Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
File: 2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa (raw, json)
Hash identifier: ycol8WslT/ZRbJ8B4YnU6Twjk7QiyZJ3BAfteWg8yoU=
Subject key identifier: 99:DC:65:F1:03:20:FE:36:16:D4:C4:1C:0D:DC:99:F9:9E:5E:FD:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BA5B09CAA6158A9753D7D07D616B5164254D9AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
Signing time: Sat 28 Feb 2026 06:00:03 +0000
ROA not before: Sat 28 Feb 2026 06:00:03 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:a5:b0:9c:aa:61:58:a9:75:3d:7d:07:d6:16:b5:16:42:54:d9:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:03 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=cab13176be6a414c38ca39e106bff3d1e62249a0d13a4c79ba299314d49b0223, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6e:aa:ad:16:07:82:1f:69:b0:cb:b9:50:cf:
e0:b8:ad:6c:ad:4b:e6:1c:b8:49:9c:47:7a:05:95:
0f:46:fd:6e:1d:5d:68:7c:d0:41:69:a6:01:74:0d:
36:01:95:ad:71:ed:f5:aa:bb:9f:e0:f7:73:70:b6:
e6:31:67:fe:5b:88:d3:1c:b1:2c:eb:45:e9:b5:e1:
d2:f4:94:f2:16:93:5f:6e:26:d1:bf:a8:78:09:53:
a4:4a:b0:e8:02:8d:33:c1:c8:a7:33:da:d6:1d:fa:
1e:05:92:af:c3:b7:22:0e:a3:bf:a3:3d:12:30:32:
45:f1:f5:5d:12:c3:4b:3f:82:a4:65:bc:33:87:3e:
96:fe:3f:e0:60:34:c5:a2:24:3c:9f:51:c2:5a:0f:
01:cb:cc:56:2e:fb:fa:13:40:3e:27:0a:4e:8f:60:
e5:34:84:e9:bf:72:7c:67:12:1c:cb:0a:bd:85:21:
b0:9b:d5:37:26:c0:80:6d:3c:d2:c4:33:51:9a:b1:
eb:9b:28:69:48:93:bc:6e:05:36:5f:3b:cf:5e:f9:
40:f4:c3:61:c4:3c:da:63:56:b9:7f:23:54:2a:46:
15:4a:a4:66:74:41:c3:98:cf:5a:e0:f0:bb:f5:50:
e1:85:32:37:d4:68:de:16:a0:a8:2f:8a:80:82:6a:
c4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DC:65:F1:03:20:FE:36:16:D4:C4:1C:0D:DC:99:F9:9E:5E:FD:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1080::/48
Signature Algorithm: sha256WithRSAEncryption
86:de:5c:a3:ed:3a:38:42:e9:d7:4c:8f:b3:28:a8:68:d7:7e:
9a:48:95:61:e2:60:73:54:52:e7:c4:f9:32:97:0a:87:d5:a2:
ff:ef:a0:c6:44:de:92:b2:64:b2:25:b6:c4:09:f5:5c:7a:d1:
e2:ec:68:98:73:48:9b:5b:22:ee:ef:72:0d:5c:03:53:f7:2a:
80:6f:56:27:e3:e5:98:b9:16:8b:35:e7:d6:1b:0e:f2:33:ae:
b2:fb:30:e3:b8:56:13:ae:b1:46:37:ec:3e:01:69:af:82:45:
69:54:51:04:63:81:b1:93:91:30:1c:62:77:30:51:a7:4a:da:
f7:b2:d2:a1:d9:aa:29:fd:35:23:9a:06:1d:d2:ff:c3:44:45:
6c:12:70:1a:d0:d3:5b:b8:33:da:62:9b:8e:8a:ae:61:bf:ac:
57:70:85:43:d5:ef:3b:82:8d:f5:0d:22:8b:cc:90:f3:28:29:
a5:b4:a5:fb:63:4c:28:46:df:e7:c2:c0:a7:55:9b:f2:bc:90:
f1:80:ca:42:97:ae:cd:4c:d2:7f:1f:91:cf:d4:16:f0:19:a6:
29:50:f8:63:c1:25:97:8f:39:d0:5c:e9:7d:c2:c3:08:83:21:
fc:60:8a:5f:e0:11:cd:30:50:7e:b1:e7:78:73:4f:ec:89:3f:
61:0d:d4:40
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUK6WwnKphWKl1PX0H1ha1FkJU2aowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwMDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhYjEzMTc2YmU2YTQxNGMzOGNhMzllMTA2YmZmM2QxZTYyMjQ5YTBkMTNh
NGM3OWJhMjk5MzE0ZDQ5YjAyMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5uqq0WB4IfabDLuVDP4LitbK1L5hy4SZxHegWVD0b9bh1daHzQQWmmAXQN
NgGVrXHt9aq7n+D3c3C25jFn/luI0xyxLOtF6bXh0vSU8haTX24m0b+oeAlTpEqw
6AKNM8HIpzPa1h36HgWSr8O3Ig6jv6M9EjAyRfH1XRLDSz+CpGW8M4c+lv4/4GA0
xaIkPJ9RwloPAcvMVi77+hNAPicKTo9g5TSE6b9yfGcSHMsKvYUhsJvVNybAgG08
0sQzUZqx65soaUiTvG4FNl87z175QPTDYcQ82mNWuX8jVCpGFUqkZnRBw5jPWuDw
u/VQ4YUyN9Ro3hagqC+KgIJqxDUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSZ3GXx
AyD+NhbUxBwN3Jn5nl79vDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmE5M2JkYzItODIzYy00MTZhLWFjNDAtNmY2YzgyM2JjZWY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAht5co+06OELp10yPsyioaNd+mkiVYeJgc1RS
58T5MpcKh9Wi/++gxkTekrJksiW2xAn1XHrR4uxomHNIm1si7u9yDVwDU/cqgG9W
J+PlmLkWizXn1hsO8jOusvsw47hWE66xRjfsPgFpr4JFaVRRBGOBsZORMBxidzBR
p0ra97LSodmqKf01I5oGHdL/w0RFbBJwGtDTW7gz2mKbjoquYb+sV3CFQ9XvO4KN
9Q0ii8yQ8ygppbSl+2NMKEbf58LAp1Wb8ryQ8YDKQpeuzUzSfx+Rz9QW8BmmKVD4
Y8Ell4850FzpfcLDCIMh/GCKX+ARzTBQfrHneHNP7Ik/YQ3UQA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:19:07 2026 by rpki-client