Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
File: 739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa (raw, json)
Hash identifier: ThWZG/JWbkA+hyn2GofFHzglMX4HeqoowSm73q6qWG4=
Subject key identifier: 98:A3:D2:6B:4B:7D:A6:83:AC:BF:7A:5C:6F:65:16:C2:17:DF:C9:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FCEDB6AB648266A23067032CC175206F099B3AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
Signing time: Sat 28 Feb 2026 06:30:11 +0000
ROA not before: Sat 28 Feb 2026 06:30:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:ce:db:6a:b6:48:26:6a:23:06:70:32:cc:17:52:06:f0:99:b3:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:30:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2ab24ee776f05eb085c2ac05108e8080ac653b05b64c5c9c5a9540b8f4f7d8b4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:98:bc:8f:67:77:d6:12:8e:84:89:ac:4a:af:
66:4b:be:07:b5:94:f3:c8:7a:58:fe:a8:c6:a7:6b:
9a:92:af:33:53:f4:0d:d9:86:13:38:54:30:47:fd:
6a:06:40:76:67:50:ae:28:f6:6c:97:cd:9a:35:2a:
da:7e:78:b2:48:dc:3e:1c:99:a5:a0:10:b2:a8:10:
83:5b:d1:fd:ca:81:83:aa:a2:e9:45:de:64:b9:e4:
4c:1c:9c:33:50:62:f9:0c:c4:b9:c7:da:27:cc:58:
e4:f0:6a:02:aa:77:06:60:b5:70:cf:40:15:e4:6d:
80:1f:d1:a0:67:35:a0:66:d1:05:d1:c1:d3:cd:7a:
32:32:df:71:01:f3:10:36:61:69:6a:a8:f0:ea:b4:
02:b5:bc:67:aa:13:37:28:cd:7c:5c:9a:1c:b3:6b:
05:6d:aa:b7:d3:ec:e5:eb:b4:0b:5e:a5:b4:53:c9:
9d:99:26:8b:46:c5:90:a6:df:36:20:ea:50:7a:43:
32:d1:35:74:9a:4e:02:7d:67:37:51:b9:66:51:99:
c7:ea:10:19:d8:4e:0e:f5:a2:6b:3f:d0:30:82:dd:
b9:72:41:47:50:83:4b:91:4d:86:f6:e3:7d:68:54:
30:19:d8:9d:b9:8b:f9:1e:43:aa:0a:05:a6:fc:28:
38:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A3:D2:6B:4B:7D:A6:83:AC:BF:7A:5C:6F:65:16:C2:17:DF:C9:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:9000::/40
Signature Algorithm: sha256WithRSAEncryption
9b:d0:aa:39:83:35:b5:db:fa:e1:84:2c:66:01:70:9d:4d:8a:
66:cf:51:f1:8b:02:5a:30:7b:7c:e6:c0:b9:65:80:92:1f:a1:
3b:cc:48:7a:61:a8:ce:ff:6a:40:78:53:02:98:74:d2:2c:c5:
99:9e:22:35:fc:41:02:df:15:41:b6:26:9a:ca:91:fb:62:b4:
41:bf:ed:3b:df:8d:89:1b:d4:c6:a1:3d:e1:d8:20:08:65:c6:
ea:aa:b6:56:93:26:8d:85:a7:d8:ee:a3:0e:92:d8:5a:af:7c:
2e:a2:af:89:aa:58:34:21:aa:b9:a5:a0:77:24:45:aa:09:0f:
a4:c7:65:61:c3:a7:36:ea:c8:6c:bc:27:74:60:63:26:a4:ca:
d7:ba:ee:ad:dc:65:1f:8b:ba:36:ec:1d:ca:79:aa:7e:cd:38:
35:0e:ed:ac:2f:65:97:90:3c:46:5a:e8:03:4e:f3:30:01:43:
b6:29:d1:b2:5a:2e:a9:c4:a8:5f:bc:d8:47:8a:cb:0d:51:f6:
58:c3:8e:4e:37:54:5e:19:10:ac:f7:b4:9e:f9:75:69:4a:c4:
22:67:e2:32:bf:b7:5d:5f:9f:89:22:89:24:77:17:4a:79:7b:
1b:24:20:b4:8c:fb:ea:02:09:df:c3:d9:98:34:65:e8:38:f2:
bf:0e:cd:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL87barZIJmojBnAyzBdSBvCZs64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjMwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhYjI0ZWU3NzZmMDVlYjA4NWMyYWMwNTEwOGU4MDgwYWM2NTNiMDViNjRj
NWM5YzVhOTU0MGI4ZjRmN2Q4YjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6YvI9nd9YSjoSJrEqvZku+B7WU88h6WP6oxqdrmpKvM1P0DdmGEzhUMEf9
agZAdmdQrij2bJfNmjUq2n54skjcPhyZpaAQsqgQg1vR/cqBg6qi6UXeZLnkTByc
M1Bi+QzEucfaJ8xY5PBqAqp3BmC1cM9AFeRtgB/RoGc1oGbRBdHB0816MjLfcQHz
EDZhaWqo8Oq0ArW8Z6oTNyjNfFyaHLNrBW2qt9Ps5eu0C16ltFPJnZkmi0bFkKbf
NiDqUHpDMtE1dJpOAn1nN1G5ZlGZx+oQGdhODvWiaz/QMILduXJBR1CDS5FNhvbj
fWhUMBnYnbmL+R5DqgoFpvwoOI0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSYo9Jr
S32mg6y/elxvZRbCF9/JMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM5ZDhiMDgtZjgyYi00YTJhLTg0MWMtMmZhZjdhMzMxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCb0Ko5gzW12/rhhCxmAXCdTYpmz1HxiwJaMHt8
5sC5ZYCSH6E7zEh6YajO/2pAeFMCmHTSLMWZniI1/EEC3xVBtiaaypH7YrRBv+07
342JG9TGoT3h2CAIZcbqqrZWkyaNhafY7qMOkthar3wuoq+Jqlg0Iaq5paB3JEWq
CQ+kx2Vhw6c26shsvCd0YGMmpMrXuu6t3GUfi7o27B3Keap+zTg1Du2sL2WXkDxG
WugDTvMwAUO2KdGyWi6pxKhfvNhHissNUfZYw45ON1ReGRCs97Se+XVpSsQiZ+Iy
v7ddX5+JIokkdxdKeXsbJCC0jPvqAgnfw9mYNGXoOPK/Ds1r
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:16 2026 by rpki-client