Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
File: f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa (raw, json)
Hash identifier: W4YhtdEY0reoEIpfEiNv/ecd40q+IDWx6Q3AcJA0CSY=
Subject key identifier: 46:B6:9E:23:00:4B:1B:81:2C:62:A6:59:0A:A2:4E:CB:4F:0E:F8:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D41BC545795806736A4FC0E6634B0BCEF89BA7F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
Signing time: Sat 28 Feb 2026 05:20:05 +0000
ROA not before: Sat 28 Feb 2026 05:20:05 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:41:bc:54:57:95:80:67:36:a4:fc:0e:66:34:b0:bc:ef:89:ba:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:05 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e91e37b4694c6e565b722a5cd0f952e56f51b156fbb057f2d77962bd0c594f3b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:08:fc:9a:fa:ef:83:45:e8:44:2d:9d:48:a5:
be:a5:8c:fa:93:a0:91:25:55:27:c8:8f:62:29:80:
21:31:6c:0f:ac:5d:b1:d9:17:87:39:c8:b5:c6:74:
3f:8d:31:c7:15:a1:ba:82:7b:23:b9:3e:09:0b:bc:
d0:69:f3:b4:a7:20:c9:6b:1c:9c:ee:fe:b6:5b:bb:
a1:ce:83:32:87:54:d4:45:e7:18:df:a5:71:03:2e:
14:6a:0d:c0:6d:23:f9:5b:c0:52:5c:b9:bf:f2:5c:
9f:bb:a5:90:63:49:9a:2f:3f:fb:91:07:69:cc:6d:
01:af:5f:a4:72:9c:e2:22:8e:bf:1d:77:30:80:31:
df:58:94:24:41:b9:df:19:ec:e0:72:7f:a0:95:ea:
b3:dc:08:48:d2:60:1f:a6:85:d9:a4:d7:60:17:63:
62:e8:1e:18:1e:ce:24:50:4f:cb:43:a3:94:99:b4:
00:0c:3e:2b:55:90:9a:99:e9:cd:5d:31:c8:18:c0:
a6:b2:cd:b0:1b:56:9e:74:e5:df:f9:a0:84:2f:e6:
df:c2:76:78:db:c3:8f:87:19:cf:6b:35:a3:bd:a2:
25:b4:cd:a6:05:e3:56:d0:4f:f9:a8:23:bc:84:9d:
99:d9:7c:94:ee:48:cb:f2:d2:5b:cb:f6:47:9a:26:
81:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:B6:9E:23:00:4B:1B:81:2C:62:A6:59:0A:A2:4E:CB:4F:0E:F8:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6040::/48
Signature Algorithm: sha256WithRSAEncryption
52:4b:7b:ba:98:8b:ac:4e:16:de:92:14:09:cd:35:69:12:f8:
11:f4:7a:0d:52:a6:5e:96:87:1e:2d:2f:94:66:74:cb:bc:23:
37:c6:7a:cf:c6:c2:23:b3:c8:4d:84:f3:da:38:e8:a8:cb:6b:
99:42:da:9c:ba:d0:6a:89:45:27:88:9b:c9:e4:f7:04:73:01:
99:dd:07:0f:0a:23:64:a5:cb:af:60:6e:ab:09:71:96:29:c3:
4b:0c:e3:58:0e:26:08:66:59:c1:43:56:51:02:a5:5c:84:78:
6c:15:d4:c5:b9:86:39:aa:2f:b5:63:1e:16:22:65:c6:50:82:
71:76:13:27:ae:28:f8:85:4a:c4:0e:51:71:d7:fe:ef:73:7f:
ed:29:de:48:4a:b3:3c:20:fb:16:51:60:09:61:14:d6:4b:46:
4a:72:e2:bb:2a:54:2e:2b:6c:ba:69:83:c7:21:bc:e2:83:71:
fc:67:64:1a:74:91:f8:2c:43:a3:a2:c9:30:a4:dd:f5:ba:c3:
8a:20:95:c8:fc:ea:1e:be:8a:f4:c5:61:0b:16:16:55:1d:91:
dd:79:1f:72:ee:da:85:83:b9:10:4c:84:50:84:07:71:08:43:
32:d7:d8:f6:4b:60:cf:37:d3:f2:dd:8a:e2:88:b0:ec:2d:03:
9f:5a:04:ac
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbUG8VFeVgGc2pPwOZjSwvO+Jun8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5MWUzN2I0Njk0YzZlNTY1YjcyMmE1Y2QwZjk1MmU1NmY1MWIxNTZmYmIw
NTdmMmQ3Nzk2MmJkMGM1OTRmM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsI/Jr674NF6EQtnUilvqWM+pOgkSVVJ8iPYimAITFsD6xdsdkXhznItcZ0
P40xxxWhuoJ7I7k+CQu80GnztKcgyWscnO7+tlu7oc6DModU1EXnGN+lcQMuFGoN
wG0j+VvAUly5v/Jcn7ulkGNJmi8/+5EHacxtAa9fpHKc4iKOvx13MIAx31iUJEG5
3xns4HJ/oJXqs9wISNJgH6aF2aTXYBdjYugeGB7OJFBPy0OjlJm0AAw+K1WQmpnp
zV0xyBjAprLNsBtWnnTl3/mghC/m38J2eNvDj4cZz2s1o72iJbTNpgXjVtBP+agj
vISdmdl8lO5Iy/LSW8v2R5omgdkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRGtp4j
AEsbgSxiplkKok7LTw74fDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjVlNjQ5MzgtZmMyZC00OTcxLWIyZGEtYWFiYzlmZTU1NmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
QDANBgkqhkiG9w0BAQsFAAOCAQEAUkt7upiLrE4W3pIUCc01aRL4EfR6DVKmXpaH
Hi0vlGZ0y7wjN8Z6z8bCI7PITYTz2jjoqMtrmULanLrQaolFJ4ibyeT3BHMBmd0H
DwojZKXLr2BuqwlxlinDSwzjWA4mCGZZwUNWUQKlXIR4bBXUxbmGOaovtWMeFiJl
xlCCcXYTJ64o+IVKxA5Rcdf+73N/7SneSEqzPCD7FlFgCWEU1ktGSnLiuypULits
ummDxyG84oNx/GdkGnSR+CxDo6LJMKTd9brDiiCVyPzqHr6K9MVhCxYWVR2R3Xkf
cu7ahYO5EEyEUIQHcQhDMtfY9ktgzzfT8t2K4oiw7C0Dn1oErA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:55:54 2026 by rpki-client