Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
File: 91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa (raw, json)
Hash identifier: I3VgbHI2gD2U1eTHy+F5RkxTv9pnfs2Ao0Wto9wvlrA=
Subject key identifier: CF:FE:29:16:C6:D3:AD:C4:BD:B5:5E:CA:25:BC:E4:F2:00:DA:8E:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 152D9ADC2DF08E6310C8EE8933E80F2174F00B2C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
Signing time: Sat 28 Feb 2026 05:20:48 +0000
ROA not before: Sat 28 Feb 2026 05:20:48 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:2d:9a:dc:2d:f0:8e:63:10:c8:ee:89:33:e8:0f:21:74:f0:0b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:48 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b3db977e84e41e878b89cd52c98e3a36818b5ce75c40506deec54eec5cd447dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:37:34:86:38:ad:17:a4:f1:f6:95:00:7b:b1:
65:b9:27:a6:ab:e6:39:a0:53:66:3c:08:d5:50:27:
48:cd:9c:05:c9:5c:ea:fe:20:20:02:c8:af:9d:71:
72:f0:f8:4d:1a:0c:3f:d1:7f:1a:db:56:c2:2d:dd:
a0:11:63:e4:3c:d7:c3:77:fc:08:15:98:e6:73:dc:
4f:9a:6a:ba:7a:3b:79:d9:2f:02:2c:2a:04:aa:c2:
23:20:0d:b2:d8:d7:8a:83:2f:59:53:c9:c1:db:7d:
05:d3:8d:7d:33:f5:c1:6a:d8:fd:c9:96:0a:06:b6:
02:d7:96:c9:e2:32:45:b5:b3:ed:22:40:29:fe:fc:
26:7e:5b:6d:32:b0:23:c8:d5:f6:e8:ae:6c:52:3d:
1a:a7:9c:d2:5c:ad:da:70:44:d8:cb:ba:c1:f1:50:
c4:dd:a5:27:e3:63:b2:91:d3:ea:ff:31:54:10:7c:
c4:72:af:b2:83:9b:14:2c:79:6c:eb:ec:45:1c:b9:
16:6c:10:48:91:7e:71:67:99:e1:0f:20:01:bd:70:
9b:76:ab:7f:52:33:19:e0:04:18:f6:3c:7a:9a:2f:
af:4e:b6:93:1e:6b:5b:f1:4f:50:17:cb:4c:78:91:
18:2d:03:87:2c:ac:4f:85:49:98:24:7d:24:c3:67:
cc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FE:29:16:C6:D3:AD:C4:BD:B5:5E:CA:25:BC:E4:F2:00:DA:8E:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8080::/48
Signature Algorithm: sha256WithRSAEncryption
ae:1d:0a:02:1f:e6:4e:d1:66:94:8f:68:88:8a:6d:46:cc:b4:
ed:7a:9a:de:21:42:5d:7f:65:28:99:70:9f:5f:4a:fd:b0:00:
5a:12:6c:7f:a5:22:fe:28:04:fd:52:f3:fa:68:34:0c:07:da:
16:e7:2b:d4:95:f6:47:d0:0f:66:b5:f3:7e:f6:18:c7:dd:a6:
16:68:59:c5:ed:fc:87:aa:05:15:b0:04:84:84:b4:84:e7:41:
fd:c0:0d:2e:5e:77:8c:2e:47:85:83:a4:dc:eb:b2:f8:ef:cb:
37:9f:87:aa:d1:e3:a6:19:1b:8b:4f:87:e3:63:85:06:c6:5a:
46:e4:56:2f:e2:9c:ae:9f:0d:4d:5b:f3:42:05:f3:3b:31:2e:
72:b2:47:35:ac:cc:03:17:e2:1b:15:76:c8:45:db:b0:24:32:
6c:c1:73:72:da:a7:68:24:72:22:c3:76:c2:f1:a4:c9:aa:0f:
0e:26:90:f2:2f:7c:93:6f:ef:80:13:4c:0f:d8:79:54:59:47:
90:4d:48:aa:94:ae:ac:7b:a6:45:69:21:b0:c5:a3:24:6e:6c:
1f:29:95:91:b6:5f:56:4a:15:40:40:65:51:eb:e6:27:c7:b3:
ff:48:ce:52:ff:4c:50:b6:2d:75:52:bc:16:79:33:ac:dc:73:
ce:e2:d2:8d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFS2a3C3wjmMQyO6JM+gPIXTwCywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzZGI5NzdlODRlNDFlODc4Yjg5Y2Q1MmM5OGUzYTM2ODE4YjVjZTc1YzQw
NTA2ZGVlYzU0ZWVjNWNkNDQ3ZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOA3NIY4rRek8faVAHuxZbknpqvmOaBTZjwI1VAnSM2cBclc6v4gIALIr51x
cvD4TRoMP9F/GttWwi3doBFj5DzXw3f8CBWY5nPcT5pquno7edkvAiwqBKrCIyAN
stjXioMvWVPJwdt9BdONfTP1wWrY/cmWCga2AteWyeIyRbWz7SJAKf78Jn5bbTKw
I8jV9uiubFI9Gqec0lyt2nBE2Mu6wfFQxN2lJ+NjspHT6v8xVBB8xHKvsoObFCx5
bOvsRRy5FmwQSJF+cWeZ4Q8gAb1wm3arf1IzGeAEGPY8epovr062kx5rW/FPUBfL
THiRGC0DhyysT4VJmCR9JMNnzKkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTP/ikW
xtOtxL21XsolvOTyANqOADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTFlZTM2NTUtZGNiNC00MWM2LWI0YTQtMjcwY2E1Y2FjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
gDANBgkqhkiG9w0BAQsFAAOCAQEArh0KAh/mTtFmlI9oiIptRsy07Xqa3iFCXX9l
KJlwn19K/bAAWhJsf6Ui/igE/VLz+mg0DAfaFucr1JX2R9APZrXzfvYYx92mFmhZ
xe38h6oFFbAEhIS0hOdB/cANLl53jC5HhYOk3Ouy+O/LN5+HqtHjphkbi0+H42OF
BsZaRuRWL+Kcrp8NTVvzQgXzOzEucrJHNazMAxfiGxV2yEXbsCQybMFzctqnaCRy
IsN2wvGkyaoPDiaQ8i98k2/vgBNMD9h5VFlHkE1IqpSurHumRWkhsMWjJG5sHymV
kbZfVkoVQEBlUevmJ8ez/0jOUv9MULYtdVK8FnkzrNxzzuLSjQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:44 2026 by rpki-client