Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa
File: dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa (raw, json)
Hash identifier: Oct57+TbRf+Dd08dIwPPXogBIHWrPJ9y8WEaFrgyyH4=
Subject key identifier: A0:B3:DC:28:EF:C1:96:24:B7:E7:9E:17:89:D6:98:88:5E:0D:85:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 266FCE208622B43EBAEBB4A8EDC46CB314C30A20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa
Signing time: Sat 28 Feb 2026 06:10:47 +0000
ROA not before: Sat 28 Feb 2026 06:10:47 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:6f:ce:20:86:22:b4:3e:ba:eb:b4:a8:ed:c4:6c:b3:14:c3:0a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:47 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=6463f80e3922187cbe598f6f38253d3a528340f60a96177035cf841960e8a810, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:92:84:e7:bc:2b:c4:f5:33:5e:3a:5f:8f:cb:
a4:9d:f6:89:8f:d5:ce:36:2f:1d:ad:25:54:fa:70:
f9:2e:96:28:f7:d3:8a:b6:b5:2c:f0:fe:35:42:3b:
f9:02:83:8a:50:0c:6d:54:16:4f:30:d0:b1:1f:88:
d1:30:25:28:a6:92:2a:20:94:d1:ef:22:18:9c:94:
17:82:62:e5:74:67:87:c8:0a:7d:5a:7b:30:30:e5:
14:3b:98:35:61:c9:dc:55:d5:4f:13:67:bd:42:4e:
e4:e5:e9:26:5d:2d:cc:70:53:b7:0e:e0:b9:a9:05:
9f:d7:e2:3e:0e:90:62:f6:e8:b9:cc:d8:5e:43:9c:
8f:a8:98:98:97:e8:1c:41:67:e4:2a:eb:16:bc:6e:
60:9c:b2:28:89:dc:c1:7c:c6:c2:10:54:f8:4e:44:
c5:23:03:1e:99:28:af:c2:de:c6:53:90:d0:b4:c7:
8e:d0:03:52:57:dc:09:a0:5c:1b:a4:ed:5c:2c:90:
3f:3d:44:46:f3:5d:62:72:28:d1:47:5a:5c:56:5c:
2f:de:32:63:cd:e4:0c:5a:b2:c9:6b:31:57:2c:d3:
03:f7:c2:79:44:33:1d:45:aa:b7:04:91:a8:29:68:
5c:24:2e:5d:2c:6b:e4:2d:e7:e7:57:45:9d:76:76:
28:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B3:DC:28:EF:C1:96:24:B7:E7:9E:17:89:D6:98:88:5E:0D:85:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9040::/48
Signature Algorithm: sha256WithRSAEncryption
17:02:9d:e7:e0:06:d7:32:27:f9:a1:51:eb:6c:52:d7:a2:39:
78:0f:31:93:25:8b:2f:38:0d:f4:3a:97:c6:36:02:42:40:47:
0b:c4:ac:24:d5:7f:28:7c:e7:e0:78:c1:e2:ee:27:63:b1:f6:
36:34:76:bc:36:8a:1c:0f:3c:c3:36:67:23:a1:d1:b4:eb:cb:
25:41:51:d1:05:39:18:c8:14:9b:03:f8:2e:c1:23:42:2d:cf:
8e:b2:dc:b0:0c:5f:9a:4a:50:ba:67:39:92:3b:8e:cc:7f:66:
cf:4b:11:6b:bf:d1:49:04:7d:36:49:dd:08:48:76:6c:d4:ee:
b9:8b:ca:33:32:83:1b:4e:00:a2:f2:85:c7:19:ae:b5:4b:18:
d7:5a:8c:4d:4d:c7:c2:b0:b4:24:c0:f4:32:0b:48:d0:ee:a0:
17:25:aa:0f:e9:4e:76:3f:1d:1d:cf:df:08:22:67:ff:91:26:
4b:cc:2d:1e:41:9d:8e:eb:1c:0d:b9:12:af:a6:c5:12:e7:cd:
5b:f6:f7:b4:8b:a4:44:50:0e:dc:fe:a6:70:81:96:22:16:a5:
91:c5:b4:73:48:06:cf:37:62:47:85:bd:22:39:65:0c:d7:13:
ff:9d:80:10:4d:93:46:dd:0d:64:d4:e9:08:52:4d:d7:1c:aa:
5c:cc:47:65
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJm/OIIYitD6667So7cRssxTDCiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0NjNmODBlMzkyMjE4N2NiZTU5OGY2ZjM4MjUzZDNhNTI4MzQwZjYwYTk2
MTc3MDM1Y2Y4NDE5NjBlOGE4MTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaShOe8K8T1M146X4/LpJ32iY/VzjYvHa0lVPpw+S6WKPfTira1LPD+NUI7
+QKDilAMbVQWTzDQsR+I0TAlKKaSKiCU0e8iGJyUF4Ji5XRnh8gKfVp7MDDlFDuY
NWHJ3FXVTxNnvUJO5OXpJl0tzHBTtw7guakFn9fiPg6QYvbouczYXkOcj6iYmJfo
HEFn5CrrFrxuYJyyKIncwXzGwhBU+E5ExSMDHpkor8LexlOQ0LTHjtADUlfcCaBc
G6TtXCyQPz1ERvNdYnIo0UdaXFZcL94yY83kDFqyyWsxVyzTA/fCeUQzHUWqtwSR
qCloXCQuXSxr5C3n51dFnXZ2KGsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSgs9wo
78GWJLfnnheJ1piIXg2FqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMwYWFiNGUtOWRiYy00YjY4LTkzOGQtODAyMDJlM2QwYmQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAFwKd5+AG1zIn+aFR62xS16I5eA8xkyWLLzgN
9DqXxjYCQkBHC8SsJNV/KHzn4HjB4u4nY7H2NjR2vDaKHA88wzZnI6HRtOvLJUFR
0QU5GMgUmwP4LsEjQi3PjrLcsAxfmkpQumc5kjuOzH9mz0sRa7/RSQR9NkndCEh2
bNTuuYvKMzKDG04AovKFxxmutUsY11qMTU3HwrC0JMD0MgtI0O6gFyWqD+lOdj8d
Hc/fCCJn/5EmS8wtHkGdjuscDbkSr6bFEufNW/b3tIukRFAO3P6mcIGWIhalkcW0
c0gGzzdiR4W9IjllDNcT/52AEE2TRt0NZNTpCFJN1xyqXMxHZQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:01:00 2026 by rpki-client