Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
File: 91473fe5-f129-48d9-8d23-63d62cec663a.roa (raw, json)
Hash identifier: mHLHgNW2bipv+xmyhblZMuUoRTJWoRi+qGesW64R5/o=
Subject key identifier: F6:85:0B:59:E5:F1:5F:08:1C:89:47:BF:C4:1D:79:A0:DF:71:27:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AB97E61594C9B241E361E23AC72D566711A153F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
Signing time: Thu 26 Feb 2026 02:10:12 +0000
ROA not before: Thu 26 Feb 2026 02:10:12 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:b9:7e:61:59:4c:9b:24:1e:36:1e:23:ac:72:d5:66:71:1a:15:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:10:12 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=e98324c863ea6d43fd511c594fa5f9e82f8b80d7039369d6a2f507b11c2ac4f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:83:18:6a:61:7b:73:b3:45:a1:ae:60:49:c2:
5a:e1:2e:19:23:fd:6a:f5:62:8a:b5:0a:39:40:c5:
99:46:01:77:f9:4c:b4:8e:8f:51:51:93:29:3c:5a:
10:c9:aa:69:ea:1e:b6:73:00:99:49:2d:1b:0d:47:
63:53:c8:df:25:33:8f:ac:44:e0:69:24:d9:db:57:
54:48:d8:b7:d8:02:1f:b4:fb:0d:80:9e:5c:44:ba:
88:dd:bd:46:59:e1:9b:24:ab:1f:6f:08:88:7d:6e:
25:1a:9d:69:aa:90:52:25:a2:cd:89:82:ff:a9:a2:
1c:78:7d:3c:e5:96:2d:12:00:8f:a0:84:44:db:da:
16:fa:04:f4:6b:2a:a0:af:58:fb:2c:68:57:ae:7b:
a0:5d:5b:75:95:57:e0:21:9c:ab:bd:67:84:6d:cf:
ef:2d:c1:89:af:b4:9a:e6:cf:2c:48:c8:c8:37:f4:
6f:09:40:13:5d:b2:8a:98:64:65:cf:3f:8c:6d:0e:
3f:be:8d:14:da:81:fc:9b:3e:69:4b:8b:a4:b1:1c:
13:62:ed:21:7b:c1:c4:87:54:d3:65:3b:ac:ab:98:
1b:34:c5:29:56:dc:49:7f:c7:12:43:1d:74:bb:30:
71:84:19:51:fa:7c:fc:f1:d9:58:08:65:e8:9b:17:
fd:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:85:0B:59:E5:F1:5F:08:1C:89:47:BF:C4:1D:79:A0:DF:71:27:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:840::/48
Signature Algorithm: sha256WithRSAEncryption
77:79:ec:3f:1b:1c:32:3a:2c:b8:28:db:98:98:56:e2:3c:61:
8c:3c:60:6e:9a:4d:97:f8:11:65:a1:7c:6b:e4:e1:49:bc:67:
fc:90:6a:be:3a:ae:41:b0:99:ff:36:ec:a0:62:45:47:97:4c:
3d:fa:1e:51:e6:2d:49:3b:be:d4:fd:7c:2d:9e:f9:19:de:63:
7f:58:58:21:10:84:d2:61:7d:8e:a2:f9:09:93:e8:cb:c5:b9:
85:49:83:ad:48:3b:99:4f:48:11:d4:e4:8d:78:6e:aa:1b:0c:
49:34:cc:f6:16:1e:57:d2:0b:7a:39:a3:a2:94:8e:d0:86:52:
f6:49:16:e4:75:2d:9c:9c:1f:2b:f8:b9:0d:e8:bf:2e:ad:5e:
02:59:b7:db:4b:42:8b:b8:37:a9:e0:a0:c6:d9:3a:71:94:c8:
11:d7:b8:ae:14:48:40:da:e3:2f:a8:85:a2:b2:51:9b:fe:6a:
21:c1:8d:44:c3:ba:7e:9c:f2:17:15:64:81:d6:c4:b3:48:c8:
77:90:73:59:05:dc:2a:07:e9:70:07:5f:f7:ac:08:7e:8f:e8:
7d:80:a0:19:1f:7a:15:6e:77:62:28:ba:2b:01:a4:c6:2f:65:
53:e5:c2:d1:99:a6:dd:28:e8:c0:1a:b9:04:8f:a5:dc:66:25:
c5:87:84:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWrl+YVlMmyQeNh4jrHLVZnEaFT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjEwMTJaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ODMyNGM4NjNlYTZkNDNmZDUxMWM1OTRmYTVmOWU4MmY4YjgwZDcwMzkz
NjlkNmEyZjUwN2IxMWMyYWM0ZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiDGGphe3OzRaGuYEnCWuEuGSP9avViirUKOUDFmUYBd/lMtI6PUVGTKTxa
EMmqaeoetnMAmUktGw1HY1PI3yUzj6xE4Gkk2dtXVEjYt9gCH7T7DYCeXES6iN29
RlnhmySrH28IiH1uJRqdaaqQUiWizYmC/6miHHh9POWWLRIAj6CERNvaFvoE9Gsq
oK9Y+yxoV657oF1bdZVX4CGcq71nhG3P7y3Bia+0mubPLEjIyDf0bwlAE12yiphk
Zc8/jG0OP76NFNqB/Js+aUuLpLEcE2LtIXvBxIdU02U7rKuYGzTFKVbcSX/HEkMd
dLswcYQZUfp8/PHZWAhl6JsX/QECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT2hQtZ
5fFfCByJR7/EHXmg33EnmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE0NzNmZTUtZjEyOS00OGQ5LThkMjMtNjNkNjJjZWM2NjNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
QDANBgkqhkiG9w0BAQsFAAOCAQEAd3nsPxscMjosuCjbmJhW4jxhjDxgbppNl/gR
ZaF8a+ThSbxn/JBqvjquQbCZ/zbsoGJFR5dMPfoeUeYtSTu+1P18LZ75Gd5jf1hY
IRCE0mF9jqL5CZPoy8W5hUmDrUg7mU9IEdTkjXhuqhsMSTTM9hYeV9ILejmjopSO
0IZS9kkW5HUtnJwfK/i5Dei/Lq1eAlm320tCi7g3qeCgxtk6cZTIEde4rhRIQNrj
L6iForJRm/5qIcGNRMO6fpzyFxVkgdbEs0jId5BzWQXcKgfpcAdf96wIfo/ofYCg
GR96FW53Yii6KwGkxi9lU+XC0Zmm3SjowBq5BI+l3GYlxYeElw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:57:14 2026 by rpki-client