Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
File: 76a60505-d74d-4741-a42e-97a09bb6b2a1.roa (raw, json)
Hash identifier: w8BJmca27ixDSNCSOOFOGx+9WqzQZWT1toQFbmpMQ8w=
Subject key identifier: 33:E3:22:A6:BD:8B:95:64:2D:6E:68:9E:3A:38:7A:D9:FE:C0:18:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32D4ACE91A37F3A9D5924FA693F1AA8C3773F6EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
Signing time: Sat 28 Feb 2026 06:01:13 +0000
ROA not before: Sat 28 Feb 2026 06:01:13 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:d4:ac:e9:1a:37:f3:a9:d5:92:4f:a6:93:f1:aa:8c:37:73:f6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:13 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=033cf27783fe7ed2cb102fc325e0e2228465a4b75fd24e5dbde36394797310a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:88:15:14:de:63:5c:eb:09:a5:44:27:94:b9:
12:f3:38:5b:e9:2a:2c:c2:fc:84:64:bd:88:8b:cd:
ae:6f:2c:a5:39:c9:5d:2f:a2:a9:bb:39:7c:90:64:
31:9a:7b:f1:16:b4:06:1f:d4:d5:23:f0:88:dc:d6:
fe:52:7c:f1:65:ef:46:f3:b6:c6:7c:a0:e8:26:b6:
be:cc:02:7e:5e:6a:26:ad:2a:a6:ad:4d:8a:60:8e:
00:58:0e:64:9c:4e:cc:bf:22:cd:bd:46:c5:10:cb:
72:38:59:f2:fe:97:27:b4:d3:20:1a:e7:9b:57:ff:
6a:6f:b1:9e:0c:7d:8f:36:7d:aa:8d:1b:3a:66:31:
aa:89:86:8c:a7:02:df:c0:83:02:48:b4:3d:0f:e6:
73:93:5a:70:15:73:d1:fc:59:3e:15:f6:65:b3:64:
bd:f5:27:5b:37:a6:a1:e5:68:e1:50:61:dd:35:ba:
31:68:b2:d7:8c:a4:9f:41:57:d8:ee:dc:63:dc:9f:
ad:f0:d0:1a:7d:e6:11:5b:11:3e:64:89:c1:59:ef:
34:a3:0b:8d:28:13:16:c7:45:d4:59:45:d9:a0:56:
76:d8:56:f6:54:e6:53:a2:4b:36:39:dc:9e:64:48:
3d:ba:5f:8f:3b:3d:3a:59:02:14:18:7f:e1:84:0d:
44:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E3:22:A6:BD:8B:95:64:2D:6E:68:9E:3A:38:7A:D9:FE:C0:18:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8080::/48
Signature Algorithm: sha256WithRSAEncryption
b0:9e:11:c2:bb:0e:af:db:b8:b8:30:c6:b2:a0:2c:3a:76:c7:
26:fa:ce:a7:16:4c:d4:36:69:27:86:2a:dc:72:2d:f3:99:69:
f3:be:27:40:f6:df:b5:60:9d:e5:fd:cf:3a:44:0c:5d:7d:2a:
48:f1:fb:7f:76:70:02:7b:53:14:cf:a1:e8:b5:5f:37:b1:3e:
d2:61:5a:c0:12:02:85:5d:b0:a5:b7:85:4a:0c:9b:0e:bd:23:
89:da:b0:11:fd:64:17:7e:cc:cb:1d:63:91:d1:68:06:81:c0:
4d:30:5e:bd:c5:18:b5:7e:c0:98:1e:a9:9e:83:6b:4c:e7:ea:
db:e5:87:69:68:8e:cb:49:36:29:a8:77:22:69:a5:51:d6:b0:
1f:1b:22:1f:2b:d1:39:4f:f7:fb:28:43:f2:b2:52:4d:68:18:
25:f2:a8:d1:06:ac:1d:03:2d:3d:78:4d:34:cd:0c:43:4a:ef:
64:56:50:d7:82:06:4a:3b:a6:ae:48:88:a6:4b:1f:45:6b:82:
0a:e4:fe:c3:4d:8a:e9:88:c8:a2:f8:3f:cf:d2:bf:c6:64:58:
89:e7:af:4a:dc:49:d2:4e:26:dc:8b:b4:96:97:4c:3e:32:23:
56:83:08:25:06:18:8b:17:6f:aa:a4:14:73:72:1d:71:d5:8b:
7a:45:50:a6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMtSs6Ro386nVkk+mk/GqjDdz9uwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzM2NmMjc3ODNmZTdlZDJjYjEwMmZjMzI1ZTBlMjIyODQ2NWE0Yjc1ZmQy
NGU1ZGJkZTM2Mzk0Nzk3MzEwYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOIFRTeY1zrCaVEJ5S5EvM4W+kqLML8hGS9iIvNrm8spTnJXS+iqbs5fJBk
MZp78Ra0Bh/U1SPwiNzW/lJ88WXvRvO2xnyg6Ca2vswCfl5qJq0qpq1NimCOAFgO
ZJxOzL8izb1GxRDLcjhZ8v6XJ7TTIBrnm1f/am+xngx9jzZ9qo0bOmYxqomGjKcC
38CDAki0PQ/mc5NacBVz0fxZPhX2ZbNkvfUnWzemoeVo4VBh3TW6MWiy14ykn0FX
2O7cY9yfrfDQGn3mEVsRPmSJwVnvNKMLjSgTFsdF1FlF2aBWdthW9lTmU6JLNjnc
nmRIPbpfjzs9OlkCFBh/4YQNRN8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQz4yKm
vYuVZC1uaJ46OHrZ/sAYYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhNjA1MDUtZDc0ZC00NzQxLWE0MmUtOTdhMDliYjZiMmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
gDANBgkqhkiG9w0BAQsFAAOCAQEAsJ4RwrsOr9u4uDDGsqAsOnbHJvrOpxZM1DZp
J4Yq3HIt85lp874nQPbftWCd5f3POkQMXX0qSPH7f3ZwAntTFM+h6LVfN7E+0mFa
wBIChV2wpbeFSgybDr0jidqwEf1kF37Myx1jkdFoBoHATTBevcUYtX7AmB6pnoNr
TOfq2+WHaWiOy0k2Kah3ImmlUdawHxsiHyvROU/3+yhD8rJSTWgYJfKo0QasHQMt
PXhNNM0MQ0rvZFZQ14IGSjumrkiIpksfRWuCCuT+w02K6YjIovg/z9K/xmRYieev
StxJ0k4m3Iu0lpdMPjIjVoMIJQYYixdvqqQUc3IdcdWLekVQpg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:55 2026 by rpki-client