Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
File: 3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa (raw, json)
Hash identifier: 2CvUjAfO59lP40qcudmJp2an1u2HUFt7fyIcEJgpi5M=
Subject key identifier: 16:31:3D:59:42:B3:31:B1:00:83:F9:4C:73:7A:B4:29:14:A6:F9:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6438BBE147A057A892D201E380557BEE7284A708
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
Signing time: Fri 06 Feb 2026 00:40:11 +0000
ROA not before: Fri 06 Feb 2026 00:40:11 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:38:bb:e1:47:a0:57:a8:92:d2:01:e3:80:55:7b:ee:72:84:a7:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:40:11 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=93327f7f2971feafbf21b38f95ece08b90311332b04af9aa25d029a4a7e8a4b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ea:84:c2:ad:0b:e9:f6:5d:d1:20:be:14:da:
7c:6e:09:06:51:e3:02:68:18:9f:58:fd:19:fc:1c:
f3:d8:cf:2f:46:b2:61:10:76:34:9d:b4:82:73:55:
4a:58:03:d2:19:23:16:33:13:ca:29:72:91:2e:31:
02:e1:b0:cd:1d:59:40:f9:8c:20:5d:f9:98:13:6d:
ba:3a:b3:fb:f3:e5:74:85:5a:bc:a1:25:18:47:7d:
a7:32:7d:08:f1:7e:af:b8:99:17:56:30:c3:86:01:
e8:56:7a:f8:06:d7:9c:19:52:b3:72:39:fa:5f:75:
89:44:f8:b3:70:d2:7f:42:d8:fd:d5:b6:d2:25:27:
12:ce:40:2c:2b:f2:5d:97:9b:4b:6a:e2:13:8b:e9:
06:8a:8c:dc:f2:62:4a:a6:9b:0a:58:c3:54:7c:df:
54:c9:5d:d3:e5:9e:89:96:a0:e3:d2:de:ef:b3:ac:
2b:70:bb:14:1f:41:87:97:e1:64:4b:a4:84:17:1c:
81:60:29:64:4e:15:86:21:6d:99:e8:ac:8c:1d:f8:
3d:e7:90:28:85:5b:8e:bd:12:39:b9:98:53:cd:aa:
4c:c4:d8:77:14:32:34:86:b8:13:dd:8f:a7:f6:66:
eb:17:78:5e:92:a3:87:93:ea:c2:1a:af:81:6e:71:
43:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:31:3D:59:42:B3:31:B1:00:83:F9:4C:73:7A:B4:29:14:A6:F9:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020::/28
Signature Algorithm: sha256WithRSAEncryption
18:3a:1b:6c:52:3f:53:85:09:22:6d:3a:f7:3b:5a:da:9b:07:
1a:0a:dc:63:5c:73:8b:bf:22:96:5b:8b:2d:84:2f:d9:df:40:
9e:9e:70:f2:c2:c9:ad:86:86:b6:fb:e7:ea:9e:29:2d:9e:b0:
41:ad:e5:23:df:26:e5:b0:cf:45:03:d4:fa:51:e9:41:01:46:
e3:cc:ce:7a:3e:cf:cc:2b:f9:25:fe:07:3a:fc:59:2e:03:5a:
31:20:bc:97:8d:dd:d5:52:34:0a:82:d5:f1:f2:a8:d3:89:1e:
38:3c:63:96:a0:65:ae:b0:48:0d:a6:f6:0f:5a:59:78:f9:c9:
4e:c9:0c:72:7e:44:0c:0e:ab:a9:5a:e5:ee:30:72:d1:cf:4e:
38:d3:2a:5d:30:61:dc:3a:81:b4:06:c7:5f:f1:00:bf:30:23:
6d:80:8b:90:7e:04:7f:2a:10:a9:cc:06:35:33:d9:e3:e7:8a:
f3:b1:64:5f:49:4a:00:9e:4b:1f:b2:e8:7a:08:3a:7e:f6:18:
24:b9:7b:e0:af:69:94:cc:23:e7:d8:39:4e:03:32:63:13:ac:
f9:66:7e:cb:a6:01:98:a6:01:dd:39:54:18:ff:f7:e3:37:a3:
07:92:eb:84:c9:31:13:0f:f5:3d:1f:6c:e9:1e:f6:da:5d:63:
9c:a6:2a:7a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUZDi74UegV6iS0gHjgFV77nKEpwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDQwMTFaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzMzI3ZjdmMjk3MWZlYWZiZjIxYjM4Zjk1ZWNlMDhiOTAzMTEzMzJiMDRh
ZjlhYTI1ZDAyOWE0YTdlOGE0YjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvqhMKtC+n2XdEgvhTafG4JBlHjAmgYn1j9Gfwc89jPL0ayYRB2NJ20gnNV
SlgD0hkjFjMTyilykS4xAuGwzR1ZQPmMIF35mBNtujqz+/PldIVavKElGEd9pzJ9
CPF+r7iZF1Yww4YB6FZ6+AbXnBlSs3I5+l91iUT4s3DSf0LY/dW20iUnEs5ALCvy
XZebS2riE4vpBoqM3PJiSqabCljDVHzfVMld0+WeiZag49Le77OsK3C7FB9Bh5fh
ZEukhBccgWApZE4VhiFtmeisjB34PeeQKIVbjr0SObmYU82qTMTYdxQyNIa4E92P
p/Zm6xd4XpKjh5PqwhqvgW5xQ1ECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQWMT1Z
QrMxsQCD+UxzerQpFKb5+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEzNmEzMjItZjlkNC00Yzc3LWI0OGItM2E0YTViMmQzZDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0CAw
DQYJKoZIhvcNAQELBQADggEBABg6G2xSP1OFCSJtOvc7WtqbBxoK3GNcc4u/IpZb
iy2EL9nfQJ6ecPLCya2Ghrb75+qeKS2esEGt5SPfJuWwz0UD1PpR6UEBRuPMzno+
z8wr+SX+Bzr8WS4DWjEgvJeN3dVSNAqC1fHyqNOJHjg8Y5agZa6wSA2m9g9aWXj5
yU7JDHJ+RAwOq6la5e4wctHPTjjTKl0wYdw6gbQGx1/xAL8wI22Ai5B+BH8qEKnM
BjUz2ePnivOxZF9JSgCeSx+y6HoIOn72GCS5e+CvaZTMI+fYOU4DMmMTrPlmfsum
AZimAd05VBj/9+M3oweS64TJMRMP9T0fbOke9tpdY5ymKno=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:09 2026 by rpki-client