Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
File: 631196a4-90f5-4760-982e-15fbaf4805ec.roa (raw, json)
Hash identifier: wAiNZEirkx8Xmlc722WdGEIJRYIa/231WrTdDGHb5W8=
Subject key identifier: 32:E3:B8:D2:C7:D3:AA:16:46:7B:17:30:6D:04:3E:99:BB:AA:F8:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B2EBEC453E88D1B661A56FFBEDBC57A26FAAE32
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
Signing time: Thu 26 Feb 2026 02:00:15 +0000
ROA not before: Thu 26 Feb 2026 02:00:15 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:2e:be:c4:53:e8:8d:1b:66:1a:56:ff:be:db:c5:7a:26:fa:ae:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:00:15 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=a1697228a8ed45d500168327c14373a31501bbd6662364b2a5666a488c385d3c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2c:33:dd:b8:36:e4:d0:eb:5b:df:65:43:09:
93:0e:15:44:c4:67:19:bc:d7:0d:2a:08:3b:ab:a5:
4e:c3:bd:85:8c:60:45:9a:7c:8c:8b:61:cc:11:2e:
cb:e5:85:05:47:c3:33:d8:5c:13:68:49:3d:7c:e5:
d5:bc:f6:92:4a:03:b2:a6:00:33:1c:30:13:9d:f9:
75:8a:17:f1:9e:6d:ed:54:0b:db:5e:8d:9b:64:17:
4b:4a:ab:d8:03:fa:39:ca:0e:f1:c6:b5:af:96:dc:
43:3e:87:76:32:d8:08:f3:98:e2:5d:8d:26:bb:7b:
4a:93:00:b5:a1:4c:10:0e:5e:90:55:75:30:50:8d:
07:78:2a:38:14:dd:4c:ee:16:64:14:c0:83:76:23:
39:70:86:81:f8:1c:bc:d0:6d:73:66:5d:6d:9c:58:
fb:fb:05:ae:c1:b8:4f:49:7c:59:45:25:8c:d1:d2:
01:69:f3:1c:af:58:b3:c1:9d:a5:2e:56:b4:e5:f4:
37:65:2a:1d:6b:16:6f:5c:25:0b:2b:90:e5:88:fd:
56:0a:f7:c2:2e:f4:e2:24:33:71:d6:c4:5f:15:6d:
97:d7:ba:85:e2:f8:2c:72:ac:43:49:d5:bc:e6:0c:
27:94:ca:78:e5:6e:90:cf:f1:33:46:50:01:f1:80:
06:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E3:B8:D2:C7:D3:AA:16:46:7B:17:30:6D:04:3E:99:BB:AA:F8:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020:8000::/36
Signature Algorithm: sha256WithRSAEncryption
40:ec:99:e9:20:c8:95:bf:5d:6e:e0:04:e1:50:c4:74:f4:54:
63:57:18:d5:57:b6:b8:ef:5b:46:71:b3:02:0b:5d:31:3e:05:
73:45:5b:3d:9f:ba:2b:92:f9:fd:4b:49:e5:b0:bc:48:12:2f:
fb:26:8e:d6:70:44:c3:aa:e6:f6:7b:30:7c:23:3c:16:c4:2c:
b2:95:36:e6:31:ce:01:8c:e4:12:35:87:65:8a:32:fb:ba:55:
e1:a0:cf:dd:61:02:c5:b4:ad:43:04:bf:6f:63:44:f8:ec:4b:
88:1b:06:04:43:51:32:89:9b:30:f3:b9:6c:42:da:8f:53:f4:
06:58:82:e6:4b:86:67:a4:07:0a:37:fe:c5:25:d6:a1:8c:be:
8c:b3:eb:66:f6:4f:0a:4f:97:0c:b6:7d:0f:4c:cc:1d:c6:0b:
99:e5:24:36:ce:28:af:54:92:f7:ec:e7:76:76:73:e9:fb:36:
31:cf:32:ad:d4:b6:19:86:4c:fa:26:0b:38:f5:9a:4e:89:15:
03:be:86:b0:e5:64:e7:ef:1b:ef:34:b4:4e:9e:26:54:b2:9a:
90:7c:0a:b9:8a:f6:a4:0e:64:5e:30:16:26:f4:8a:8f:49:f4:
cf:5e:b7:01:e0:dd:6b:8c:71:76:ae:91:e0:ad:fd:7a:5b:68:
6d:75:27:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCy6+xFPojRtmGlb/vtvFeib6rjIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjAwMTVaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGExNjk3MjI4YThlZDQ1ZDUwMDE2ODMyN2MxNDM3M2EzMTUwMWJiZDY2NjIz
NjRiMmE1NjY2YTQ4OGMzODVkM2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMsM924NuTQ61vfZUMJkw4VRMRnGbzXDSoIO6ulTsO9hYxgRZp8jIthzBEu
y+WFBUfDM9hcE2hJPXzl1bz2kkoDsqYAMxwwE535dYoX8Z5t7VQL216Nm2QXS0qr
2AP6OcoO8ca1r5bcQz6HdjLYCPOY4l2NJrt7SpMAtaFMEA5ekFV1MFCNB3gqOBTd
TO4WZBTAg3YjOXCGgfgcvNBtc2ZdbZxY+/sFrsG4T0l8WUUljNHSAWnzHK9Ys8Gd
pS5WtOX0N2UqHWsWb1wlCyuQ5Yj9Vgr3wi704iQzcdbEXxVtl9e6heL4LHKsQ0nV
vOYMJ5TKeOVukM/xM0ZQAfGABs8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQy47jS
x9OqFkZ7FzBtBD6Zu6r4tzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjMxMTk2YTQtOTBmNS00NzYwLTk4MmUtMTVmYmFmNDgwNWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBA7JnpIMiVv11u4AThUMR09FRjVxjVV7a471tG
cbMCC10xPgVzRVs9n7orkvn9S0nlsLxIEi/7Jo7WcETDqub2ezB8IzwWxCyylTbm
Mc4BjOQSNYdlijL7ulXhoM/dYQLFtK1DBL9vY0T47EuIGwYEQ1EyiZsw87lsQtqP
U/QGWILmS4ZnpAcKN/7FJdahjL6Ms+tm9k8KT5cMtn0PTMwdxguZ5SQ2ziivVJL3
7Od2dnPp+zYxzzKt1LYZhkz6Jgs49ZpOiRUDvoaw5WTn7xvvNLROniZUspqQfAq5
ivakDmReMBYm9IqPSfTPXrcB4N1rjHF2rpHgrf16W2htdScv
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:32:08 2026 by rpki-client