Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
File: fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa (raw, json)
Hash identifier: 415mLimzTckiGvYNTGn2LzghEHyEMl/y+F9Ps7a1IVI=
Subject key identifier: 11:F1:94:5F:A6:FF:FE:E8:3A:03:9C:4B:62:51:21:64:0A:4D:C2:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62D7F987D3D63E56505B896859FECD3703ED7028
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
Signing time: Sat 28 Feb 2026 06:00:37 +0000
ROA not before: Sat 28 Feb 2026 06:00:37 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:d7:f9:87:d3:d6:3e:56:50:5b:89:68:59:fe:cd:37:03:ed:70:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:37 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=72b85eebe05acf08f7f28c4e12f409bcb897ff0576bdfbfad7ef6ca434cf1ce7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9f:d2:f1:4c:58:8b:96:3b:5c:b6:79:9e:67:
58:35:bc:63:8b:53:f2:e2:69:72:9d:a7:75:bf:5d:
ec:ca:d7:78:1a:8f:95:34:24:63:57:f9:46:05:c1:
ac:ee:5d:27:e0:62:eb:83:a4:58:1e:f2:bd:5e:ca:
03:f5:0c:a1:40:db:fc:d0:f6:4b:28:cb:ab:6b:b6:
cc:7e:d6:5a:cb:15:82:a8:9b:10:91:f1:19:16:97:
5f:1c:1b:86:97:3d:9b:e5:a4:39:d3:96:b4:e6:03:
00:cc:12:88:2a:c0:c8:16:94:a9:74:f8:72:e6:00:
84:e1:28:5f:14:25:33:fa:cf:50:81:51:a5:7c:09:
5c:8e:77:4a:9a:5f:06:b9:eb:36:69:ce:0f:cf:5e:
15:c4:01:c2:27:e6:ba:e5:af:20:2f:50:63:34:9b:
bd:41:d2:c3:f3:36:de:43:15:8c:d2:fb:29:8e:9d:
ab:be:90:b3:06:06:aa:43:a9:20:bd:ee:6e:51:df:
48:e1:fd:e4:1a:2b:77:60:56:64:b3:31:da:08:3c:
b5:11:ef:67:0a:4f:4d:44:19:44:e3:d2:b2:ec:e5:
7d:5a:59:39:33:bd:fc:9e:85:0c:5f:92:ed:df:17:
db:8c:87:6c:11:d1:58:89:2f:4b:17:03:b5:f8:fb:
94:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F1:94:5F:A6:FF:FE:E8:3A:03:9C:4B:62:51:21:64:0A:4D:C2:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:80:f7:4a:89:8e:bc:ca:3e:a3:6d:5b:63:4a:94:ff:16:d0:
73:22:32:94:7b:df:98:03:cc:60:08:14:93:40:e0:17:c9:ee:
e4:fa:e1:8b:db:92:f4:71:a2:94:e3:cb:a3:94:df:e6:8a:7e:
2f:f4:1d:be:9c:a3:67:87:95:66:c6:0e:4a:e6:99:15:83:fe:
87:c9:eb:d5:f3:c3:06:c9:62:89:4e:96:6f:1b:0a:fa:10:4c:
12:96:4e:13:2e:f8:6f:ba:bb:de:f7:d1:08:f7:78:9a:b5:8a:
4e:8a:df:f5:19:af:61:d6:ba:79:52:55:39:16:8a:e2:1e:91:
b2:3e:d2:cb:d2:b8:43:45:f4:47:fe:f1:bb:0f:34:02:0e:45:
cc:50:d1:6e:1e:3b:05:ff:48:40:1b:a5:30:f3:92:4c:e4:8b:
e5:28:42:98:80:ed:c4:3f:33:e4:18:db:fc:43:27:96:00:fc:
02:3e:65:c5:7d:fb:ef:33:fa:fd:55:a5:19:97:c1:62:94:ba:
d6:7f:0c:34:8c:8f:5e:72:e9:52:6a:e5:41:c5:99:7f:42:07:
7e:98:02:f1:07:ba:3a:b5:07:88:72:0e:1f:47:4a:a0:95:7d:
bb:c6:3b:4b:b9:0c:92:6b:98:e7:2f:e3:78:8c:e8:ec:ee:a2:
25:a8:42:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYtf5h9PWPlZQW4loWf7NNwPtcCgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwMzdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyYjg1ZWViZTA1YWNmMDhmN2YyOGM0ZTEyZjQwOWJjYjg5N2ZmMDU3NmJk
ZmJmYWQ3ZWY2Y2E0MzRjZjFjZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmf0vFMWIuWO1y2eZ5nWDW8Y4tT8uJpcp2ndb9d7MrXeBqPlTQkY1f5RgXB
rO5dJ+Bi64OkWB7yvV7KA/UMoUDb/ND2SyjLq2u2zH7WWssVgqibEJHxGRaXXxwb
hpc9m+WkOdOWtOYDAMwSiCrAyBaUqXT4cuYAhOEoXxQlM/rPUIFRpXwJXI53Sppf
BrnrNmnOD89eFcQBwifmuuWvIC9QYzSbvUHSw/M23kMVjNL7KY6dq76QswYGqkOp
IL3ublHfSOH95Bord2BWZLMx2gg8tRHvZwpPTUQZROPSsuzlfVpZOTO9/J6FDF+S
7d8X24yHbBHRWIkvSxcDtfj7lNcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQR8ZRf
pv/+6DoDnEtiUSFkCk3CMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmMzY2YxZmYtMjA5ZC00NmY2LWE3ZGQtYTdiYTVkNWJmYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiA
MA0GCSqGSIb3DQEBCwUAA4IBAQCOgPdKiY68yj6jbVtjSpT/FtBzIjKUe9+YA8xg
CBSTQOAXye7k+uGL25L0caKU48ujlN/min4v9B2+nKNnh5Vmxg5K5pkVg/6HyevV
88MGyWKJTpZvGwr6EEwSlk4TLvhvurve99EI93iatYpOit/1Ga9h1rp5UlU5Fori
HpGyPtLL0rhDRfRH/vG7DzQCDkXMUNFuHjsF/0hAG6Uw85JM5IvlKEKYgO3EPzPk
GNv8QyeWAPwCPmXFffvvM/r9VaUZl8FilLrWfww0jI9eculSauVBxZl/Qgd+mALx
B7o6tQeIcg4fR0qglX27xjtLuQySa5jnL+N4jOjs7qIlqEKE
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:38:04 2026 by rpki-client