Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa
File: fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa (raw, json)
Hash identifier: /ffC1kgCn4Y+o15U2xqjV0EmHqBOdQgP9hFwLfk+Gx0=
Subject key identifier: 5F:39:B9:8A:E1:67:E6:D6:6E:CF:58:91:A4:27:7F:B9:82:CB:58:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FBD170611DC5CAE41589BF0E8D7D4A12386FB5B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa
Signing time: Sat 28 Feb 2026 06:00:11 +0000
ROA not before: Sat 28 Feb 2026 06:00:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:bd:17:06:11:dc:5c:ae:41:58:9b:f0:e8:d7:d4:a1:23:86:fb:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=84e2a2fa6f5e98a06c64a88ea45b78b2a64f3adef2b47df444caa32cc122eaab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1b:95:6d:91:30:e7:48:b4:18:30:b1:8a:fb:
5f:78:15:1e:0b:02:24:ef:69:40:de:80:54:92:2b:
12:9a:ed:db:62:a6:45:ba:ac:ef:6f:b7:9c:3d:ba:
81:c6:9d:72:18:9a:f3:64:2a:2d:bf:51:2b:f8:7b:
4e:45:7e:06:1b:af:27:32:d9:5c:e0:59:9d:e2:4e:
cf:2e:85:bc:ed:74:c9:d4:89:09:ac:7f:96:6e:be:
36:a3:a4:31:54:55:73:d0:3d:57:d0:3d:4d:44:53:
2b:b2:6a:6a:59:d8:86:be:ec:07:21:c0:7b:a4:3b:
5e:0f:31:a9:d2:e7:d3:8a:24:d2:f6:2e:02:bd:55:
28:d5:40:ae:e5:fe:49:9b:d5:62:a8:c6:ee:54:0f:
3a:37:1d:14:75:08:a4:e2:9d:c8:23:11:d9:3d:d4:
2e:29:39:93:35:31:32:de:b9:d0:93:36:a8:ab:50:
a6:78:be:7a:65:cc:fb:04:1e:b8:f8:ab:93:4f:6d:
d0:ef:e4:ab:da:1c:7b:8f:11:33:a7:dc:f7:dc:38:
9a:a9:ba:89:0c:02:ef:26:17:e8:a8:0b:45:c9:b3:
12:e4:70:e0:24:df:c7:5d:df:19:d5:59:e8:a0:de:
0f:67:36:0b:4a:d2:1d:43:1e:2c:a9:ac:ea:62:37:
10:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:39:B9:8A:E1:67:E6:D6:6E:CF:58:91:A4:27:7F:B9:82:CB:58:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2080::/48
Signature Algorithm: sha256WithRSAEncryption
4b:4b:ed:57:dd:64:22:a0:4a:15:29:29:0c:dc:ed:94:35:95:
86:ab:16:87:b7:00:1d:6d:c0:0e:84:b4:70:27:6b:3d:47:bd:
ed:19:f7:67:c4:4d:23:2f:bf:22:a7:2e:ba:09:01:06:ed:6f:
a9:02:ca:3d:86:ac:e1:74:38:ea:6c:fe:f1:72:dd:79:f8:c2:
bc:a8:cd:f4:17:c6:5c:2a:69:cd:1a:e8:d4:3d:3a:12:04:36:
95:46:5c:b9:77:2d:3b:59:b6:3d:08:c8:d4:96:31:3c:b1:6e:
29:b7:7e:89:65:e0:e2:4a:89:89:47:43:10:72:e2:87:29:c4:
5a:63:30:f4:1f:13:4d:4b:9d:9f:34:36:87:4a:d8:60:31:4f:
df:45:a6:d8:f0:a1:f1:e2:61:a8:b2:80:48:99:07:e9:cd:ac:
e7:41:d3:79:3c:66:ee:1e:1c:78:d6:6f:3f:b6:6a:32:a3:db:
b6:28:39:a4:9f:d5:c2:5f:56:a1:b6:51:38:30:27:4b:b6:52:
17:41:1a:45:86:dd:c4:c9:88:64:95:58:fa:34:a2:de:f4:da:
14:61:b8:e6:ce:79:d6:be:eb:0d:4a:7f:36:aa:e5:ca:7e:c5:
96:c8:58:73:c4:b4:92:1d:64:c6:39:4d:9a:74:83:5b:9d:a3:
b5:7a:5f:13
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUL70XBhHcXK5BWJvw6NfUoSOG+1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0ZTJhMmZhNmY1ZTk4YTA2YzY0YTg4ZWE0NWI3OGIyYTY0ZjNhZGVmMmI0
N2RmNDQ0Y2FhMzJjYzEyMmVhYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8blW2RMOdItBgwsYr7X3gVHgsCJO9pQN6AVJIrEprt22KmRbqs72+3nD26
gcadchia82QqLb9RK/h7TkV+BhuvJzLZXOBZneJOzy6FvO10ydSJCax/lm6+NqOk
MVRVc9A9V9A9TURTK7JqalnYhr7sByHAe6Q7Xg8xqdLn04ok0vYuAr1VKNVAruX+
SZvVYqjG7lQPOjcdFHUIpOKdyCMR2T3ULik5kzUxMt650JM2qKtQpni+emXM+wQe
uPirk09t0O/kq9oce48RM6fc99w4mqm6iQwC7yYX6KgLRcmzEuRw4CTfx13fGdVZ
6KDeD2c2C0rSHUMeLKms6mI3EOkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRfObmK
4Wfm1m7PWJGkJ3+5gstYJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmI5ZDQ3MTYtYmYwZi00MGU1LWJlYjEtNGVhNWVmMDFiZDFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
gDANBgkqhkiG9w0BAQsFAAOCAQEAS0vtV91kIqBKFSkpDNztlDWVhqsWh7cAHW3A
DoS0cCdrPUe97Rn3Z8RNIy+/IqcuugkBBu1vqQLKPYas4XQ46mz+8XLdefjCvKjN
9BfGXCppzRro1D06EgQ2lUZcuXctO1m2PQjI1JYxPLFuKbd+iWXg4kqJiUdDEHLi
hynEWmMw9B8TTUudnzQ2h0rYYDFP30Wm2PCh8eJhqLKASJkH6c2s50HTeTxm7h4c
eNZvP7ZqMqPbtig5pJ/Vwl9WobZRODAnS7ZSF0EaRYbdxMmIZJVY+jSi3vTaFGG4
5s551r7rDUp/Nqrlyn7FlshYc8S0kh1kxjlNmnSDW52jtXpfEw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:37:51 2026 by rpki-client