Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
File: fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa (raw, json)
Hash identifier: ZQv+FMk3dBEeQvEnj+ka5C4s1/cHUsYdEBmJ2y+6Oak=
Subject key identifier: C4:5A:B3:AD:26:A4:34:82:53:25:00:E9:08:20:05:A3:68:AE:FE:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11CD4D715A06891B5D9A1B6657AD49479B94D9BA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
Signing time: Sat 28 Feb 2026 05:41:11 +0000
ROA not before: Sat 28 Feb 2026 05:41:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:cd:4d:71:5a:06:89:1b:5d:9a:1b:66:57:ad:49:47:9b:94:d9:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4645197739acec252c5bdaa862742c10b04f5a809fc21bde6e7cc83d6c8ed8b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:12:ab:86:e9:dc:6a:06:8d:94:d0:95:76:f0:
97:ce:dd:0a:88:0e:8d:a5:a1:0d:c2:16:41:ca:fa:
88:2f:7b:b3:73:5d:a2:1c:69:01:83:78:44:aa:9a:
54:2c:3a:ef:f2:0d:28:bf:81:60:a5:95:38:f5:4b:
c3:82:98:26:41:f0:62:ef:08:88:50:64:c2:c7:1d:
de:d7:31:ef:16:f1:e1:5d:89:f3:69:2d:c4:b8:be:
21:b9:ba:56:fb:ff:37:8c:80:68:99:98:3d:c7:49:
4d:37:5d:9d:ae:2b:c2:ae:48:76:e1:01:bf:70:49:
98:16:69:c1:b6:39:20:58:1e:02:81:4c:38:2b:e7:
21:61:f7:b8:c6:ca:f6:b8:25:7f:a3:10:64:33:a2:
23:43:6a:a7:1a:12:bd:1b:9e:90:0f:c1:c8:cc:fb:
8f:da:b6:4e:9a:01:fc:74:5f:c4:2d:46:d4:27:71:
a5:72:7e:05:bd:bc:e7:14:3a:81:fb:6d:39:c6:53:
16:7c:c5:5e:ae:d5:e2:4e:f6:5d:82:c6:c3:9f:8b:
ed:15:ee:f2:73:e9:9b:2d:6f:04:be:5f:b2:26:d1:
6c:52:38:31:80:53:c8:2a:2e:e3:b6:17:3b:9d:91:
f0:e7:c8:e6:cf:37:59:8e:05:81:d3:06:88:23:1b:
86:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5A:B3:AD:26:A4:34:82:53:25:00:E9:08:20:05:A3:68:AE:FE:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
47:fe:88:77:b8:00:90:6b:90:4d:26:60:92:3e:00:29:a4:61:
ea:b5:79:4d:57:2e:44:89:2f:06:44:b9:37:4c:f7:ef:ac:46:
bc:d5:7a:49:d8:f8:e4:c8:e2:42:a3:ea:fb:9f:25:d8:56:67:
8d:34:6a:22:fb:2d:65:5c:8a:83:ef:e4:da:c3:54:40:b8:32:
71:9f:96:3e:5a:b0:a2:8f:9e:63:1f:4e:6d:f9:cf:47:38:18:
d9:06:23:b9:57:36:10:27:45:2d:33:e5:0d:ce:60:25:06:78:
6c:be:bb:10:94:42:04:ed:96:a2:1e:20:94:e1:e4:bd:18:36:
16:f3:31:7f:b4:91:f5:e1:82:79:65:19:73:9b:3e:e6:ae:11:
e7:b4:0a:21:3c:57:0b:b2:14:ad:f2:21:87:63:65:54:11:5f:
46:8f:b4:3c:2e:3f:05:fd:c5:e8:41:76:d3:f0:57:45:ab:04:
fe:f1:59:94:e1:a4:30:b0:a9:cf:c5:cb:51:fc:6f:88:62:9e:
7f:08:a3:9f:86:ee:82:01:8d:59:84:37:4b:d3:6d:96:e8:9c:
39:8e:96:34:5f:e9:9c:f6:11:af:c8:e2:b9:d7:b4:ce:c2:23:
bf:1e:b0:4c:9a:a8:90:4a:17:2a:02:07:e2:c4:cf:94:b1:e6:
a2:d0:63:66
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEc1NcVoGiRtdmhtmV61JR5uU2bowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2NDUxOTc3MzlhY2VjMjUyYzViZGFhODYyNzQyYzEwYjA0ZjVhODA5ZmMy
MWJkZTZlN2NjODNkNmM4ZWQ4YjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwSq4bp3GoGjZTQlXbwl87dCogOjaWhDcIWQcr6iC97s3NdohxpAYN4RKqa
VCw67/INKL+BYKWVOPVLw4KYJkHwYu8IiFBkwscd3tcx7xbx4V2J82ktxLi+Ibm6
Vvv/N4yAaJmYPcdJTTddna4rwq5IduEBv3BJmBZpwbY5IFgeAoFMOCvnIWH3uMbK
9rglf6MQZDOiI0NqpxoSvRuekA/ByMz7j9q2TpoB/HRfxC1G1CdxpXJ+Bb285xQ6
gfttOcZTFnzFXq7V4k72XYLGw5+L7RXu8nPpmy1vBL5fsibRbFI4MYBTyCou47YX
O52R8OfI5s83WY4FgdMGiCMbhlkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTEWrOt
JqQ0glMlAOkIIAWjaK7+OTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlN2EwM2ItOWU5MC00OTIxLTljNTYtNWIwYmQ0ZTYwZWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
wDANBgkqhkiG9w0BAQsFAAOCAQEAR/6Id7gAkGuQTSZgkj4AKaRh6rV5TVcuRIkv
BkS5N0z376xGvNV6Sdj45MjiQqPq+58l2FZnjTRqIvstZVyKg+/k2sNUQLgycZ+W
Plqwoo+eYx9ObfnPRzgY2QYjuVc2ECdFLTPlDc5gJQZ4bL67EJRCBO2Woh4glOHk
vRg2FvMxf7SR9eGCeWUZc5s+5q4R57QKITxXC7IUrfIhh2NlVBFfRo+0PC4/Bf3F
6EF20/BXRasE/vFZlOGkMLCpz8XLUfxviGKefwijn4buggGNWYQ3S9NtluicOY6W
NF/pnPYRr8jiude0zsIjvx6wTJqokEoXKgIH4sTPlLHmotBjZg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:24:21 2026 by rpki-client