Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
File: 90bd72ba-b30d-4433-a47e-e0543a4ea451.roa (raw, json)
Hash identifier: kN3VQmVEL/JezGGR4flZrmfHGpMxx8/LyxOm22Z5NAc=
Subject key identifier: ED:04:9F:AA:0C:8B:65:F9:A3:8B:E0:8F:9D:D4:4D:17:5A:02:F9:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16A97245192963F3A6C18DCF63F38039FE581F1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
Signing time: Sat 28 Feb 2026 05:40:46 +0000
ROA not before: Sat 28 Feb 2026 05:40:46 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:a9:72:45:19:29:63:f3:a6:c1:8d:cf:63:f3:80:39:fe:58:1f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:46 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=78d1a80d7f5ac64b6b20b03e65171fae594b19ff93746ced1aaf7b3a78531dda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dd:9f:c1:d4:72:f0:9d:f4:d3:75:91:10:47:
1b:6d:d0:c7:46:58:49:a8:3e:c5:00:d0:28:5b:e9:
e2:52:cf:f3:6a:6f:0d:be:f3:c2:d3:52:04:d6:b9:
e9:31:a8:67:f7:ae:c0:ce:b3:29:bf:32:29:9d:53:
10:e4:31:83:d6:94:c8:0f:84:13:d4:7f:7a:ff:da:
df:59:bc:0d:62:14:00:c9:8c:a0:36:fa:08:be:05:
e4:6e:cb:1b:35:59:47:fb:47:ce:25:ce:e8:07:dc:
8f:a7:9f:7c:e2:60:1e:f0:de:f1:14:31:70:1a:0f:
a6:00:02:6b:ce:c2:9f:07:bb:0a:e2:de:d1:ba:b2:
75:70:cb:fd:ab:b8:ea:5f:0d:fc:9a:7d:dd:b9:5e:
85:21:03:eb:78:87:d4:10:f1:22:5d:88:6c:46:be:
43:55:b1:f6:d8:a0:1e:d0:0e:0b:14:bb:1a:a7:fe:
0f:c6:f2:c1:f0:77:1c:67:bf:81:a1:fe:c6:c8:cf:
5a:71:be:b0:01:9c:cc:6e:9a:3e:7e:a2:24:d1:03:
3a:ee:35:7e:db:b2:33:a7:16:21:87:9e:4c:a5:38:
d5:71:99:a3:25:f2:bd:1a:e9:84:37:39:cf:8e:bc:
c4:0a:6f:08:48:85:d5:f6:be:2f:94:f0:3b:02:f4:
2b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:04:9F:AA:0C:8B:65:F9:A3:8B:E0:8F:9D:D4:4D:17:5A:02:F9:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:e000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:a8:fd:78:1b:b2:77:36:da:0c:71:ed:77:55:4c:da:36:53:
c9:f5:6f:c7:2a:d6:ce:8a:db:b4:b6:5c:9b:e9:9d:34:80:60:
23:f0:24:b8:fb:e1:55:31:dc:ef:ef:87:fe:cc:18:58:45:e3:
74:61:01:8b:02:f3:72:66:e0:da:b7:49:93:d8:b2:bf:86:53:
24:f1:56:e3:22:7c:4c:c0:69:04:ee:09:18:11:a0:9c:05:81:
cb:41:58:28:30:a6:11:2a:72:e7:f8:d2:d9:93:7c:1b:0e:51:
af:35:82:b7:0a:91:18:23:94:4e:ce:62:fa:25:1f:30:e0:e0:
bc:f0:e2:15:ec:6a:d2:23:6b:07:29:b0:74:c7:2c:e8:e2:53:
fb:d4:67:e7:46:8f:e4:7b:9b:58:e4:ad:09:e4:13:49:5c:4c:
10:09:6b:bf:49:6f:d5:de:87:bf:8c:e9:03:01:ca:5b:16:49:
ef:49:de:1d:d8:67:5f:fc:c7:6e:87:f3:cc:23:09:0b:a7:b2:
98:32:a6:5b:74:e9:28:2d:bf:f9:69:e2:6a:fc:a8:1f:f3:71:
36:6c:64:18:d6:d4:57:8c:5a:80:f5:f3:2a:42:ed:00:2b:7a:
39:10:14:0d:f7:0d:a9:60:3b:62:5f:c5:97:b5:11:90:ab:16:
f4:fa:8b:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFqlyRRkpY/OmwY3PY/OAOf5YHx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwNDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4ZDFhODBkN2Y1YWM2NGI2YjIwYjAzZTY1MTcxZmFlNTk0YjE5ZmY5Mzc0
NmNlZDFhYWY3YjNhNzg1MzFkZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrdn8HUcvCd9NN1kRBHG23Qx0ZYSag+xQDQKFvp4lLP82pvDb7zwtNSBNa5
6TGoZ/euwM6zKb8yKZ1TEOQxg9aUyA+EE9R/ev/a31m8DWIUAMmMoDb6CL4F5G7L
GzVZR/tHziXO6Afcj6effOJgHvDe8RQxcBoPpgACa87Cnwe7CuLe0bqydXDL/au4
6l8N/Jp93blehSED63iH1BDxIl2IbEa+Q1Wx9tigHtAOCxS7Gqf+D8bywfB3HGe/
gaH+xsjPWnG+sAGczG6aPn6iJNEDOu41ftuyM6cWIYeeTKU41XGZoyXyvRrphDc5
z468xApvCEiF1fa+L5TwOwL0K2cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtBJ+q
DItl+aOL4I+d1E0XWgL5PjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTBiZDcyYmEtYjMwZC00NDMzLWE0N2UtZTA1NDNhNGVhNDUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTg
MA0GCSqGSIb3DQEBCwUAA4IBAQC6qP14G7J3NtoMce13VUzaNlPJ9W/HKtbOitu0
tlyb6Z00gGAj8CS4++FVMdzv74f+zBhYReN0YQGLAvNyZuDat0mT2LK/hlMk8Vbj
InxMwGkE7gkYEaCcBYHLQVgoMKYRKnLn+NLZk3wbDlGvNYK3CpEYI5ROzmL6JR8w
4OC88OIV7GrSI2sHKbB0xyzo4lP71GfnRo/ke5tY5K0J5BNJXEwQCWu/SW/V3oe/
jOkDAcpbFknvSd4d2Gdf/Mduh/PMIwkLp7KYMqZbdOkoLb/5aeJq/Kgf83E2bGQY
1tRXjFqA9fMqQu0AK3o5EBQN9w2pYDtiX8WXtRGQqxb0+ose
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:11:15 2026 by rpki-client