Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1d8b868-c959-421c-83d1-d5235f6ed47e.roa
File: f1d8b868-c959-421c-83d1-d5235f6ed47e.roa (raw, json)
Hash identifier: y5pad07MxhJbBIuitmFcL4g0mPAHaWy5BWX9xF4WfPU=
Subject key identifier: BD:10:1A:2C:70:7A:2C:D9:71:33:4A:C8:E5:E9:76:D5:1F:22:05:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5734E81CD7C5C0778D71D7201117C04400CC725A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1d8b868-c959-421c-83d1-d5235f6ed47e.roa
Signing time: Fri 06 Feb 2026 00:40:08 +0000
ROA not before: Fri 06 Feb 2026 00:40:08 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:34:e8:1c:d7:c5:c0:77:8d:71:d7:20:11:17:c0:44:00:cc:72:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:40:08 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=8bf68106ee50f7ceae163b6ecda9dd0ad69103f108430765102587de917f3f4d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:68:20:25:f3:84:df:44:f5:80:d2:cd:b0:52:
00:b9:ee:0f:15:a8:1c:0f:2c:5f:4c:f8:e1:86:b5:
a4:d3:2c:ee:cd:c9:2d:4c:06:a4:8e:73:1a:af:0b:
31:24:75:a6:a2:81:c8:76:38:60:4a:aa:7e:95:3f:
52:1a:08:c7:c4:8d:fb:0c:16:c9:a7:6a:b9:f0:57:
01:1e:e4:62:b3:4d:a1:1a:9d:f6:c2:6b:67:22:e7:
c4:a5:48:a0:50:38:e7:0e:f4:dd:52:7e:4d:8a:03:
0f:d0:0f:12:91:0d:ef:2e:db:b5:49:7a:cc:3d:f9:
d5:1c:a8:93:9a:c3:8c:4a:e3:79:60:7a:f1:0f:7e:
34:8b:49:ef:6c:aa:ba:8d:04:6b:af:9c:59:e0:24:
bd:1c:ae:95:11:e7:db:78:16:84:bc:0f:7a:e4:26:
e3:88:30:53:b3:ae:2e:3c:27:59:95:55:f3:db:af:
d2:4e:dc:13:17:02:63:69:e2:82:b5:16:cc:f6:a5:
d4:e6:a0:88:24:4c:08:5a:f8:be:22:b2:a3:b8:94:
9a:d3:9b:61:42:52:53:8c:19:ba:c2:cb:ea:08:b0:
02:a7:79:1a:1c:f3:71:39:d0:bd:26:61:b0:7f:3d:
6e:16:4d:1a:df:6f:5c:2c:70:f2:48:52:4a:0d:d8:
a7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:10:1A:2C:70:7A:2C:D9:71:33:4A:C8:E5:E9:76:D5:1F:22:05:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1d8b868-c959-421c-83d1-d5235f6ed47e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
59:95:25:16:9d:ef:72:7f:e6:bb:f4:2f:88:2e:05:c2:4b:2c:
fd:2a:36:c7:18:20:06:8f:88:d8:0e:db:be:b7:28:81:e1:78:
75:9d:f5:93:ce:c0:2e:cc:fc:7a:44:43:73:e3:c6:23:b0:8a:
2f:1c:d3:47:a4:a8:ea:4b:a1:d6:d0:92:1d:bf:e9:3f:a7:92:
7f:33:fe:bc:66:d4:00:7b:4d:03:11:54:ee:16:b5:9b:a8:26:
8d:60:dc:6a:d3:c7:9c:fe:d5:e3:9c:d0:d1:c7:4f:e7:b7:f7:
ec:9e:a9:9a:ef:7d:e6:b8:34:ff:24:ce:67:a4:f8:80:c7:b2:
9a:23:78:d1:b3:39:a0:d4:4c:46:8d:ef:f3:8d:65:30:2e:1b:
ad:9e:b5:f5:b4:54:a6:17:e8:1e:37:4b:38:f2:03:1c:44:82:
91:7d:21:d5:81:e4:c4:8e:21:4f:b1:72:df:55:78:da:e2:f1:
9b:14:c6:57:75:3d:5d:bb:c0:42:37:ad:3e:80:22:c8:aa:ec:
d9:eb:c5:97:fb:0c:6f:e4:05:06:e1:e1:ad:65:06:99:11:d3:
c3:6f:9e:2e:0c:fc:b6:eb:01:bc:b6:24:48:bd:5d:db:50:57:
79:62:8a:cf:5e:bd:f9:78:24:e0:b1:23:72:08:82:6d:cf:39:
9d:96:6d:13
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVzToHNfFwHeNcdcgERfARADMclowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDQwMDhaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiZjY4MTA2ZWU1MGY3Y2VhZTE2M2I2ZWNkYTlkZDBhZDY5MTAzZjEwODQz
MDc2NTEwMjU4N2RlOTE3ZjNmNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZoICXzhN9E9YDSzbBSALnuDxWoHA8sX0z44Ya1pNMs7s3JLUwGpI5zGq8L
MSR1pqKByHY4YEqqfpU/UhoIx8SN+wwWyadqufBXAR7kYrNNoRqd9sJrZyLnxKVI
oFA45w703VJ+TYoDD9APEpEN7y7btUl6zD351Ryok5rDjErjeWB68Q9+NItJ72yq
uo0Ea6+cWeAkvRyulRHn23gWhLwPeuQm44gwU7OuLjwnWZVV89uv0k7cExcCY2ni
grUWzPal1OagiCRMCFr4viKyo7iUmtObYUJSU4wZusLL6giwAqd5GhzzcTnQvSZh
sH89bhZNGt9vXCxw8khSSg3Yp+0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS9EBos
cHos2XEzSsjl6XbVHyIFHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjFkOGI4NjgtYzk1OS00MjFjLTgzZDEtZDUyMzVmNmVkNDdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
wDANBgkqhkiG9w0BAQsFAAOCAQEAWZUlFp3vcn/mu/QviC4Fwkss/So2xxggBo+I
2A7bvrcogeF4dZ31k87ALsz8ekRDc+PGI7CKLxzTR6So6kuh1tCSHb/pP6eSfzP+
vGbUAHtNAxFU7ha1m6gmjWDcatPHnP7V45zQ0cdP57f37J6pmu995rg0/yTOZ6T4
gMeymiN40bM5oNRMRo3v841lMC4brZ619bRUphfoHjdLOPIDHESCkX0h1YHkxI4h
T7Fy31V42uLxmxTGV3U9XbvAQjetPoAiyKrs2evFl/sMb+QFBuHhrWUGmRHTw2+e
Lgz8tusBvLYkSL1d21BXeWKKz169+Xgk4LEjcgiCbc85nZZtEw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:59 2026 by rpki-client