Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
File: 67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa (raw, json)
Hash identifier: tUjDI77Q7JvqhhgLLqZ9l5Op0MZxzQbZsEsohqagVbc=
Subject key identifier: F8:AC:31:2D:F3:C7:2C:00:A4:9B:BA:83:58:09:13:0C:36:C7:97:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1602095A97E49C118DEB2F293A8765B93EAE64CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
Signing time: Fri 20 Feb 2026 01:50:05 +0000
ROA not before: Fri 20 Feb 2026 01:50:05 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:02:09:5a:97:e4:9c:11:8d:eb:2f:29:3a:87:65:b9:3e:ae:64:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:05 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=5bf76ffa769ce8027170b7f77f886cbfc05546005ed737f63ff62e5d4757f718, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:db:49:49:19:ba:e0:97:30:24:48:ec:4d:cb:
34:10:a4:ea:c2:24:a3:8f:d2:8f:ed:1a:57:46:50:
c5:39:6a:36:ba:5f:f9:1f:4f:9c:a4:42:96:78:54:
17:b9:c4:07:c1:ab:9f:8b:4f:6d:06:5f:4b:7d:8d:
48:98:f5:d9:9e:7f:88:27:5e:c8:f0:a1:ce:b1:22:
15:b0:26:07:36:33:bb:82:70:7d:f7:5c:8f:7c:20:
5f:be:c4:b3:53:bf:51:6b:4a:93:36:80:36:2a:15:
04:83:ad:d1:c3:da:92:c3:a2:18:77:6f:4a:6d:14:
c1:43:ec:88:78:20:88:bd:ca:fc:a6:17:0c:7b:04:
2a:b8:3a:40:52:73:b2:f6:69:fd:5a:b0:68:2c:5e:
54:df:e4:4f:7f:a6:6a:74:0f:cf:64:51:7f:0c:4a:
9e:d5:31:71:c9:7d:a4:bd:67:29:31:56:18:cc:39:
99:91:8d:64:b7:85:35:29:24:f0:8b:a5:37:22:87:
c9:30:b0:87:b7:0d:b8:ee:8c:c0:a8:d4:1f:96:fa:
67:c5:7f:2e:5d:45:4c:84:96:c2:50:6e:8f:b2:9c:
8f:87:26:29:cd:5d:31:66:a2:7f:2a:35:f5:cf:94:
50:8c:32:81:58:52:b0:a0:01:d1:a8:d7:49:b6:46:
ee:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AC:31:2D:F3:C7:2C:00:A4:9B:BA:83:58:09:13:0C:36:C7:97:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:5d:6a:93:8d:54:b2:e7:ae:28:c8:4d:98:33:4c:a4:97:14:
dc:d0:8f:05:94:ae:71:4d:ba:a7:fa:c8:02:8e:c4:7f:c6:e2:
d0:5d:17:e3:7d:fa:dd:30:3f:17:d8:af:a3:4b:3c:88:47:24:
aa:dd:bf:72:99:9e:a1:46:37:19:2e:4c:80:34:8b:b8:48:83:
c6:5f:55:1d:30:ce:71:23:72:0a:38:2e:01:e0:5c:8c:fd:3f:
7f:d5:cd:1b:0f:cc:62:52:b8:72:89:72:8f:8e:56:ca:74:5d:
f8:a0:5e:e2:ec:8e:02:64:26:0f:63:a6:70:73:7c:ac:9a:84:
82:e1:18:a8:62:fe:68:b2:02:07:5a:37:82:c4:fc:0a:4d:c9:
1b:d1:46:1b:5e:10:3e:39:9b:10:3d:02:c5:dd:5f:84:e0:b4:
1e:27:d1:0b:55:87:22:ec:9c:1e:13:42:ab:9e:27:92:df:77:
a0:f9:4f:a9:00:f0:8e:83:56:d7:60:16:37:0b:d5:8c:ac:5f:
91:b1:89:06:33:c1:71:01:8b:51:35:3a:45:d5:8b:c2:79:38:
ac:10:bf:8e:0a:ee:ea:42:e3:be:b9:6e:ff:36:61:a7:41:54:
6d:4a:b0:66:16:e3:91:7b:7b:ee:8a:25:b2:0b:ce:e3:4b:47:
02:93:fb:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFgIJWpfknBGN6y8pOodluT6uZMwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMDVaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDViZjc2ZmZhNzY5Y2U4MDI3MTcwYjdmNzdmODg2Y2JmYzA1NTQ2MDA1ZWQ3
MzdmNjNmZjYyZTVkNDc1N2Y3MTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXbSUkZuuCXMCRI7E3LNBCk6sIko4/Sj+0aV0ZQxTlqNrpf+R9PnKRClnhU
F7nEB8Grn4tPbQZfS32NSJj12Z5/iCdeyPChzrEiFbAmBzYzu4Jwffdcj3wgX77E
s1O/UWtKkzaANioVBIOt0cPaksOiGHdvSm0UwUPsiHggiL3K/KYXDHsEKrg6QFJz
svZp/VqwaCxeVN/kT3+manQPz2RRfwxKntUxccl9pL1nKTFWGMw5mZGNZLeFNSkk
8IulNyKHyTCwh7cNuO6MwKjUH5b6Z8V/Ll1FTISWwlBuj7Kcj4cmKc1dMWaifyo1
9c+UUIwygVhSsKAB0ajXSbZG7hECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4rDEt
88csAKSbuoNYCRMMNseXpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjdhOTE5MTAtYTU3Yy00YTA0LThkN2ItNDA0YmNkNWZlY2YyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQChXWqTjVSy564oyE2YM0yklxTc0I8FlK5xTbqn
+sgCjsR/xuLQXRfjffrdMD8X2K+jSzyIRySq3b9ymZ6hRjcZLkyANIu4SIPGX1Ud
MM5xI3IKOC4B4FyM/T9/1c0bD8xiUrhyiXKPjlbKdF34oF7i7I4CZCYPY6Zwc3ys
moSC4RioYv5osgIHWjeCxPwKTckb0UYbXhA+OZsQPQLF3V+E4LQeJ9ELVYci7Jwe
E0KrnieS33eg+U+pAPCOg1bXYBY3C9WMrF+RsYkGM8FxAYtRNTpF1YvCeTisEL+O
Cu7qQuO+uW7/NmGnQVRtSrBmFuORe3vuiiWyC87jS0cCk/vN
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:28 2026 by rpki-client