Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec66173-52ba-4e6f-b1ec-889563dfb748.roa
File: fec66173-52ba-4e6f-b1ec-889563dfb748.roa (raw, json)
Hash identifier: GixcDb6LNzkCgl28kj03HIBF4EkvfDymK+TpeGWlxqk=
Subject key identifier: CD:CE:D0:B8:DC:CF:20:06:22:4A:D6:EA:FA:DA:5E:BC:E8:ED:94:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A66471F43A53733FF5F68D3CC329CF457ECD9E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec66173-52ba-4e6f-b1ec-889563dfb748.roa
Signing time: Fri 06 Feb 2026 00:30:12 +0000
ROA not before: Fri 06 Feb 2026 00:30:12 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:66:47:1f:43:a5:37:33:ff:5f:68:d3:cc:32:9c:f4:57:ec:d9:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:30:12 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=2d39a574ef305cf1598907114ff0a9b5d5b310c72ed4c711f36ab6757c82ef43, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f9:ab:8a:39:7d:12:87:e7:1f:83:da:ec:9b:
fd:ff:c2:45:e1:1c:f5:b7:b1:0d:ba:8f:52:f8:77:
b8:4b:bd:b4:9e:2c:b5:a2:2a:53:54:30:bc:43:d4:
be:9a:c3:4d:de:37:77:7b:52:c6:f7:fd:af:b2:f3:
4d:f9:5a:b3:00:ad:09:83:70:7f:23:ea:f4:c9:ce:
1f:9d:f7:fb:dc:f0:b6:21:0c:cd:a3:67:00:f5:f2:
7a:b5:b5:70:bd:9a:5d:c8:24:c0:3a:a2:9b:03:42:
fb:d1:2d:19:74:5f:c7:5a:d3:70:81:2c:48:aa:3b:
f1:da:24:bf:85:f7:e5:fd:f3:18:72:7c:0a:54:d2:
2d:9e:8b:40:85:72:31:02:01:36:a5:cc:4f:89:51:
c5:9e:ff:4d:6c:b7:af:39:b7:93:a9:1d:33:d8:f2:
80:0d:38:3e:a7:ff:12:72:a5:9d:31:bf:ab:f1:61:
d1:47:69:6a:8a:8d:3a:0a:62:b6:0e:e9:b0:9e:7f:
a0:cc:eb:71:e7:3a:2e:a7:9e:36:d5:36:22:a0:95:
bc:9a:a1:10:2d:b9:4c:f1:9d:06:dc:d4:40:f0:ca:
9e:5c:3b:f0:df:94:5e:e7:14:4e:ad:f2:e8:77:e7:
b0:ba:6a:61:b1:ac:48:f6:96:7d:d3:a2:fe:69:3f:
8d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CE:D0:B8:DC:CF:20:06:22:4A:D6:EA:FA:DA:5E:BC:E8:ED:94:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec66173-52ba-4e6f-b1ec-889563dfb748.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6040::/48
Signature Algorithm: sha256WithRSAEncryption
b0:9c:98:28:64:8f:25:3b:19:9e:2c:b8:36:4b:27:db:41:81:
25:65:53:83:16:3e:80:e6:8a:0b:80:0c:ad:dd:c1:61:9c:dd:
4e:c7:f5:f2:db:0b:8f:51:4f:f2:37:cc:40:57:fa:5e:88:cd:
99:a1:a3:79:1c:49:ea:ee:47:86:2a:81:8b:5a:7b:27:bf:d0:
19:b9:7b:49:f2:9e:4d:d0:85:e8:65:1d:d4:cc:8c:d0:05:3e:
87:2e:6c:36:09:72:d3:02:86:62:4e:31:9f:14:b6:df:69:5c:
ef:42:dd:6d:82:78:11:61:a6:43:e4:df:85:a7:2c:bf:0e:7c:
1a:df:33:c4:9d:63:4b:7d:98:9b:23:0b:fd:38:53:23:04:8d:
c1:bf:85:f3:7c:a7:60:54:e1:fa:3d:e8:26:e6:c4:84:06:b8:
49:ed:10:50:2d:8b:68:2a:99:44:85:ed:74:0a:4f:c6:80:a2:
c4:38:cb:5e:4e:07:a8:71:bb:37:7d:10:2b:4a:8b:10:9e:4f:
91:f3:c6:0b:0a:89:ed:2e:c6:a4:17:a3:6d:09:7e:fb:ea:58:
25:57:9c:da:24:6e:3a:61:18:4c:5c:d2:9d:96:78:96:e9:2f:
36:68:35:41:3e:92:61:59:e5:79:e0:4d:4a:6b:8c:71:8a:8d:
ee:23:76:20
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSmZHH0OlNzP/X2jTzDKc9Ffs2eUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDMwMTJaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkMzlhNTc0ZWYzMDVjZjE1OTg5MDcxMTRmZjBhOWI1ZDViMzEwYzcyZWQ0
YzcxMWYzNmFiNjc1N2M4MmVmNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/5q4o5fRKH5x+D2uyb/f/CReEc9bexDbqPUvh3uEu9tJ4staIqU1QwvEPU
vprDTd43d3tSxvf9r7LzTflaswCtCYNwfyPq9MnOH533+9zwtiEMzaNnAPXyerW1
cL2aXcgkwDqimwNC+9EtGXRfx1rTcIEsSKo78dokv4X35f3zGHJ8ClTSLZ6LQIVy
MQIBNqXMT4lRxZ7/TWy3rzm3k6kdM9jygA04Pqf/EnKlnTG/q/Fh0UdpaoqNOgpi
tg7psJ5/oMzrcec6LqeeNtU2IqCVvJqhEC25TPGdBtzUQPDKnlw78N+UXucUTq3y
6HfnsLpqYbGsSPaWfdOi/mk/jQUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTNztC4
3M8gBiJK1ur62l686O2UcjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNjYxNzMtNTJiYS00ZTZmLWIxZWMtODg5NTYzZGZiNzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
QDANBgkqhkiG9w0BAQsFAAOCAQEAsJyYKGSPJTsZniy4Nksn20GBJWVTgxY+gOaK
C4AMrd3BYZzdTsf18tsLj1FP8jfMQFf6XojNmaGjeRxJ6u5HhiqBi1p7J7/QGbl7
SfKeTdCF6GUd1MyM0AU+hy5sNgly0wKGYk4xnxS232lc70LdbYJ4EWGmQ+Tfhacs
vw58Gt8zxJ1jS32YmyML/ThTIwSNwb+F83ynYFTh+j3oJubEhAa4Se0QUC2LaCqZ
RIXtdApPxoCixDjLXk4HqHG7N30QK0qLEJ5PkfPGCwqJ7S7GpBejbQl+++pYJVec
2iRuOmEYTFzSnZZ4lukvNmg1QT6SYVnleeBNSmuMcYqN7iN2IA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:25:25 2026 by rpki-client