Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf98d1c0-6902-467c-a927-67601c51d140.roa
File: cf98d1c0-6902-467c-a927-67601c51d140.roa (raw, json)
Hash identifier: 9gLkmNTLmRnznPCis+v4BaKHDJ6rv1DpYZTABPNYxEA=
Subject key identifier: 06:B3:4B:BF:6B:46:BB:FF:82:54:2B:E0:6A:76:ED:28:06:46:42:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0892E5FFD8E6FD3551C70A176C3C5AF7F4F20306
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf98d1c0-6902-467c-a927-67601c51d140.roa
Signing time: Thu 12 Mar 2026 15:41:25 +0000
ROA not before: Thu 12 Mar 2026 15:41:25 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:92:e5:ff:d8:e6:fd:35:51:c7:0a:17:6c:3c:5a:f7:f4:f2:03:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:41:25 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=7fe3c2c1473b74bb9710e3dfae0e4e8ae2d862778e8eb34db586a7a6f2c3de89, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d0:7e:93:dd:68:89:0b:07:3d:bd:20:67:42:
b5:51:ba:5a:68:9a:f4:69:70:99:3d:bf:3b:e9:46:
27:72:f2:18:cf:08:b7:4f:09:a6:aa:a0:b9:1b:d7:
cd:02:df:fa:69:f4:1a:47:f7:5b:ee:20:bc:ce:bf:
6e:b4:d6:f5:04:37:6d:5d:22:b4:1f:95:56:26:a1:
63:bf:d7:6d:cc:4f:f9:65:04:1c:a7:30:d6:94:3f:
af:c5:d1:c5:af:58:ee:08:90:f0:e3:74:26:8b:80:
8f:4d:4e:28:b0:d3:51:b8:0a:5b:8a:80:f8:bf:1e:
e3:0e:98:c2:a5:4a:e1:ca:93:23:8e:96:76:78:21:
41:f6:94:ab:cc:47:f6:08:b5:e4:5e:ec:da:d5:9b:
3e:36:3b:19:e6:74:41:3a:ee:d9:9d:5f:36:d5:58:
67:87:be:93:46:29:11:4d:d4:4e:11:39:df:bc:69:
c0:09:6c:50:43:bb:6c:90:b7:ff:3e:64:92:a6:52:
4c:33:51:f1:12:71:55:a9:e9:e9:8f:99:8b:05:a5:
06:27:47:6b:33:48:d0:6e:0c:e8:0f:63:bb:c0:8c:
d5:b8:13:12:8d:44:47:91:37:4d:6c:6d:0f:fe:ff:
ab:9e:36:c2:24:e8:41:e7:9b:6c:8f:d3:7d:a1:93:
8d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B3:4B:BF:6B:46:BB:FF:82:54:2B:E0:6A:76:ED:28:06:46:42:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf98d1c0-6902-467c-a927-67601c51d140.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
bd:22:f5:5a:3a:9a:ff:15:b3:ce:de:4f:82:1f:39:72:1f:7d:
7e:fe:9e:33:37:b4:2b:0b:ca:c5:39:72:c9:d7:e3:34:7a:a0:
4d:8f:49:14:f2:b0:92:e1:cd:fa:52:54:92:37:e4:7f:44:93:
dc:66:53:8a:83:4c:76:f6:b3:10:e2:73:52:b5:39:6d:b4:4d:
83:89:97:8d:c4:e3:8c:a8:bb:f1:e7:15:6e:49:3c:af:9b:3d:
a0:45:cd:a3:f5:61:a1:2c:3b:98:3a:b1:22:2f:bc:d8:a5:93:
15:c5:b5:13:cd:27:26:8d:83:f9:bf:b0:97:f4:d3:7d:1a:53:
8f:28:ba:0f:c1:23:3c:a7:d8:d0:09:27:4e:2d:06:6c:2b:2c:
19:85:1f:12:26:53:9e:2c:6d:67:96:63:e0:35:a4:0d:e1:7f:
78:b4:43:30:bd:0b:5a:42:2b:de:34:c7:91:d3:a8:95:14:a0:
3c:e2:03:7e:d8:9d:5f:29:f1:45:9e:7a:be:1b:6c:a6:08:3e:
40:83:72:96:fa:d5:b5:15:f9:a3:9e:4c:62:84:7e:ea:19:17:
3b:02:dd:c7:0e:95:d8:40:fe:77:dd:04:4e:83:35:5a:b9:fb:
4f:b4:c2:73:87:2f:6f:f6:53:35:d4:48:e7:71:3b:a2:ce:e3:
8a:2e:c3:00
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCJLl/9jm/TVRxwoXbDxa9/TyAwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQxMjVaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmZTNjMmMxNDczYjc0YmI5NzEwZTNkZmFlMGU0ZThhZTJkODYyNzc4ZThl
YjM0ZGI1ODZhN2E2ZjJjM2RlODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjQfpPdaIkLBz29IGdCtVG6Wmia9GlwmT2/O+lGJ3LyGM8It08JpqqguRvX
zQLf+mn0Gkf3W+4gvM6/brTW9QQ3bV0itB+VViahY7/XbcxP+WUEHKcw1pQ/r8XR
xa9Y7giQ8ON0JouAj01OKLDTUbgKW4qA+L8e4w6YwqVK4cqTI46WdnghQfaUq8xH
9gi15F7s2tWbPjY7GeZ0QTru2Z1fNtVYZ4e+k0YpEU3UThE537xpwAlsUEO7bJC3
/z5kkqZSTDNR8RJxVanp6Y+ZiwWlBidHazNI0G4M6A9ju8CM1bgTEo1ER5E3TWxt
D/7/q542wiToQeebbI/TfaGTjc0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGs0u/
a0a7/4JUK+Bqdu0oBkZCgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y5OGQxYzAtNjkwMi00NjdjLWE5MjctNjc2MDFjNTFkMTQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fpg
MA0GCSqGSIb3DQEBCwUAA4IBAQC9IvVaOpr/FbPO3k+CHzlyH31+/p4zN7QrC8rF
OXLJ1+M0eqBNj0kU8rCS4c36UlSSN+R/RJPcZlOKg0x29rMQ4nNStTlttE2DiZeN
xOOMqLvx5xVuSTyvmz2gRc2j9WGhLDuYOrEiL7zYpZMVxbUTzScmjYP5v7CX9NN9
GlOPKLoPwSM8p9jQCSdOLQZsKywZhR8SJlOeLG1nlmPgNaQN4X94tEMwvQtaQive
NMeR06iVFKA84gN+2J1fKfFFnnq+G2ymCD5Ag3KW+tW1FfmjnkxihH7qGRc7At3H
DpXYQP533QROgzVauftPtMJzhy9v9lM11EjncTuizuOKLsMA
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:15:17 2026 by rpki-client