Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
File: 182e091e-259f-44bd-bb67-c5e36fa6958b.roa (raw, json)
Hash identifier: uTa7+WxSM8soBUjUdCnwoJflGsRQdXoAs1XORAyLJWc=
Subject key identifier: 68:0A:67:23:28:E2:E9:CC:8D:D0:68:96:65:68:11:CB:E1:A4:3C:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 090A0FACE52B8FF2DB169750BAE07DED18236D62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
Signing time: Sat 28 Feb 2026 06:00:52 +0000
ROA not before: Sat 28 Feb 2026 06:00:52 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:0a:0f:ac:e5:2b:8f:f2:db:16:97:50:ba:e0:7d:ed:18:23:6d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:52 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=939e072dcf5d6bd477a6cb97ae38ae35183c805ebe7e4123972063393b859b9e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6d:10:0b:0b:8b:20:95:e2:3f:18:b5:88:fa:
c1:5a:ca:63:7f:40:eb:83:ce:6a:95:66:88:53:3f:
fb:f0:0a:5b:98:ec:9d:29:17:ff:d1:ed:1d:75:5d:
43:0c:08:27:58:f6:d5:48:f6:c7:d2:e2:e1:08:d8:
80:45:b3:66:fe:3d:0d:19:49:b7:77:92:aa:0b:76:
03:d7:58:66:99:58:d5:1d:b3:71:d2:11:e2:f6:73:
6a:c9:6e:ad:f8:0d:b8:62:96:2d:ab:d8:0e:8e:70:
d9:be:c0:40:8a:3c:f1:ed:8d:0d:a3:41:05:d1:d6:
9d:10:08:42:44:87:bd:02:07:3d:3f:d2:72:ef:9a:
f2:1a:4f:13:70:c2:43:81:80:ef:bf:98:76:59:30:
0d:8d:4d:62:28:7b:ad:b0:ad:5e:f0:07:fb:f5:11:
e6:0c:9e:a7:17:5c:24:16:4c:87:13:03:72:03:f0:
0d:fb:ee:33:b5:0c:43:b3:f4:0c:c3:23:d1:f4:40:
16:59:f5:40:08:e2:9d:8a:5d:65:d0:1c:85:94:e2:
96:3f:d5:8c:84:fc:84:80:ad:4d:d0:5b:a7:e0:59:
53:2d:09:cd:12:f3:50:a2:d7:81:20:c7:18:75:a2:
fd:05:06:a1:43:4c:6b:2d:63:81:3f:04:2e:e8:52:
9d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:0A:67:23:28:E2:E9:CC:8D:D0:68:96:65:68:11:CB:E1:A4:3C:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:400::/38
Signature Algorithm: sha256WithRSAEncryption
12:61:5e:f2:f6:49:77:ad:44:8d:ec:a5:7f:12:49:a0:cf:a7:
8f:a5:a5:8a:06:d9:d8:19:83:08:85:86:55:f7:b3:05:f5:0c:
83:95:5c:ea:dd:a5:ff:17:7c:24:d5:9f:ba:58:12:8c:56:c6:
bd:81:91:e2:68:00:45:ad:f8:9b:b6:91:ab:3d:43:3f:c5:8a:
59:ac:73:55:92:32:e2:04:4d:2b:07:43:f2:ad:0e:6d:4a:55:
9b:64:6c:cd:3a:0c:bb:c2:f5:a6:6b:91:b7:3f:34:35:6e:24:
87:71:71:d6:ff:54:65:6b:fb:d2:8d:78:bb:ca:6a:1e:a9:70:
63:62:b8:79:cc:05:f9:a9:49:68:2f:83:e9:d0:6e:2d:d2:5b:
f2:af:ad:90:8c:17:c1:86:7f:77:f9:2f:2d:57:c4:34:9c:49:
8b:76:be:eb:16:45:48:8c:08:94:10:ef:93:1f:e5:e1:9f:d6:
61:d9:c9:12:60:aa:1f:a7:c2:89:eb:22:c2:68:09:40:57:a5:
db:9d:fd:31:94:0e:b4:2e:ab:c7:69:b8:7e:1f:10:0a:56:c2:
80:ab:ff:86:c9:c0:7c:dd:80:a1:6c:a8:a7:26:3e:e4:07:c2:
f5:be:3a:9b:0a:ba:d4:ca:58:6e:c5:ee:68:f5:57:08:7c:12:
65:7b:63:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCQoPrOUrj/LbFpdQuuB97RgjbWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzOWUwNzJkY2Y1ZDZiZDQ3N2E2Y2I5N2FlMzhhZTM1MTgzYzgwNWViZTdl
NDEyMzk3MjA2MzM5M2I4NTliOWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKptEAsLiyCV4j8YtYj6wVrKY39A64POapVmiFM/+/AKW5jsnSkX/9HtHXVd
QwwIJ1j21Uj2x9Li4QjYgEWzZv49DRlJt3eSqgt2A9dYZplY1R2zcdIR4vZzaslu
rfgNuGKWLavYDo5w2b7AQIo88e2NDaNBBdHWnRAIQkSHvQIHPT/Scu+a8hpPE3DC
Q4GA77+YdlkwDY1NYih7rbCtXvAH+/UR5gyepxdcJBZMhxMDcgPwDfvuM7UMQ7P0
DMMj0fRAFln1QAjinYpdZdAchZTilj/VjIT8hICtTdBbp+BZUy0JzRLzUKLXgSDH
GHWi/QUGoUNMay1jgT8ELuhSnVkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRoCmcj
KOLpzI3QaJZlaBHL4aQ85jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgyZTA5MWUtMjU5Zi00NGJkLWJiNjctYzVlMzZmYTY5NThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwE
MA0GCSqGSIb3DQEBCwUAA4IBAQASYV7y9kl3rUSN7KV/Ekmgz6ePpaWKBtnYGYMI
hYZV97MF9QyDlVzq3aX/F3wk1Z+6WBKMVsa9gZHiaABFrfibtpGrPUM/xYpZrHNV
kjLiBE0rB0PyrQ5tSlWbZGzNOgy7wvWma5G3PzQ1biSHcXHW/1Rla/vSjXi7ymoe
qXBjYrh5zAX5qUloL4Pp0G4t0lvyr62QjBfBhn93+S8tV8Q0nEmLdr7rFkVIjAiU
EO+TH+Xhn9Zh2ckSYKofp8KJ6yLCaAlAV6Xbnf0xlA60LqvHabh+HxAKVsKAq/+G
ycB83YChbKinJj7kB8L1vjqbCrrUylhuxe5o9VcIfBJle2Ok
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:36 2026 by rpki-client