Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
File: f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa (raw, json)
Hash identifier: FLAshHANBuwoINZfzYnib1IR3USBX9LzfLtj2JcIsCU=
Subject key identifier: 5D:8F:EF:B0:5F:23:ED:FD:E1:88:8E:2B:5B:B1:79:46:0A:25:C0:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C17E7377A0FFE01FD3415A2E76FA8AACB0A1025
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
Signing time: Sat 28 Feb 2026 05:20:59 +0000
ROA not before: Sat 28 Feb 2026 05:20:59 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:17:e7:37:7a:0f:fe:01:fd:34:15:a2:e7:6f:a8:aa:cb:0a:10:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:59 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=3133429fc4d95004a95f97656f07600a9a1b2d3f01b7281db6a21d6fa1021f00, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f4:77:63:3b:e1:eb:a6:dd:61:4f:12:42:02:
ae:4a:d7:14:cb:77:87:a3:f4:3f:0a:38:63:d2:c1:
7d:65:1b:ad:ab:2a:0d:25:a5:ca:6f:5d:63:98:d1:
2b:a1:b4:da:25:53:86:e7:db:0d:da:fc:9e:a7:e7:
e1:a3:03:dc:71:96:00:84:3d:c7:75:d1:6e:a2:c6:
3d:35:18:8c:c2:88:f1:e8:6a:6d:a8:b8:6c:a0:b9:
e5:71:70:9a:1e:04:bb:73:a5:a0:ec:ed:87:8c:ce:
ea:57:e9:52:1a:cf:20:79:31:4c:56:a7:3b:33:0e:
3c:72:a4:f5:8c:de:e7:04:f6:6e:01:05:6a:38:0a:
a3:90:f7:ff:af:6c:49:26:b8:d4:e4:10:81:1c:12:
03:d4:69:e5:99:eb:bf:ed:f0:e5:cf:74:73:ab:13:
1f:de:04:e9:58:b8:0f:5d:c9:27:41:53:79:1e:41:
80:f3:15:e9:5f:65:2b:eb:02:3e:70:cf:2e:54:d7:
b5:1b:6f:84:c9:0e:15:e6:bf:22:94:eb:d3:e9:b9:
10:b7:e6:fd:5d:fd:66:d6:4a:30:1f:b6:ac:1e:2a:
b7:a0:b9:5e:c9:d5:2d:aa:2c:33:79:ff:be:79:e1:
ca:b1:2a:ab:d1:dc:7b:82:9d:aa:c4:94:e9:41:e4:
6f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8F:EF:B0:5F:23:ED:FD:E1:88:8E:2B:5B:B1:79:46:0A:25:C0:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/36
Signature Algorithm: sha256WithRSAEncryption
21:c7:f9:55:c0:77:48:7d:b2:48:97:f9:7d:4f:b1:d3:2c:cb:
0c:8d:57:47:48:3f:fc:54:37:fe:51:08:49:a5:43:8d:8a:e4:
d2:16:2e:52:20:0e:cd:7e:56:18:6b:a6:38:aa:a8:54:3d:33:
ca:8d:79:4b:e2:46:49:a3:f2:50:40:70:68:dc:ae:17:01:85:
d0:b2:4b:fb:06:01:c6:a3:93:98:e0:af:f4:ad:1d:a7:8d:1b:
3a:b3:a7:96:29:c3:b0:ea:48:44:a9:bc:a3:d9:37:cc:38:23:
d4:06:4e:11:90:0e:75:4d:a7:a4:13:73:ea:ef:09:9b:94:0b:
a3:74:3c:d4:bb:22:93:4b:5a:d0:c1:b4:9f:33:a9:98:98:3e:
5b:61:ce:f7:ee:26:53:42:12:37:ef:04:4d:d0:22:02:ff:03:
06:50:2e:07:6a:a2:a7:31:3f:b2:c6:b6:af:d0:de:2c:17:a5:
69:4a:c2:00:23:24:22:d4:15:b4:f5:c7:95:1c:cf:86:c8:9f:
3f:60:5c:aa:60:75:b1:94:5b:9f:5a:53:29:49:18:2a:62:b4:
9c:5d:44:6b:4e:02:bb:c4:72:9b:f4:10:c0:cf:38:78:4e:03:
09:64:c4:07:fa:18:89:66:1b:e3:ed:1c:f8:e4:d0:5b:5b:a7:
5a:1b:aa:4b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXBfnN3oP/gH9NBWi52+oqssKECUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNTlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxMzM0MjlmYzRkOTUwMDRhOTVmOTc2NTZmMDc2MDBhOWExYjJkM2YwMWI3
MjgxZGI2YTIxZDZmYTEwMjFmMDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/0d2M74eum3WFPEkICrkrXFMt3h6P0Pwo4Y9LBfWUbrasqDSWlym9dY5jR
K6G02iVThufbDdr8nqfn4aMD3HGWAIQ9x3XRbqLGPTUYjMKI8ehqbai4bKC55XFw
mh4Eu3OloOzth4zO6lfpUhrPIHkxTFanOzMOPHKk9Yze5wT2bgEFajgKo5D3/69s
SSa41OQQgRwSA9Rp5Znrv+3w5c90c6sTH94E6Vi4D13JJ0FTeR5BgPMV6V9lK+sC
PnDPLlTXtRtvhMkOFea/IpTr0+m5ELfm/V39ZtZKMB+2rB4qt6C5XsnVLaosM3n/
vnnhyrEqq9Hce4KdqsSU6UHkbx0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdj++w
XyPt/eGIjitbsXlGCiXArTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdmY2NjMmEtYWE4YS00Y2JjLTg5ZDctZDZhOGNhMTIxYmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQAhx/lVwHdIfbJIl/l9T7HTLMsMjVdHSD/8VDf+
UQhJpUONiuTSFi5SIA7NflYYa6Y4qqhUPTPKjXlL4kZJo/JQQHBo3K4XAYXQskv7
BgHGo5OY4K/0rR2njRs6s6eWKcOw6khEqbyj2TfMOCPUBk4RkA51TaekE3Pq7wmb
lAujdDzUuyKTS1rQwbSfM6mYmD5bYc737iZTQhI37wRN0CIC/wMGUC4HaqKnMT+y
xrav0N4sF6VpSsIAIyQi1BW09ceVHM+GyJ8/YFyqYHWxlFufWlMpSRgqYrScXURr
TgK7xHKb9BDAzzh4TgMJZMQH+hiJZhvj7Rz45NBbW6daG6pL
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:51 2026 by rpki-client