Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
File: 09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa (raw, json)
Hash identifier: kr47cy+fgM2hf97QPmYl+g+qFl7tZBP+cgRKn3Ol1lQ=
Subject key identifier: 1B:FF:01:68:FB:FE:A6:00:F8:50:ED:81:C2:21:25:F5:5C:BC:0A:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 256B012FDE2C76EC2832C5CBC5F0C6ACA17FAD34
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
Signing time: Sat 28 Feb 2026 05:51:32 +0000
ROA not before: Sat 28 Feb 2026 05:51:32 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:6b:01:2f:de:2c:76:ec:28:32:c5:cb:c5:f0:c6:ac:a1:7f:ad:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:32 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=72a1ba885190af040dc49acb03727a5e1effdb0328d2c7331f6914507909eaf6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ff:e5:2d:d1:b1:e7:81:5f:e0:eb:fb:74:b1:
ca:d4:2c:2a:6a:a6:0a:9a:75:8b:da:85:c1:16:23:
0f:bd:2b:d1:c9:5d:7a:58:d6:48:c5:d8:30:f4:32:
d8:62:da:85:8c:64:c6:1f:d1:c9:9f:b8:75:ed:e0:
13:b3:35:b6:d1:4d:26:73:18:fe:49:89:50:b7:5c:
88:88:7a:6b:ef:18:18:52:59:ad:9d:3a:8a:19:95:
4b:e1:32:93:30:80:f7:0d:be:51:57:a8:a3:89:10:
37:6d:f8:8f:44:93:27:3f:eb:12:79:b8:8b:19:48:
be:ca:fd:fb:a8:1a:b3:b8:12:30:12:73:ac:71:7c:
89:73:ab:63:ac:38:83:db:6c:23:5e:4f:9c:6e:13:
56:3e:25:69:0c:ff:19:78:cd:5b:11:2e:0c:de:93:
7e:31:31:95:3f:3d:04:99:db:34:2d:ba:e2:33:cd:
d7:c5:93:a2:6f:bb:b7:a6:39:2c:d3:5d:63:05:71:
8f:ee:79:97:a2:89:63:8c:77:9f:aa:25:eb:2a:4d:
c9:cc:04:39:4a:6f:ac:9a:47:a2:f9:47:cb:27:15:
4b:48:a1:8d:6b:6f:5f:40:0d:bf:72:21:24:5d:49:
ff:6a:55:ba:8a:55:0c:e2:e1:22:78:87:dc:4f:fc:
d6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:FF:01:68:FB:FE:A6:00:F8:50:ED:81:C2:21:25:F5:5C:BC:0A:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8020::/48
Signature Algorithm: sha256WithRSAEncryption
88:95:3b:38:72:1a:c3:f1:f4:28:74:92:b6:2d:7c:79:2b:2b:
be:3c:78:b9:f4:42:fb:24:3f:2b:4b:ff:2e:bf:cc:e1:79:eb:
9f:1d:3e:aa:b4:a0:ff:65:0d:6b:9d:70:df:72:d4:a4:a0:a3:
b0:33:a7:7b:31:9c:33:d6:3b:21:5d:fd:e3:f8:7b:dd:5a:c1:
0e:36:8a:f1:72:0c:24:35:5e:20:fb:5d:e2:86:16:9a:42:55:
fb:ad:b5:0f:5d:10:6d:22:38:de:7c:5b:2d:e1:c0:04:d6:46:
b2:f0:e6:ca:d8:b2:0b:35:83:b0:8e:79:b8:23:d6:2e:7d:8e:
cc:a2:0a:e7:ff:69:07:34:86:14:ad:2f:d9:78:e9:51:66:2e:
b8:a5:5d:3c:cf:66:63:b5:73:bd:e1:06:07:97:f9:39:3d:60:
ea:45:a8:0d:01:b2:68:47:23:84:58:e9:81:05:b4:01:6a:03:
8d:03:87:3a:ac:d2:6d:bb:c7:aa:a2:9c:8a:c2:50:da:7f:bd:
94:d3:c6:96:0c:6d:fa:e5:94:91:f9:93:75:e0:a0:6a:7a:71:
f1:06:60:0a:20:e7:06:1f:67:14:44:5a:75:a2:08:69:7d:a7:
e3:4b:bf:84:15:89:07:a8:fc:7f:7a:95:1f:63:32:be:dc:90:
61:96:09:3c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJWsBL94sduwoMsXLxfDGrKF/rTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMzJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyYTFiYTg4NTE5MGFmMDQwZGM0OWFjYjAzNzI3YTVlMWVmZmRiMDMyOGQy
YzczMzFmNjkxNDUwNzkwOWVhZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJL/5S3RseeBX+Dr+3SxytQsKmqmCpp1i9qFwRYjD70r0cldeljWSMXYMPQy
2GLahYxkxh/RyZ+4de3gE7M1ttFNJnMY/kmJULdciIh6a+8YGFJZrZ06ihmVS+Ey
kzCA9w2+UVeoo4kQN234j0STJz/rEnm4ixlIvsr9+6gas7gSMBJzrHF8iXOrY6w4
g9tsI15PnG4TVj4laQz/GXjNWxEuDN6TfjExlT89BJnbNC264jPN18WTom+7t6Y5
LNNdYwVxj+55l6KJY4x3n6ol6ypNycwEOUpvrJpHovlHyycVS0ihjWtvX0ANv3Ih
JF1J/2pVuopVDOLhIniH3E/81gMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQb/wFo
+/6mAPhQ7YHCISX1XLwKZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlmNjRlZGEtMmI5Yy00Yzg5LThlYjQtN2NmYjA4YjJiYTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
IDANBgkqhkiG9w0BAQsFAAOCAQEAiJU7OHIaw/H0KHSSti18eSsrvjx4ufRC+yQ/
K0v/Lr/M4Xnrnx0+qrSg/2UNa51w33LUpKCjsDOnezGcM9Y7IV394/h73VrBDjaK
8XIMJDVeIPtd4oYWmkJV+621D10QbSI43nxbLeHABNZGsvDmytiyCzWDsI55uCPW
Ln2OzKIK5/9pBzSGFK0v2XjpUWYuuKVdPM9mY7VzveEGB5f5OT1g6kWoDQGyaEcj
hFjpgQW0AWoDjQOHOqzSbbvHqqKcisJQ2n+9lNPGlgxt+uWUkfmTdeCganpx8QZg
CiDnBh9nFERadaIIaX2n40u/hBWJB6j8f3qVH2MyvtyQYZYJPA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:02 2026 by rpki-client