Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa3b401f-ea91-45a9-8182-d567cfac077a.roa
File: fa3b401f-ea91-45a9-8182-d567cfac077a.roa (raw, json)
Hash identifier: R2qGA9ZVdnKHKFuJQJRdkGR/DC2BdxYwn+tU3xVEDTQ=
Subject key identifier: 04:CE:B6:24:37:D1:FE:1B:33:DA:0E:D1:C0:B6:27:3E:9C:0F:59:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D5C47608D7D951226776FE4EA20C1B8F63D166F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa3b401f-ea91-45a9-8182-d567cfac077a.roa
Signing time: Sat 28 Feb 2026 05:21:01 +0000
ROA not before: Sat 28 Feb 2026 05:21:01 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:5c:47:60:8d:7d:95:12:26:77:6f:e4:ea:20:c1:b8:f6:3d:16:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:21:01 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=d8b655991a1c9742a95d89b3d8ba0e1da78447b101492cae2e6f2d87773e7d1a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:45:85:22:8e:2e:49:72:5e:06:f4:d9:1a:57:
72:80:fe:54:9a:a4:47:ce:eb:f1:00:62:e3:e1:9d:
b3:33:eb:41:ab:b7:50:8e:d1:aa:2b:72:9e:10:50:
a6:be:df:f8:04:3d:6f:55:6b:c7:56:bd:df:c5:eb:
6d:82:1d:29:85:66:87:6d:4b:59:a6:6e:c8:e6:f8:
b3:0c:84:01:2e:6c:8b:a3:a9:40:9c:c9:c4:4c:4c:
ca:b5:5c:09:de:64:6a:31:db:b5:f8:94:be:98:a7:
48:d4:4e:16:7c:09:61:01:80:50:8b:d2:cd:f8:56:
19:27:ff:45:1e:49:93:4f:7c:e1:42:3c:f8:c3:cd:
70:32:1d:fc:6d:c4:27:86:de:12:91:4e:80:73:22:
53:8f:54:d3:f4:46:91:59:db:12:a9:b1:8d:b1:f0:
8c:82:fd:13:a2:c1:02:88:ca:de:07:81:98:e3:ad:
0d:97:c6:0f:be:34:1a:85:cd:ad:7e:ad:4f:ed:d1:
83:0a:ca:73:6a:c3:af:ce:47:b6:b1:ab:1f:d1:ae:
5d:52:fc:d8:2b:1f:7c:e5:21:40:c8:d3:31:a7:18:
fc:57:11:19:0d:b3:a9:e8:2f:7e:bf:ba:1c:c4:5c:
ac:2a:e0:38:83:64:cd:5b:6e:5d:46:61:7f:92:e3:
e7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:CE:B6:24:37:D1:FE:1B:33:DA:0E:D1:C0:B6:27:3E:9C:0F:59:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa3b401f-ea91-45a9-8182-d567cfac077a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:b080::/48
Signature Algorithm: sha256WithRSAEncryption
38:cc:90:21:fc:1d:13:40:f5:67:1a:aa:80:e7:d6:c0:7b:62:
74:e7:31:71:3f:ef:0b:c4:26:6c:15:31:f8:3e:d9:4f:d8:52:
12:d3:ab:99:77:5b:5d:24:6b:a2:b7:f1:f7:5d:b1:7c:84:25:
f4:38:4e:7d:dd:ca:44:21:16:b7:77:5b:5a:5e:b1:0a:f4:86:
1b:fe:96:ee:13:87:3e:18:3f:9d:01:77:31:cd:fa:d3:3c:57:
3c:59:be:75:71:5f:0b:bd:80:57:a7:bf:da:1a:1a:1f:0d:b8:
35:ab:27:81:81:e3:a2:f0:c1:e5:ad:30:dc:c3:16:75:de:ef:
bc:dd:55:28:7e:70:ea:cc:95:86:1a:3f:9d:30:52:36:d0:92:
01:d0:fc:f4:5b:bb:69:b3:ca:db:a7:b9:f0:06:0a:24:b0:d4:
51:f8:20:c1:7c:5d:af:76:86:6c:b1:f9:e9:6f:fd:43:dc:9c:
74:ee:a4:9e:87:81:1a:c4:99:ab:4c:3f:30:8b:9e:3c:23:71:
56:e7:d0:12:9e:48:2a:3b:d5:e6:c2:95:52:76:e3:88:2a:c4:
45:78:1c:bc:eb:a6:85:64:fe:74:e8:45:0a:99:37:5a:c7:09:
61:5e:84:22:a2:5d:9a:14:37:3d:d6:77:08:59:42:28:ca:7e:
fe:d4:5b:a2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbVxHYI19lRImd2/k6iDBuPY9Fm8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIxMDFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4YjY1NTk5MWExYzk3NDJhOTVkODliM2Q4YmEwZTFkYTc4NDQ3YjEwMTQ5
MmNhZTJlNmYyZDg3NzczZTdkMWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBFhSKOLklyXgb02RpXcoD+VJqkR87r8QBi4+GdszPrQau3UI7RqitynhBQ
pr7f+AQ9b1Vrx1a938XrbYIdKYVmh21LWaZuyOb4swyEAS5si6OpQJzJxExMyrVc
Cd5kajHbtfiUvpinSNROFnwJYQGAUIvSzfhWGSf/RR5Jk0984UI8+MPNcDId/G3E
J4beEpFOgHMiU49U0/RGkVnbEqmxjbHwjIL9E6LBAojK3geBmOOtDZfGD740GoXN
rX6tT+3RgwrKc2rDr85HtrGrH9GuXVL82CsffOUhQMjTMacY/FcRGQ2zqegvfr+6
HMRcrCrgOINkzVtuXUZhf5Lj59MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQEzrYk
N9H+GzPaDtHAtic+nA9Z9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmEzYjQwMWYtZWE5MS00NWE5LTgxODItZDU2N2NmYWMwNzdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGw
gDANBgkqhkiG9w0BAQsFAAOCAQEAOMyQIfwdE0D1ZxqqgOfWwHtidOcxcT/vC8Qm
bBUx+D7ZT9hSEtOrmXdbXSRrorfx912xfIQl9DhOfd3KRCEWt3dbWl6xCvSGG/6W
7hOHPhg/nQF3Mc360zxXPFm+dXFfC72AV6e/2hoaHw24NasngYHjovDB5a0w3MMW
dd7vvN1VKH5w6syVhho/nTBSNtCSAdD89Fu7abPK26e58AYKJLDUUfggwXxdr3aG
bLH56W/9Q9ycdO6knoeBGsSZq0w/MIuePCNxVufQEp5IKjvV5sKVUnbjiCrERXgc
vOumhWT+dOhFCpk3WscJYV6EIqJdmhQ3PdZ3CFlCKMp+/tRbog==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:11:17 2026 by rpki-client