a4:eb:37:
66:1d:d5:10:f8:e8:ea:96:e3:ae:05:79:50:7a:6e:
05:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:08:CC:49:CE:5E:CA:99:0C:95:CD:5E:2B:B4:53:19:28:AA:0C:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
3b:23:b7:2b:6e:8f:60:af:44:ca:65:ab:0d:e5:9d:b1:74:3a:
d1:03:84:f4:3a:a1:17:7e:23:fb:c8:15:b8:66:52:d0:f6:8f:
ab:6b:94:50:ff:e4:d4:c5:ba:c8:bc:6a:dd:2b:d0:df:77:90:
eb:a0:a0:3e:96:d6:e0:f8:bb:15:43:7d:1a:6f:9c:e3:ca:30:
03:22:6f:3e:aa:b9:a2:c4:4b:5c:2c:af:a8:40:a9:61:13:22:
26:a1:f3:f1:d3:68:98:2f:40:4d:58:16:fc:59:af:5e:a3:5d:
98:04:31:a1:de:b8:f3:8e:2b:40:84:1b:bf:13:0a:79:2e:62:
e6:bb:61:7b:c3:ff:c4:d3:eb:11:be:75:c8:ea:1d:b4:fb:1b:
6a:5c:27:5e:47:6c:c0:84:23:3e:07:ff:54:50:89:09:1e:95:
a9:b5:76:e9:86:45:ad:fb:6b:81:90:87:ca:e1:7e:11:2b:d2:
45:d2:c5:6a:6b:b7:40:38:d7:56:d5:5e:9c:16:7c:2e:1c:c1:
6a:2c:b1:cb:53:52:41:8b:3d:42:61:cb:05:b5:ef:f3:a6:f9:
93:06:6f:b7:c4:a9:2b:32:33:a4:de:af:ef:2d:fc:e1:a6:b8:
6c:ec:a4:a0:c6:d3:51:4b:97:f4:1d:5b:8d:88:88:c4:c9:da:
1d:aa:ad:30
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDLj1VNFKORpIOPuz4HoyQaFgY7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwNTdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3OGVhYWJmMmZjNTBiZGViMjgzNmRlMTU3NzNiMzZhNjlhYTNlZGIyMDBm
ZTJmYTAzMzk0YmE3MDk4MjY2MGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBnrZ4BocX8zikjcPD5mmbdrvxGrPYGwwN56S1DqFs2HRZD+yTFZoCkVDA/
XsgfKYlc5a3EvBeTHldPUeQwbN8FklKzHffmooDwAQ2TzD/gShXmZE0cDRHd1W7r
QrardHX6ViE8mNMDlHSudLszUNRqfY7XA8HwfcxX9GVRT7nKsjFEzTbE5BRRl1gs
y/FRSQgC2mQN2wyUoQYL5Yp07ffscWMTDFBif/p34+b8Su4uCA25XTOgzidAqt2J
+bi1TkeMsGMlC8kYj6VM2lUZG2AJ8s2jVcdrLPMSmf4fUBbBpblhsSSg4gHjEADl
pOs3Zh3VEPjo6pbjrgV5UHpuBbcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTdCMxJ
zl7KmQyVzV4rtFMZKKoMqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
0DANBgkqhkiG9w0BAQsFAAOCAQEAOyO3K26PYK9EymWrDeWdsXQ60QOE9DqhF34j
+8gVuGZS0PaPq2uUUP/k1MW6yLxq3SvQ33eQ66CgPpbW4Pi7FUN9Gm+c48owAyJv
Pqq5osRLXCyvqECpYRMiJqHz8dNomC9ATVgW/FmvXqNdmAQxod64844rQIQbvxMK
eS5i5rthe8P/xNPrEb51yOodtPsbalwnXkdswIQjPgf/VFCJCR6VqbV26YZFrftr
gZCHyuF+ESvSRdLFamu3QDjXVtVenBZ8LhzBaiyxy1NSQYs9QmHLBbXv86b5kwZv
t8SpKzIzpN6v7y384aa4bOykoMbTUUuX9B1bjYiIxMnaHaqtMA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:31 2026 by rpki-client